Configure AWS SNS for CSM

Simple Notification Service (SNS) sends messages to CSM webhooks to enable key features in the AWS mApp® Solution.

You need a minimum of two topics for this mApp Solution, one for each webhook in the system.

To configure AWS SNS for CSM:

  1. In the AWS console, navigate to https://console.aws.amazon.com/sns/.
  2. Update the Cherwell CMDB

  3. Webhook passwords should not correspond to any CSM logins. Instead, they are arbitrary and used for the webhook only to enhance security.

    If you have not already done so, in CSM Administrator, go to Managers > Webhook Manager and set a custom webhook username and password for the AWS webhooks that were provided with the mApp Solution.
    1. Copy the Full Endpoint from the General page of the Webhook Manager. Using the new username and password you just set for the webhook, modify the copied URL to fit the following format (replace the sample information for webhook username and password, as well as the external URL of your CSM server): https://webhookUsername:[email protected]/CherwellAPI/api/Webhooks/createawsconfigstaging
  4. To create a topic for the AWS Create Config Staging webhook, see Creating an Amazon SNS Topic. You do not need to complete any of the optional steps for the mApp Solution to work properly. In our examples, the topic was named 'update-cherwell-cmdb' and will use that for our guide.
  5. To create a subscription for the AWS Create Config Staging webhook, see Subscribing to an Amazon SNS Topic. Use the following information:
    1. Topic ARN: Select update-cherwell-cmdb.
    2. Protocol: HTTPS
    3. Endpoint: Enter the modified URL from your database.
  6. Check to make sure that your subscription has been confirmed. This should happen automatically through CSM, provided your URL and credentials are accurate.
  7. Add Events as Incidents for AWS Configuration Items

  8. Webhook passwords should not correspond to any CSM logins. Instead, they are arbitrary and used for the webhook only to enhance security.

    If you have not already done so, in CSM Administrator, go to Managers > Webhook Manager and set a custom webhook username and password for the AWS webhooks that were provided with the mApp Solution.
    1. Copy the Full Endpoint from the General page of the Webhook Manager. Using the new username and password you just set for the webhook, modify the copied URL to fit the following format; replace the sample information for webhook username and password, as well as the external URL of your CSM server. https://webhookUsername:[email protected]/CherwellAPI/api/Webhooks/createawsevent
  9. To create a topic for the AWS Event webhook, repeat the steps in Creating an Amazon SNS Topic. You do not need to complete any of the optional steps for the mApp Solution to work properly. In our examples, the topic was named 'cherwell-ci-event-incident' and we will use that for our guide.
  10. To create a subscription for the AWS Create Config Staging webhook, see Subscribing to an Amazon SNS Topic. Use the following information:
    1. Topic ARN: Select cherwell-ci-event-incident.
    2. Protocol: HTTPS.
    3. Endpoint: Enter the URL from your database.
  11. Check to make sure that your subscription has been confirmed. This should happen automatically through CSM, provided your URL and credentials are accurate.