• PagerDuty
    /
  • Blog
    /
  • Integrations
    /
  • PagerDuty Launches New AWS Integrations for CloudWatch, GuardDuty, CloudTrail, and Personal Health Dashboard

Blog

PagerDuty Launches New AWS Integrations for CloudWatch, GuardDuty, CloudTrail, and Personal Health Dashboard

by Andrew Marshall November 26, 2018 | 8 min read

As you may expect from a company founded by former Amazon employees, PagerDuty has been helping AWS users automatically turn any signal into the right insight and action for years. Our Amazon CloudWatch integration enables teams to proactively mitigate customer-impacting issues, which in turn allows organizations to innovate and scale both their AWS and hybrid environments with confidence.

Earlier this year, we announced that PagerDuty subscriptions are now available for AWS customers through the AWS Marketplace and Enterprise Contracts for AWS Marketplace. This week at AWS re:Invent in Las Vegas, we’re excited to share that PagerDuty is launching brand-new AWS integrations for CloudWatch Events, GuardDuty, CloudTrail, and Personal Health Dashboard.

Amazon CloudWatch (Events and Alarms): The Gateway to AWS Services

AWS users count on Amazon CloudWatch to provide the performance data they can use to monitor the status of the AWS services they have deployed as part of their overall AWS ecosystem. Leveraging public cloud resources doesn’t mean users can ignore the status and performance of the servers that underpin them; in fact, keeping tabs on the various tools used becomes increasingly important as companies migrate critical apps to AWS.

PagerDuty’s integration with CloudWatch Alarms, which our shared customers have used for some time, has allowed users to monitor resource utilization (such as memory optimization) by setting up custom high-resolution alarm thresholds. When these alarms are triggered, any resolution automation you need can be kicked off via PagerDuty. It’s an extremely powerful combination—and there’s no surprise why it’s one of the, if not the most, popular integrations PagerDuty offers.

While a very useful tool, a CloudWatch alarm only watches a single metric over a specified time period and performs one or more specified actions, based on the value of the metric relative to a threshold over time. In other words, an alarm takes place once, at a specific point in time. This week at AWS re:Invent, we’re excited to launch CloudWatch Events, a new AWS integration that complements our Amazon CloudWatch Alarms integration.

CloudWatch Events is a stream of system events describing changes in AWS resources, which augment the metrics CloudWatch collects. You can think of an “event” as any change to your AWS environment, along with the services that underpin it.

For modern ITOps and DevOps teams, keeping tabs on changes is critical to maintaining the continuity and performance of your ecosystem. For example, teams need to know if an EC2 instance changes state from “pending” to “running.” They also need to know how much “scale” is actually taking place with “autoscale.” Additionally, AWS CloudTrail, in conjunction with Amazon CloudWatch, enables you keep tabs on things like API calls.

Elasticity and the ability to rapidly scale are key value propositions for public cloud providers like AWS, Google Cloud, and Microsoft Azure. As a “pay for what you use” service, keeping tabs on your AWS bill is pretty important to most teams as well. With the CloudWatch integration, PagerDuty can alert you if your AWS bill passes a certain threshold, helping teams avoid costly unplanned scaling.

By adding the CloudWatch Events integration on top of CloudWatch Alarms, PagerDuty enables teams to automate their digital operations based on a much more robust set of AWS data. It also allows PagerDuty customers to leverage data from many more AWS services, including:

  • Amazon EC2 instances
  • AWS Lambda functions
  • Streams in Amazon Kinesis Data Streams
  • Delivery streams in Amazon Kinesis Data Firehose
  • Amazon ECS tasks
  • Systems Manager Run Command
  • Systems Manager Automation
  • AWS Batch jobs
  • Step Functions state machines
  • Pipelines in AWS CodePipeline
  • AWS CodeBuild projects
  • Amazon Inspector Assessment Templates
  • Amazon SNS topics
  • Amazon SQS queues

Whether your company uses on-prem servers, AWS, Azure, Google Cloud, or any combination of a hybrid infrastructure, PagerDuty is able to collect critical signals from your infrastructure and use them to power real-time operations.

