Stats
Actions
Tags
From dx-automation
Create CloudWatch alarms and SNS subscription for AI automation monitoring. Creates 4 alarms (DLQ depth, WI-Router errors, PR-Router errors, throttles) and subscribes an email address to alerts. Reads config from .ai/automation/infra.json.
How this skill is triggered — by the user, by Claude, or both
Slash command
/dx-automation:auto-alarmsThe summary Claude sees in its skill listing — used to decide when to auto-load this skill
You create CloudWatch alarms and subscribe an email address to alerts. Wraps `lambda/cloudwatch/setup-alarms.sh` with audit logging.
You create CloudWatch alarms and subscribe an email address to alerts. Wraps lambda/cloudwatch/setup-alarms.sh with audit logging.
Read .ai/automation/infra.json. Check automationProfile:
consumer (or legacy pr-only/pr-delegation): "This repo uses the consumer profile — CloudWatch alarms are managed by the hub project. Do NOT configure alarms from this repo." STOP.source .ai/lib/audit.sh
export AUDIT_LOG_PREFIX=infra
Confirm monitoring config from infra.json:
monitoring.snsTopic.name — SNS topic name (<prefix>-alerts)regionIf user passed --email <address>, use it. Otherwise ask:
Alert email address? CloudWatch alarms will notify this email for DLQ depth, Lambda errors, and throttles. You'll need to confirm the subscription in your email.
cd .ai/automation
bash lambda/cloudwatch/setup-alarms.sh --email "<email>"
The script:
<prefix>-alerts (idempotent)lambda/cloudwatch/alarms.json, prefixes with resource prefix from infra.json)Report the script's output.
After the script runs, the SNS topic ARN is returned. Update infra.json:
monitoring.snsTopic.arn → the created/retrieved ARN## CloudWatch Monitoring Configured
**SNS topic:** <prefix>-alerts
**Alert email:** <email> (confirm subscription in your inbox)
| Alarm | Trigger | Severity |
|-------|---------|----------|
| <prefix>-dlq-depth | DLQ > 5 messages | Warning |
| <prefix>-lambda-errors-wi-router | WI-Router Lambda errors > 3/hour | Critical |
| <prefix>-lambda-errors-pr-router | PR-Router Lambda errors > 3/hour | Critical |
| <prefix>-lambda-throttles | Any Lambda throttled | Warning |
**infra.json** updated with SNS ARN.
**Audit log:** `.ai/logs/infra.<week>.jsonl`
### Next step
`/auto-test --dryRun` — Verify end-to-end (local dry run)
### Operational commands
- `/auto-status` — Current DLQ depth, token budget, rate limits
- `/auto-doctor` — Full health check
- See `docs/runbook.md` for alert response procedures
infra.json updated with SNS topic ARN/auto-alarms — Reads infra.json for resource prefix and SNS topic ARN. Creates 4 CloudWatch alarms: DLQ depth > 0, WI-Router errors > 5/min, PR-Router errors > 5/min, Lambda throttles > 0. Subscribes the configured email to the SNS topic. Reminds user to confirm the SNS subscription via email.
/auto-alarms [email protected] — Creates all 4 alarms and subscribes [email protected] to the SNS alert topic. Reports each alarm name and threshold. Prints reminder to check inbox for subscription confirmation.
/auto-alarms (re-run, alarms exist) — put-metric-alarm is idempotent — overwrites existing alarms with current thresholds. SNS create-topic returns the existing topic ARN. subscribe is also idempotent if the email is already subscribed. Reports all alarms as configured.
"SNS subscription confirmation not received"
Cause: The confirmation email may have gone to spam, or the email address was incorrect.
Fix: Check the spam folder. If not found, re-run /auto-alarms with the correct email — SNS will resend the confirmation. The subscription won't be active until confirmed.
Alarms not triggering despite errors
Cause: The alarm metric namespace or dimensions don't match the Lambda function names.
Fix: Verify that the function names in infra.json match the actual Lambda function names in AWS. The alarms use FunctionName dimension to filter metrics.
"Access denied" when creating alarms
Cause: The AWS credentials lack CloudWatch or SNS permissions.
Fix: Ensure the IAM user has cloudwatch:PutMetricAlarm, sns:CreateTopic, and sns:Subscribe permissions.
aws_resource wrappernpx claudepluginhub easingthemes/dx-aem-flow --plugin dx-automationProvides AWS CloudFormation templates for CloudWatch metrics, alarms, dashboards, log groups, anomaly detection, synthesized canaries, and Application Signals for production infrastructure monitoring.
Creates alerting rules for Prometheus, Grafana, and PagerDuty with thresholds, routing, escalation, and runbooks. Useful for performance monitoring setup and refinement.
Sets up observability for deployed infrastructure with structured logging, metrics collection, and health-check alerting. Recommends cloud-provider stack and generates IaC.