cia-dist-cloudformation/src/main/resources/ResilienceHub.md
The following was generated to be added to your application.
## app_common recommendations:
### Alarms:
- AWSResilienceHub-SyntheticCanaryXRegionAlarm_2021-04-01
- Description: A fallback monitor setup in an independent region to provide alerts in case of a whole region failure.
- Prerequisite: Make sure CloudWatch Synthetics is setup to monitor the application (see the <a href="https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch_Synthetics_Canaries.html" target="_blank">docs</a>).
Make sure that the Synthetics Name passed in the alarm dimension matches the name of the Synthetic Canary. It Defaults to the name of the application.
- Relevant Resource Ids: eu-west-2
- AWSResilienceHub-SyntheticCanaryInRegionAlarm_2021-04-01
- Description: A monitor for the entire application, configured to constantly verify that the application API/endpoints are available
- Prerequisite: Make sure CloudWatch Synthetics is setup to monitor the application (see the <a href="https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch_Synthetics_Canaries.html" target="_blank">docs</a>).
Make sure that the Synthetics Name passed in the alarm dimension matches the name of the Synthetic Canary. It Defaults to the name of the application.
- Relevant Resource Ids: eu-west-1
---
## compute recommendations:
### Alarms:
- AWSResilienceHub-AsgAbnormalRequestPerTargetAlarm_2020-07-13
- Description: Reports when target group request count is anomalous
- Relevant Resource Ids: CIA-Https
- AWSResilienceHub-AsgHighCpuUtilizationAlarm_2020-07-13
- Description: Reports when autoscale group used CPU is high
- Relevant Resource Ids: riksdagsmonitor-WebServerFleet-1IX1MMPQZF3AY
- AWSResilienceHub-AsgConcurrentUnhealthyHostsAlarm_2020-07-13
- Description: Alerts when Auto Scaling group has multiple unhealthy hosts concurrently
- Relevant Resource Ids: riksdagsmonitor-WebServerFleet-1IX1MMPQZF3AY
- AWSResilienceHub-AsgManyDyingHostsAlarm_2020-07-13
- Description: Alerts when Auto Scaling group hosts keep dying and require replacing
- Relevant Resource Ids: riksdagsmonitor-WebServerFleet-1IX1MMPQZF3AY
- AWSResilienceHub-AsgMemoryUtilizationAlarm_2021-04-05
- Description: Reports when memory utilization is high
- Prerequisite: Make sure the CloudWatch Agent is installed on the instance (see the <a href="https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/Install-CloudWatch-Agent.html" target="_blank">docs</a>).
Make sure to include the metric `mem_used_percent` and aggregate per instance
(minimial configuration) :
```
{
"metrics":
{
"metrics_collected": {
"mem": {
"measurement": ["mem_used_percent"]
}
},
"append_dimensions": {
"AutoScalingGroupName": "${!aws:AutoScalingGroupName}"
},
"aggregation_dimensions": [
["AutoScalingGroupName"]
]
}
}
```
- Relevant Resource Ids: riksdagsmonitor-WebServerFleet-1IX1MMPQZF3AY
---
## load-balancer recommendations:
### Alarms:
- AWSResilienceHub-ApplicationLoadBalancerHealthyHostCountAlarm_2020-04-01
- Description: Alerts when the healthy host count is less than or equal to the specified threshold
- Relevant Resource Ids: CIA-Https
- AWSResilienceHub-ApplicationLoadBalancerElbHttp4xxCountAlarm_2020-04-01
- Description: Alerts when the number of HTTP 4XX server error codes, which originate from the Application Load Balancer, is greater than or equal to the specified threshold
- Relevant Resource Ids: arn:aws:elasticloadbalancing:eu-west-1:172017021075:loadbalancer/app/riksd-Publi-1QBM634ZKP4I6/037a689905d306a5
- AWSResilienceHub-ApplicationLoadBalancerRejectedConnectionsCountAlarm_2020-04-01
- Description: Alerts when the number of the connections, which were rejected because the Application Load Balancer had reached its maximum number of connections, is greater than or equal to the specified threshold
- Relevant Resource Ids: arn:aws:elasticloadbalancing:eu-west-1:172017021075:loadbalancer/app/riksd-Publi-1QBM634ZKP4I6/037a689905d306a5