Amazon GuardDuty

These days, it’s pretty common to hear the phrase “security is everyone’s responsibility,” which aligns nicely with AWS’ “shared responsibility” model. Security is everybody’s job—and PagerDuty’s integration with Amazon GuardDuty helps bring security ownership to developers by automating response workflows, as well as reducing the friction of escalating to a security expert. Amazon GuardDuty allows users to continuously monitor for any malicious or unauthorized behavior that could potentially impact an organization’s AWS ecosystem and the apps built on it. For example, while an unexpected API call or potentially compromised instance might be nothing to worry about, it’s better to collect that information so a deeper analysis can take place.

That’s where PagerDuty and DevSecOps come in. Collecting machine-oriented outputs in CloudWatch is only the first step—you still need a workflow to determine the nature of a threat, its overall impact, and the correct action to take. When a threat is detected by Amazon GuardDuty, PagerDuty automatically notifies the right people about a critical security issue, based on your rules for response. Additionally, your team can cut through the noise by using PagerDuty Event Intelligence to group threats with other issues, giving you the right context to address an issue rather than getting buried in similar alerts. All of this can be done with seamless integration with your various systems of record (e.g., Jira, ServiceNow, Remedy, or Cherwell.).

Amazon Personal Health Dashboard

AWS has a lot of services. And they’ll probably launch a few more this week at re:Invent. While these new services provide AWS users with greater flexibility and power to build and support new software, it can make keeping tabs on the current state of the AWS services, regions, and zones that your organization cares about much easier. Here’s a scroll through of the AWS Service Health Dashboard for just North America.

AWS understands this issue, which is where the AWS Personal Health Dashboard comes in. The overall Service Health Dashboard provides you with a view into the general status of AWS services, but the Personal Health Dashboard provides a personalized view into the performance and availability of the AWS services your team uses everyday. These alerts on the services you actually care about are helpful—but you still need to do something with that knowledge.

The new PagerDuty AWS Personal Health Dashboard integration lets you ingest this data and then automate how, when, and with whom you need to take steps to resolve any issues. Teams can then augment support plays and tickets with the precise AWS service causing the issue, giving everyone in the organization the information they need to address AWS service disruptions quickly.

If you’re attending re:Invent and want to learn more about Personal Health Dashboard and the PagerDuty integration, check out the following sessions presented by AWS:

Session: Optimize Performance and Reduce Risk Using AWS Support Tools (ENT316-R)
Date and Time: Monday, November 26 at 4 p.m.
Location: Bellagio, Level 1, Grand Ballroom 6

Session: Optimize Performance and Reduce Risk Using AWS Support Tools (ENT316-R1)
Date and Time: Tuesday, November 27 at 11:30 a.m.:
Location: Mirage, Mirage Event Center C3

Amazon CloudTrail

Another shared responsibility between AWS and the end user is compliance, governance, and operational auditing. Just because the servers aren’t in your data center doesn’t mean you can wash your hands of those workstreams. AWS CloudTrail helps users enable the governance, compliance, operational auditing, and risk auditing of their AWS ecosystem.

By enabling teams to save logs of the various events that take place in their AWS ecosystems, Amazon provides a powerful tool to manage compliance, including the actions taken through AWS Management Console, AWS SDKs, command line tools, and other AWS services. As you can imagine, based on the above text, that’s only half the battle.

Through PagerDuty’s new AWS CloudTrail integration, teams can collect the entire AWS event history to use for DevSecOps plays, automating actions as needed and seamlessly integrating with systems of record like Jira and SNOW. PagerDuty enables correlation and grouping alongside other ongoing issues, giving DevOps and DevSecOps teams the context they need to cut through operational noise. Teams can, for example, identify when a potential data exfiltration is taking place in Amazon S3 or be alerted instantly when a security group rule is changed in Amazon Virtual Private Cloud. In both examples, PagerDuty can be used to automate the correct response in real time.

Come Talk to Us at re:Invent

As an Advanced Partner in the AWS Partner Network with the DevOps Competency, PagerDuty is pleased to join AWS at re:Invent to share these exciting new integrations with our shared customers. If you’re in Las Vegas this week, come see us at Booth 1023. Not going to re:Invent? PagerDuty offers a free 14-day trial and can be procured through the AWS Marketplace. Also, you can read more about these integrations for AWS here.

Get started with these AWS integrations:

https://support.pagerduty.com/docs/aws-cloudwatch-integration-guide
https://support.pagerduty.com/docs/aws-guardduty-integration-guide
https://support.pagerduty.com/docs/aws-cloudtrail-integration-guide
https://support.pagerduty.com/docs/aws-personal-health-dashboard