Amazon Web Services

The Message Bus Probe can be configured to obtain events from Amazon Web Services. The integration requires the following items to be installed on the probe's server:
The following configuration files are supplied with the probe for the integration:
  • aws_NHttp_MsgBusProbe.pl
  • aws_create_MsgBusTools.sql
  • aws_remove_MsgBusTools.sql
  • awsWebhookTransport.properties
  • message_bus_aws.props
  • message_bus_aws.rules
  • message_bus_aws.json
Note: On UNIX, make aws_NHttp_MsgBusProbe.pl an executable file using the command chmod +x <filename>.
To enable the Message Bus Probe to receive notifications from AWS using the Webhook transport, use the following steps:
  1. Update the following property in the awsWebhookTransport.properties file:
    webhookURI=/probe/aws
    Note: The value set for webhookURI must be consistent with the message endpoint configured on AWS.
  2. Set the following properties in the message_bus_aws.props file:
    
    .
    .
    .
    Server                           : '<YOUR_OBJECT_SERVER>'
    JsonParserName                   : 'AWS'
    TransformerFile                   : '${OMNIHOME}/probes/<platform>/message_bus_aws.json'
    RulesFile                         : '$OMNIHOME/probes/<platform>/message_bus_aws.rules'
    
    Host                             : '<probe_server_IP>'
    Port                             : <probe_server_port>
    TransportFile                    : '${OMNIHOME}/java/conf/awsWebhookTransport.properties'
    TransportType                    : 'Webhook'
    
    EnableSSL                        : 'true'
    KeyStore                         : '<PATH_TO_YOUR_KEYSTORE_FILE>.jks'
    KeyStorePassword                 : '<YOUR_KEYSTORE_PASSWORD>'
    
    NHttpd.EnableHTTP               : TRUE
    NHttpd.ExpireTimeout            : 30
    NHttpd.ListeningPort            : 8899   
                               # <this is an example; other available ports can be used>
    .
    .
    .
  3. Create MessageBus probe tools for AWS:

    $OMNIHOME/bin/nco_sql -user user -password password < aws_create_MsgBusTools.sql

    The command performs the following steps:
    1. Adds two columns to the alerts.status table: AWSTargetConfirmation, AWSAutoConfirm.
    2. Creates a trigger group aws_triggers holding aws_target_confirmation and aws_process_target_status.
  4. The forwarding of AWS notifications requires confirmation of SubscribeURL. Before running the probe, decide the option for the AWS target confirmation: auto or manual.
    1. Edit message_bus_aws.rules under the section:

      if (match( $(json.Type), "SubscriptionConfirmation" ))

    2. Amend the @AWSAutoConfirm assignment with 1 for auto, 0 for manual.

    The act of confirmation is achieved by sending an HTTP command to the AWS’s SubscribeURL or opening the SubscribeURL using a web browser.

    Auto confirmation method:

    This involves message_bus_aws.rules and the two triggers: aws_target_confirmation and aws_process_target_status.

    Right after where the SubscriptionConfirmation message is inserted at the ObjectServer, the trigger will invoke the aws_NHttp_MsgBusProbe.pl script to send a GET command to the SubscribeURL, and feedback the HTTP response to the probe rules file for status update.

    Manual confirmation method:

    Copy the SubscribeURL from the ExtendedAttr field to a web browser, and open the page.

  5. Go to the AWS system and configure the notification destination (subscribe the probe’s webhook).

    During this time the probe must be alive so that the SubscriptionConfirmation message can reach the ObjectServer through the probe.

    To run the PA daemon, use the following command:

    $OMNIHOME/bin/nco_pad -name NCO_PA -configfile $OMNIHOME/etc/nco_pa.conf -admingroup root

    To check the PA status, use the following command:

    $OMNIHOME/bin/nco_pa_status -server NCO_PA -user <unix_root> -password <unix_root_password>

  6. In the Event List, the SubscriptionConfirmation message appears as an event with the Summary starting AWS Subscription… followed by a brief description of the confirmation state. The SubscribeURL string is stored in the ExtendedAttr field.
    Note: SubscribeURL can comprise a few hundred characters, hence the use of ExtendedAttr (length: 4096) as its storage.
  7. If the SubscriptionConfirmation message Summary indicates that the URL has not yet been successfully confirmed (regardless of the message being fresh or auto-confirmation attempt having failed), use the manual method.
  8. After SubscribeURL confirmation, verify that the probe can receive AWS notifications.
  9. You can choose to keep or to delete the SubscriptionConfirmation message in the ObjectServer after the integration with AWS is established.
  10. To stop AWS sending notifications to the probe, unsubscribe the probe’s webhook in AWS.

    The probe will receive an UnsubscribeConfirmation message.