- AWSResilienceHub-ApplicationLoadBalancerUnHealthyHostCountAlarm_2020-04-01
- Description: Alerts when the unhealthy host count is greater than or equal to the specified threshold
- Relevant Resource Ids: CIA-Https
- AWSResilienceHub-ApplicationLoadBalancerElbHttp5xxCountAlarm_2020-04-01
- Description: Alerts when the number of HTTP 5XX server error codes, which originate from the Application Load Balancer, is greater than or equal to the specified threshold
- Relevant Resource Ids: arn:aws:elasticloadbalancing:eu-west-1:172017021075:loadbalancer/app/riksd-Publi-1QBM634ZKP4I6/037a689905d306a5
- AWSResilienceHub-ApplicationLoadBalancerTargetHttp5xxCountAlarm_2020-04-01
- Description: Alerts when the number of HTTP 5XX target error codes, which were generated by the targets, is greater than or equal to the specified threshold
- Relevant Resource Ids: arn:aws:elasticloadbalancing:eu-west-1:172017021075:loadbalancer/app/riksd-Publi-1QBM634ZKP4I6/037a689905d306a5
---
## nat-gw recommendations:
### Alarms:
- AWSResilienceHub-NatGwPacketsDropsAlarm_2020-04-01
- Description: A value greater than zero may indicate an ongoing transient issue with the NAT Gateway
- Relevant Resource Ids: nat-01db331a7ecc7e5c9, nat-0098cad18e5478625, nat-0e702390b902be1da
- AWSResilienceHub-NatGwSuccessfulConnectionPercentageAlarm_2020-04-01
- Description: Alarm by AWS ResilienceHub that is triggered when ConnectionEstablishedCount is less than 50% of ConnectionAttemptCount, this indicates that clients behind the NAT gateway attempted to establish new connections for which there was no response
- Relevant Resource Ids: nat-01db331a7ecc7e5c9, nat-0098cad18e5478625, nat-0e702390b902be1da
- AWSResilienceHub-NatGwPortAllocationErrorsAlarm_2020-04-01
- Description: Alarm by AWS ResilienceHub that is triggered when too many concurrent connections are open through the NAT gateway
- Relevant Resource Ids: nat-01db331a7ecc7e5c9, nat-0e702390b902be1da, nat-0098cad18e5478625
---
## rds recommendations:
### Alarms:
- AWSResilienceHub-RDSInstanceLowStorageAlarm_2020-04-01
- Description: Reports when database free storage is low
- Relevant Resource Ids: rotation-instance
- AWSResilienceHub-RDSInstanceConnectionSpikeAlarm_2020-04-01
- Description: Reports when database connection count is anomalous
- Relevant Resource Ids: rotation-instance
- AWSResilienceHub-RDSInstanceLowMemoryAlarm_2020-04-01
- Description: Reports when database free memory is low
- Relevant Resource Ids: rotation-instance
- AWSResilienceHub-RDSInstanceOverUtilizedCpuAlarm_2020-04-01
- Description: Reports when database used CPU is high
- Relevant Resource Ids: rotation-instance
---
## s3 recommendations:
### Alarms:
- AWSResilienceHub-S34xxErrorsAlarm_2020-04-01
- Description: Reports when the number of 4xxErrors is high
- Prerequisite: Make sure the MetricsConfiguration attribute is set with the Id for the bucket (see the <a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket.html#cfn-s3-bucket-metricsconfigurations" target="_blank">docs</a>).
Id must be in the format ${S3BucketName}-metrics, where ${S3BucketName} is the value of the target bucket.
Example:
```
TargetS3Bucket:
Type: AWS::S3::Bucket
Properties:
...
MetricsConfigurations:
-
Id: "${S3BucketName}-metrics"
```
- Relevant Resource Ids: riksdagsmonitor-artifactbucket-2weuaw1rh2ad
- AWSResilienceHub-S34xxErrorsAlarm_2020-04-01
- Description: Reports when the number of 4xxErrors is high
- Prerequisite: Make sure the MetricsConfiguration attribute is set with the Id for the bucket (see the <a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket.html#cfn-s3-bucket-metricsconfigurations" target="_blank">docs</a>).
Id must be in the format ${S3BucketName}-metrics, where ${S3BucketName} is the value of the target bucket.
Example:
```
TargetS3Bucket:
Type: AWS::S3::Bucket
Properties:
...
