Close

Deploy AWS CloudWatch alarms with GitLab

Warren Marusiak headshot
Warren Marusiak

Senior Technical Evangelist

To demonstrate how to develop, deploy, and manage applications using Jira Software and various connected tools, our team created ImageLabeller, a simple demo application built on AWS that uses machine learning to apply labels to images.

This page covers how to monitor ImageLabeller with Opsgenie. Before you begin, we recommend reading the ImageLabeller architecture and Deploy ImageLabeller with GitLab pages for context.

Add an alarms repository for Opsgenie integration

Go to Jira and create a new Jira issue for adding AWS CloudWatch alarms repository to GitLab. In this example the Jira issue ID is IM-6.

IM board screenshot

Go to GitLab and create a new project. Update the Project URL to use the group you linked to Jira. Click Create project.

create project in gitlab screenshot

In your terminal go to your CloudWatchAlarms repository, and run the following to push your AWS CloudFormation template.yml file to GitLab.

git add --all
git commit -m "IM-6 add CloudWatchAlarms repository to gitlab"
git remote add origin git@gitlab.com:pmmquickstartguides/cloudwatchalarms.git
git branch -m mainline
git push -u origin mainline

Alarms template.yml

Description: 'A description'

Resources:
  OpsGenieSNS:
    Type: AWS::SNS::Topic
    Properties: 
      DisplayName: 'Opsgenie'
      Subscription:
        - Endpoint: 'https://api.opsgenie.com/v1/json/cloudwatch?apiKey=a4449509-6998-4d55-841d-2e6b363520c7'
          Protocol: 'HTTPS'
      TopicName: 'Opsgenie'

  SubmitImageLambdaAlarm:
    Type: AWS::CloudWatch::Alarm
    Properties: 
      AlarmActions:
        - !Ref 'OpsGenieSNS'
      AlarmDescription: 'SubmitImage Too Many Invocations'
      ComparisonOperator: 'GreaterThanThreshold'
      Dimensions:
        - Name: FunctionName
          Value: !ImportValue 'SubmitImageFunctionName'
      EvaluationPeriods: 1
      MetricName: 'Invocations'
      Namespace: 'AWS/Lambda'
      Period: 60
      Statistic: 'Sum'
      Threshold: 10

Set the SNS topic subscription endpoint to the endpoint URL you copied from Opsgenie. The SubmitImageLambdaAlarm monitors a single metric emitted by the submitImage AWS Lambda. If there are more than 10 invocations, a minute the alarm is raised.

.gitlab-ci.yml for deploying to AWS

Go to your CloudWatchAlarms repository in your terminal, create a branch named after your Jira issue ID.

git checkout -b IM-6

Create .gitlab-ci.yml file with the following yaml. This defines a deployment workflow for your Test, Staging, and Production environments.

stages:
  - merge-request
  - test-us-west-1
  - test-us-east-2
  - production-us-west-2
  - production-us-east-1
  - production-ca-central-1

merge-request-pipeline-job:
  stage: merge-request
  rules:
    - if: $CI_PIPELINE_SOURCE == "merge_request_event"
  script:
    - echo "This pipeline always succeeds and enables merge."
    - echo true

deploy-test-us-west-1:
  stage: test-us-west-1
  environment: test-us-west-1
  rules:
    - if: $CI_COMMIT_BRANCH != $CI_DEFAULT_BRANCH && $CI_PIPELINE_SOURCE != "merge_request_event"
  image: registry.gitlab.com/gitlab-org/cloud-deploy/aws-base:latest
  script:
    - export AWS_ACCESS_KEY_ID=$AWS_ACCESS_KEY_ID
    - export AWS_SECRET_ACCESS_KEY=$AWS_SECRET_ACCESS_KEY
    - aws cloudformation deploy --region us-west-1 --template-file template.yml --stack-name OpenDevOpsAlarms

