Re-enable alerting after Lambda URL migration (#194)

devksingh4 · web-flow · commit e6fc1d920beb · 2025-07-05T18:45:52.000-05:00
diff --git a/cloudformation/alerting.yml b/cloudformation/alerting.yml
@@ -0,0 +1,113 @@
+AWSTemplateFormatVersion: "2010-09-09"
+Description: Stack Alarms
+Transform: AWS::Serverless-2016-10-31
+
+Parameters:
+  AlertSNSArn:
+    Description: SNS Queue to send general alarm alerts to
+    Type: String
+  PriorityAlertSNSArn:
+    Description: SNS Queue to send priority alarm alerts to
+    Type: String
+  ApplicationPrefix:
+    Type: String
+    Description: Application prefix, no ending dash
+    AllowedPattern: ^[a-zA-Z0-9]+[a-zA-Z0-9-]+[a-zA-Z0-9]+$
+  ApplicationFriendlyName:
+    Type: String
+    Description: Application friendly name that will be used in resource descriptions
+  MainCloudfrontDistributionId:
+    Type: String
+    Description: Cloudfront Distribution ID that serves main API endpoints.
+
+
+Resources:
+  AppDLQMessagesAlarm:
+    Type: "AWS::CloudWatch::Alarm"
+    Properties:
+      AlarmName: !Sub ${ApplicationPrefix}-sqs-dlq
+      AlarmDescription: "Items are present in the application DLQ, meaning some messages failed to process."
+      Namespace: "AWS/SQS"
+      MetricName: "ApproximateNumberOfMessagesVisible"
+      Statistic: "Maximum"
+      Period: 60
+      EvaluationPeriods: 1
+      ComparisonOperator: "GreaterThanThreshold"
+      Threshold: 0
+      Dimensions:
+        - Name: QueueName
+          Value: !Sub ${ApplicationPrefix}-sqs-dlq
+      AlarmActions:
+        - !Ref PriorityAlertSNSArn
+
+  AppLatencyAlarm:
+    Type: "AWS::CloudWatch::Alarm"
+    Properties:
+      AlarmName: !Sub ${ApplicationPrefix}-latency-high
+      AlarmDescription: "Trailing Mean - 95% API gateway latency is > 1.25s for 2 times in 4 minutes."
+      Namespace: "AWS/Lambda"
+      MetricName: "UrlRequestLatency"
+      ExtendedStatistic: "tm95"
+      Period: "120"
+      EvaluationPeriods: "2"
+      ComparisonOperator: "GreaterThanThreshold"
+      Threshold: "1250"
+      AlarmActions:
+        - !Ref AlertSNSArn
+      Dimensions:
+        - Name: "FunctionName"
+          Value: !Sub ${ApplicationPrefix}-lambda
+
+  AppNoRequestsAlarm:
+    Type: "AWS::CloudWatch::Alarm"
+    Properties:
+      AlarmName: !Sub ${ApplicationPrefix}-no-requests
+      AlarmDescription: "No requests have been received in the past 5 minutes."
+      Namespace: "AWS/Lambda"
+      MetricName: "UrlRequestCount"
+      Statistic: "Sum"
+      Period: "300"
+      EvaluationPeriods: "1"
+      ComparisonOperator: "LessThanThreshold"
+      Threshold: "1"
+      AlarmActions:
+        - !Ref PriorityAlertSNSArn
+      Dimensions:
+        - Name: "FunctionName"
+          Value: !Sub ${ApplicationPrefix}-lambda
+
+  AppInvocationErrorAlarm:
+    Type: "AWS::CloudWatch::Alarm"
+    Properties:
+      AlarmName: !Sub ${ApplicationPrefix}-error-invocation
+      AlarmDescription: "Lambda threw an error, meaning the Fastify application itself has encountered an error"
+      Namespace: "AWS/Lambda"
+      MetricName: "Errors"
+      Statistic: "Sum"
+      Period: "300"
+      EvaluationPeriods: "1"
+      ComparisonOperator: "GreaterThanThreshold"
+      Threshold: "1"
+      AlarmActions:
+        - !Ref PriorityAlertSNSArn
+      Dimensions:
+        - Name: "FunctionName"
+          Value: !Sub ${ApplicationPrefix}-lambda
+
+  App5xxErrorAlarm:
+    Type: "AWS::CloudWatch::Alarm"
+    Properties:
+      AlarmName: !Sub ${ApplicationPrefix}-cloudfront-5xx-error
+      AlarmDescription: "Main application responses are more than 1% 5xx errors (from Cloudfront)"
+      Namespace: "AWS/CloudFront"
+      MetricName: "5xxErrorRate"
+      Statistic: "Average"
+      Period: "300"
+      EvaluationPeriods: "1"
+      ComparisonOperator: "GreaterThanThreshold"
+      Threshold: "1"
+      AlarmActions:
+        - !Ref PriorityAlertSNSArn
+      Dimensions:
+        - Name: "DistributionId"
+          Value: !Ref MainCloudfrontDistributionId
diff --git a/cloudformation/main.yml b/cloudformation/main.yml
@@ -107,6 +107,18 @@ Resources:
         QueueName: !Sub ${ApplicationPrefix}-sqs
         MessageTimeout: !Ref SqsMessageTimeout
 
+  AppAlarms:
+    Condition: IsProd
+    Type: AWS::Serverless::Application
+    Properties:
+      Location: ./alerting.yml
+      Parameters:
+        AlertSNSArn: !Ref AlertSNSArn
+        PriorityAlertSNSArn: !Ref PriorityAlertSNSArn
+        ApplicationPrefix: !Ref ApplicationPrefix
+        ApplicationFriendlyName: !Ref ApplicationFriendlyName
+        MainCloudfrontDistributionId: !GetAtt AppFrontendCloudfrontDistribution.Id
+
   LinkryRecordSetv4:
     Condition: IsDev
     Type: AWS::Route53::RecordSet
@@ -602,26 +614,6 @@ Resources:
         AttributeName: "expireAt"
         Enabled: true
 
-
-  AppDLQMessagesAlarm:
-    Type: "AWS::CloudWatch::Alarm"
-    Condition: IsProd
-    Properties:
-      AlarmName: !Sub ${ApplicationPrefix}-sqs-dlq
-      AlarmDescription: "Items are present in the application DLQ, meaning some messages failed to process."
-      Namespace: "AWS/SQS"
-      MetricName: "ApproximateNumberOfMessagesVisible"
-      Statistic: "Maximum"
-      Period: 60
-      EvaluationPeriods: 1
-      ComparisonOperator: "GreaterThanThreshold"
-      Threshold: 0
-      Dimensions:
-        - Name: QueueName
-          Value: !Sub ${ApplicationPrefix}-sqs-dlq
-      AlarmActions:
-        - !Ref PriorityAlertSNSArn
-
   AppFrontendS3Bucket:
     Type: AWS::S3::Bucket
     Properties:
