Which solution will meet these requirements?

By:
On:
In: SAP-C01
Tagged:
With: 0 Comments
A company recently completed a large-scale migration to AWS.Development teams that support various business units have their own accounts in AWSOrganizations.A central cloud team is responsible for controlling which services and resources can be accessed, and for creating operational strategies for all teams within the company.Some teams are approaching their account service quotas.The cloud team needs to create an automated and operationally efficient solution to proactively monitor service quotas.Monitoring should occur every 15 minutes and send alerts when a team exceeds 80% utilization.

Which solution will meet these requirements?

Create a scheduled AWS Config rule to trigger an AWS Lambda function to call the GetServiceQuota API. If any service utilization is above 80%, publish a message to an Amazon Simple Notification Service (Amazon SNS) topic to alert the cloud team. Create an AWS CloudFormation template and deploy the necessary resources to each account.

Create an Amazon EventBridge (Amazon CloudWatch Events) rule that triggers an AWS Lambda function to refresh the AWS Trusted Advisor service limits checks and retrieve the most current utilization and service limit data. If the current utilization is above 80%, publish a message to an Amazon Simple Notification Service (Amazon SNS) topic to alert the cloud team. Create AWS CloudFormation StackSets that deploy the necessary resources to all Organizations accounts.

Create an Amazon CloudWatch alarm that triggers an AWS Lambda function to call the Amazon CloudWatch GetInsightRuleReport API to retrieve the most current utilization and service limit data. If the current utilization is above 80%, publish an Amazon Simple Email Service (Amazon SES) notification to alert the cloud team. Create AWS CloudFormation StackSets that deploy the necessary resources to all Organizations accounts.

Create an Amazon EventBridge (Amazon CloudWatch Events) rule that triggers an AWS Lambda function to refresh the AWS Trusted Advisor service limits checks and retrieve the most current utilization and service limit data. If the current utilization is above 80%, use Amazon Pinpoint to send an alert to the cloud team. Create an AWS CloudFormation template and deploy the necessary resources to each account.

Explanations:

AWS Config rules are not designed for scheduled triggers and cannot directly monitor service quotas. AWS Lambda would not effectively handle monitoring every 15 minutes with this method.

This option utilizes EventBridge for scheduling, triggers a Lambda function to refresh Trusted Advisor limits, and effectively monitors utilization. It also uses StackSets for deployment across multiple accounts, aligning with operational efficiency.

CloudWatch alarms are not suited for directly monitoring service limits as they focus on metrics rather than service quotas. The GetInsightRuleReport API is not relevant for this use case.

While it uses EventBridge and Trusted Advisor, the use of Amazon Pinpoint for alerts is less suitable compared to SNS, which is better for straightforward notifications, particularly in a monitoring context.

Leave a Reply

Your email address will not be published. Required fields are marked *

three + 14 =