Why CloudWatch Alarms Are Not Triggering Your SNS Topics?
Recently I set up a cloudwatch alarm to receive notifications via mail and on a slack channel. But even after 3 days there were no alarms triggered.
This could mean one of the following things
- Either the application is performing exceptionally great — because the alarm was supposed to be triggered at least once daily
- Something was wrong with the alarm
To confirm which of the above are true, I went see the cloudwatch alarm. The alarm clearly showed that it had been triggered once daily, but I’ve not received any alerts for it.
It also gave a glimpse of the error, which was, in my case very helpful. That was basically a permissions issue for the SNS topic.
My cloudwatch alarm was not authorized to publish notifications to that topic. Seems trivial, right?
Yes, it was just this thing.
To fix it, I edited the alarm and added the following to the access policy
{
"Sid": "Allow_Publish_Alarms",
"Effect": "Allow",
"Principal":
{
"Service": [
"cloudwatch.amazonaws.com"
]
},
"Action": "sns:Publish",
"Resource": "arn:aws:sns:<region>:<account-id>:<topic-name>"
}That was it. It solved the problem and I started receiving the alerts.