MetricsConfigurations:
-
Id: "${S3BucketName}-metrics"
```
- Relevant Resource Ids: riksdagsmonitor-logsbucket-1mcp1y1l1wbi6
- AWSResilienceHub-S35xxErrorsAlarm_2020-04-01
- Description: Reports when a number of 5xxErrors is high
- Prerequisite: Make sure the MetricsConfiguration attribute is set with the Id for the bucket (see the <a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket.html#cfn-s3-bucket-metricsconfigurations" target="_blank">docs</a>).
Example :
```
TargetS3Bucket:
Type: AWS::S3::Bucket
Properties:
...
MetricsConfigurations:
-
Id: "${S3BucketName}-metrics"
```
where ${S3BucketName} is the value of the target bucket.
- Relevant Resource Ids: riksdagsmonitor-artifactbucket-2weuaw1rh2ad
- AWSResilienceHub-S3TotalRequestLatencyAlarm_2020-04-01
- Description: Reports when a number of TotalRequestLatency is is high
- Prerequisite: Make sure the MetricsConfiguration attribute is set with the Id for the bucket (see <a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket.html#cfn-s3-bucket-metricsconfigurations" target="_blank">docs</a>).
Example :
```
TargetS3Bucket:
Type: AWS::S3::Bucket
Properties:
...
MetricsConfigurations:
-
Id: "${S3BucketName}-metrics"
```
where ${S3BucketName} is the value of the target bucket.
- Relevant Resource Ids: riksdagsmonitor-artifactbucket-2weuaw1rh2ad
- AWSResilienceHub-S35xxErrorsAlarm_2020-04-01
- Description: Reports when a number of 5xxErrors is high
- Prerequisite: Make sure the MetricsConfiguration attribute is set with the Id for the bucket (see the <a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket.html#cfn-s3-bucket-metricsconfigurations" target="_blank">docs</a>).
Example :
```
TargetS3Bucket:
Type: AWS::S3::Bucket
Properties:
...
MetricsConfigurations:
-
Id: "${S3BucketName}-metrics"
```
where ${S3BucketName} is the value of the target bucket.
- Relevant Resource Ids: riksdagsmonitor-logsbucket-1mcp1y1l1wbi6
- AWSResilienceHub-S3TotalRequestLatencyAlarm_2020-04-01
- Description: Reports when a number of TotalRequestLatency is is high
- Prerequisite: Make sure the MetricsConfiguration attribute is set with the Id for the bucket (see <a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket.html#cfn-s3-bucket-metricsconfigurations" target="_blank">docs</a>).
Example :
```
TargetS3Bucket:
Type: AWS::S3::Bucket
Properties:
...
MetricsConfigurations:
-
Id: "${S3BucketName}-metrics"
```
where ${S3BucketName} is the value of the target bucket.
- Relevant Resource Ids: riksdagsmonitor-logsbucket-1mcp1y1l1wbi6
The following was generated to be added to your application.
## compute recommendations:
### Sops:
- AWSResilienceHub-ScaleUpAsgSOP_2020-07-01
- Description: SOP by AWS ResilienceHub. Scale-up ASG by modifying ASG to use larger instances.
- Relevant Resource Ids: riksdagsmonitor-WebServerFleet-1IX1MMPQZF3AY
- AWSResilienceHub-ScaleOutAsgSOP_2020-07-01
- Description: SOP by AWS ResilienceHub. Manually force an ASG to scale out, increase the number of instances.
- Relevant Resource Ids: riksdagsmonitor-WebServerFleet-1IX1MMPQZF3AY
---
## rds recommendations:
### Sops:
- AWSResilienceHub-RestoreFromRdsBackupSOP_2020-04-01
- Description: SOP by AWS ResilienceHub to restore an RDS DB from backup
- Relevant Resource Ids: rotation-instance
---
## s3 recommendations:
### Sops:
- AWSResilienceHub-RestoreS3ObjectToPreviousVersionSOP_2020-09-21
- Description: Used to restore an S3 object into previous version
- Relevant Resource Ids: riksdagsmonitor-artifactbucket-2weuaw1rh2ad
- AWSResilienceHub-RestoreS3ObjectToPreviousVersionSOP_2020-09-21
- Description: Used to restore an S3 object into previous version
- Relevant Resource Ids: riksdagsmonitor-logsbucket-1mcp1y1l1wbi6