deploy-test-us-east-2:
  stage: test-us-east-2
  environment: test-us-east-2
  rules:
    - if: $CI_COMMIT_BRANCH != $CI_DEFAULT_BRANCH && $CI_PIPELINE_SOURCE != "merge_request_event"
  image: registry.gitlab.com/gitlab-org/cloud-deploy/aws-base:latest
  script:
    - export AWS_ACCESS_KEY_ID=$AWS_ACCESS_KEY_ID
    - export AWS_SECRET_ACCESS_KEY=$AWS_SECRET_ACCESS_KEY
    - aws cloudformation deploy --region us-east-2 --template-file template.yml --stack-name OpenDevOpsAlarms

deploy-production-us-west-2:
  stage: production-us-west-2
  environment: production-us-west-2
  rules:
    - if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH && $CI_PIPELINE_SOURCE != "merge_request_event"
  image: registry.gitlab.com/gitlab-org/cloud-deploy/aws-base:latest
  script:
    - export AWS_ACCESS_KEY_ID=$AWS_ACCESS_KEY_ID
    - export AWS_SECRET_ACCESS_KEY=$AWS_SECRET_ACCESS_KEY
    - aws cloudformation deploy --region us-west-2 --template-file template.yml --stack-name OpenDevOpsAlarms

deploy-production-us-east-1:
  stage: production-us-east-1
  environment: production-us-east-1
  rules:
    - if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH && $CI_PIPELINE_SOURCE != "merge_request_event"
  image: registry.gitlab.com/gitlab-org/cloud-deploy/aws-base:latest
  script:
    - export AWS_ACCESS_KEY_ID=$AWS_ACCESS_KEY_ID
    - export AWS_SECRET_ACCESS_KEY=$AWS_SECRET_ACCESS_KEY
    - aws cloudformation deploy --region us-east-1 --template-file template.yml --stack-name OpenDevOpsAlarms

deploy-production-ca-central-1:
  stage: production-ca-central-1
  environment: production-ca-central-1
  rules:
    - if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH && $CI_PIPELINE_SOURCE != "merge_request_event"
  image: registry.gitlab.com/gitlab-org/cloud-deploy/aws-base:latest
  script:
    - export AWS_ACCESS_KEY_ID=$AWS_ACCESS_KEY_ID
    - export AWS_SECRET_ACCESS_KEY=$AWS_SECRET_ACCESS_KEY
    - aws cloudformation deploy --region us-east-2 --template-file template.yml --stack-name OpenDevOpsAlarms

Pushing to a feature branch

Run the following from the command line to push your changes to the IM-6 branch of your CloudWatchAlarms repository. Include the Jira issue ID in commit messages, and branch names to enable the Jira GitLab integration to keep track of what is happening in your project.

git add --all
git commit -m "IM-6 .gitlab-ci.yml to CloudWatchAlarms repo"
git push -u origin IM-6

Click CI/CD, then Pipelines to see the pipeline run.

Create a merge request

Create a merge request to deploy to your production environments after GitLab deploys to your test environments.

create merge requests screenshots

Merge the changes to mainline after the merge request pipeline completes. Click CI/CD, then Pipelines to see the running production pipeline.

merge pipelines screenshot

Testing the Alarm

Generate an alert by triggering the AWS CloudWatch alarm you just set up, or by clicking Create alert.

alarm test screenshot

Check Slack to see that the notification appeared.

slack notification screenshot

Bravo! You did it. ImageLabeller is now up and running.

Warren Marusiak
Warren Marusiak

Warren is a Canadian developer from Vancouver, BC with over 10 years of experience. He came to Atlassian from AWS in January of 2021.


Share this article

Recommended reading

Bookmark these resources to learn about types of DevOps teams, or for ongoing updates about DevOps at Atlassian.

Devops illustration

DevOps community

Devops illustration

DevOps learning path

Map illustration

Get started for free

Sign up for our DevOps newsletter

Thank you for signing up