Writing a canary script

The following sections explain how to write a canary script and how to integrate a canary with other AWS services and with external dependencies and libraries.

Topics

• Writing a Node.js canary script
• Writing a Python canary script
• Changing an existing Selenium script to use a Synthetics canary
• Changing an existing Puppeteer Synthetics script to authenticate non-standard certificates

Changing an existing Selenium script to use a Synthetics canary

You can quickly modify an existing script for Python and Selenium to be used as a canary. For more information about Selenium, see www.selenium.dev/.

For this example, we'll start with the following Selenium script:

from selenium import webdriver

def basic_selenium_script():
    browser = webdriver.Chrome()
    browser.get('https://example.com')
    browser.save_screenshot('loaded.png')

basic_selenium_script()

The conversion steps are as follows.

To convert a Selenium script to be used as a canary

1. Change the import statement to use Selenium from the aws_synthetics module:

   from aws_synthetics.selenium import synthetics_webdriver as webdriver

   The Selenium module from aws_synthetics ensures that the canary can emit metrics and logs, generate a HAR file, and work with other CloudWatch Synthetics features.

2. Create a handler function and call your Selenium method. The handler is the entry point function for the script.

   If you are using syn-python-selenium-1.0, the handler function must be named handler. If you are using syn-python-selenium-1.1 or later, the function can have any name, but it must be the same name that is used in the script. Also, if you are using syn-python-selenium-1.1 or later, you can store your scripts under any folder and specify that folder as part of the handler name.

   def handler(event, context):
       basic_selenium_script()

The script is now updated to be a CloudWatch Synthetics canary. Here is the updated script:

from aws_synthetics.selenium import synthetics_webdriver as webdriver

def basic_selenium_script():
    browser = webdriver.Chrome()
    browser.get('https://example.com')
    browser.save_screenshot('loaded.png')

def handler(event, context):
    basic_selenium_script()

Changing an existing Puppeteer Synthetics script to authenticate non-standard certificates

One important use case for Synthetics canaries is for you to monitor your own endpoints. If you want to monitor an endpoint that isn't ready for external traffic, this monitoring can sometimes mean that you don't have a proper certificate signed by a trusted third-party certificate authority.

Two possible solutions to this scenario are as follows:

• To authenticate a client certificate, see How to validate authentication using Amazon CloudWatch Synthetics – Part 2.

• To authenticate a self-signed certificate, see How to validate authentication with self-signed certificates in Amazon CloudWatch Synthetics

You are not limited to these two options when you use CloudWatch Synthetics canaries. You can extend these features and add your business logic by extending the canary code.

Note

Synthetics canaries running on Python runtimes innately have the --ignore-certificate-errors flag enabled, so those canaries shouldn't have any issues reaching sites with non-standard certificate configurations.