This topic describes how to use EventBridge to send the events that are delivered to Simple Message Queue (formerly MNS) to DingTalk.
Prerequisites
EventBridge is activated. For more information, see Activate EventBridge and grant permissions to a RAM user.
SMQ is activated. For more information, see Activate SMQ and authorize RAM users to access SMQ.
Fees are generated when you use SMQ topics and queues. For more information, see Billing.
Background information
You can deliver Cloud Config events to the following channels: Simple Log Service, Object Storage Service (OSS), and SMQ. You can use the event processing and delivery features provided by EventBridge to deliver evaluation events to other channels in a specified format. For example, you can deliver configuration changes or non-compliance events of resources to DingTalk, Message Queue, Function Compute, Short Message Service, or Alibaba Mail. In this topic, a resource non-compliance event is delivered. An EventBridge event flow is used to convert the detected non-compliant resource into an event and send the event to DingTalk in the specified format.
Step 1: Create an SMQ topic and queue
Create an SMQ topic.
For more information, see Create a topic.
Create an SMQ queue.
For more information, see Create a queue.
Create a subscription for the SMQ topic. This way, the messages that are sent to the topic are pushed to the queue that subscribes to the topic.
For more information, see Create and use subscriptions.
If you have already created an SMQ topic and a queue, skip this step.
Step 2: Configure settings to deliver events to SMQ
Create a rule of Cloud Config.
For more information, see Create a rule based on a managed rule or Create a custom rule based on Function Compute.
Configure the settings to deliver events to SMQ.
For more information, see Deliver resource data to an MNS topic.
If you have created a rule in Cloud Config and configured data delivery to SMQ, skip this step.
Step 3: Create an EventBridge event bus and configure event delivery
Log on to the EventBridge console.
In the left-side navigation pane, click Event Buses.
In the top navigation pane, select a region.
In the Custom Event Buses section, click Quickly Create.
In the Create Custom Event Bus panel, configure the parameters.
In the Event Bus step, enter the name of the custom event bus and description, and then click Next Step.
In the Event Source step, configure the following parameters and click Next Step.
Specify Event Source Name. In this example, enter
noncompliant.event.Select Message Service (MNS) from the Event Provider drop-down list.
Select a value from the Queue Name drop-down list.
Select Enable Base64 Decoding.
In the Event Rule step, configure the following parameters and click Next Step.
Specify Event Rule Name. In this example, enter
noncompliant-resource-rule.Configure the pattern content of the event bus to filter out irrelevant events.
The following pattern content indicates that only events with the name noncompliant.event are delivered to the destination event. For more information, see Event patterns.
{ "source": [ "noncompliant.event" ] }
In the Event Target step, configure the following parameters and click Create.
Select DingTalk acs.dingtalk from the Service Type drop-down list.
Specify the Address and Secret Key parameters for the DingTalk group.
Configure the Pushed Content parameter.
Configure a template to convert events and push the events to the destination event. The following parameters and template indicate that the resource Alibaba Cloud Resource Name (ARN) and rule name are parsed from non-compliance events and pushed to DingTalk. For more information, see Event transformation.
/**Variables**/ { "resourceArn": "$.data.messageBody.evaluationResultIdentifier.evaluationResultQualifier.resourceArn", "configRuleName": "$.data.messageBody.evaluationResultIdentifier.evaluationResultQualifier.configRuleName" }/**Template**/ { "msgtype": "text", "text": { "content": "Resource non-compliance notification: Resource: ${resourceArn}. Rule name: ${configRuleName}" } }
Step 4: Verify the result
Log on to the Cloud Config console.
In the left-side navigation pane, choose .
On the Rules page, find the desired rule, click the
icon in the Actions column, and then click Re-evaluate. Go to the DingTalk group that you configured in Step 3 and view chatbot notifications.
If the DingTalk group has resource non-compliance notifications, the configurations are complete.
FAQ
Can I set the SMQ topic that is used when I configure event delivery to SMQ as the event source of the event bus?
No. EventBridge event buses can use only SMQ queues as event sources. You can configure a queue for the SMQ topic and use the queue as the SMQ event source.
I have configured an EventBridge event flow and manually execute evaluation in the Cloud Config console. Why does the DingTalk group fail to receive notifications?
If no non-compliant resource exists, the DingTalk group fails to receive notifications. To resolve this issue, perform the following steps to troubleshoot the issue in the Cloud Config console to ensure that non-compliant resource exists:
Log on to the Cloud Config console.
In the left-side navigation pane, choose Compliance & Audit > Rules.
View the evaluation results of the rules to ensure that no non-compliant resource exists.
Perform the following steps to troubleshoot the issue in the EventBridge console to ensure that the event is delivered:
Log on to the EventBridge console.
In the left-side navigation pane, click Event Buses.
On the Event Buses page, find the desired event bus and click Event Tracking in the Actions column.
Query events by time range and ensure that data exists in the event source.
Find the desired event and click Event Trace in the Actions column.
In the Event Trace dialog box, make sure that the event is delivered.
What do I do if EventBridge events fail to be delivered?
If the error message
[500]java.lang.RuntimeExceptionjava.lang.RuntimeExceptionjava.lang.RuntimeException is missing parameter JSONappears, perform the following steps:Make sure that the key-value pair of the
$.dataobject of the event content does not contain quotation marks. Otherwise, after the variable is replaced, the original JSON string is truncated by the quotation marks and becomes invalid. You can use the escape tooljsonEscapeprovided by the system to modify the configuration of the rule template. In the following example, the value of the variableconfigRuleNamecontains quotation marks, andjsonEscapeis used as an escape character in the template./**Variables**/ { "resourceArn": "$.data.messageBody.evaluationResultIdentifier.evaluationResultQualifier.resourceArn", "configRuleName": "$.data.messageBody.evaluationResultIdentifier.evaluationResultQualifier.configRuleName" }/**Template**/ { "msgtype": "text", "text": { "content": "Resource non-compliance notification: Resource: ${resourceArn}. Rule name: ${jsonEscape(configRuleName)}" } }If the error message
[500]java.lang.RuntimeExceptionjava.lang.RuntimeExceptionjava.lang.RuntimeExceptionsendtoofast,exceed20timesperminuteappears, perform the following steps to troubleshoot the issue:DingTalk limits the frequency at which custom chatbots can send messages. Each chatbot can send a maximum of 20 messages to a DingTalk group chat per minute. If the number of DingTalk messages exceeds 20, throttling is enabled for 10 minutes. If a large number of messages are sent after alerts are triggered, such as system monitoring alerts, you can integrate these messages and use Markdown to send them to DingTalk group chats in the form of summaries.
