Managing notifications across your organization with AWS User Notifications
By default, you can use User Notifications to configure and view notifications for a single AWS account. If you use AWS Organizations, you can also configure and view notifications centrally across your organization. This provides access to the same information as single account operations. You can configure and view notifications about accounts included in specific organizational units (OUs) or all accounts in an organization.
You can create Notification Configurations to filter events across accounts in your organization. When an event from any member account matches the event rules, User Notifications generates a notification in the management account.
We recommend using delegated administrators to delegate access for managing notifications across accounts with organizations integration to a member account. This allows you to keep your management account restricted while providing members with the visibility they need.
Important
User Notifications doesn't record events that occurred before you enabled trusted access to AWS Organizations. For example, if a member account (111122223333) in your organization received an EC2 event before you enabled this feature, this event won't generate a notification in the management account.
Notification configurations automatically update as you add or remove accounts from your organization. You don't need to update existing configurations when organization membership changes.
Notifications for accounts in your organization appear in User Notifications for up to 90 days, even if accounts leave your organization.
Events that occurred before accounts joined the organization or before you configured notifications won't generate notifications.
Prerequisites
Before enabling AWS Organizations in User Notifications, you must:
Be part of an organization with all features enabled
Sign in to the management account as an IAM user or assume an IAM role
Configuring notifications for your organization
Configuring notifications about events across your organization is available to all management accounts
and delegated administrators that enable trusted access with AWS Organizations.
You can create notification configurations for the organization or OUs,
filtered for specific events. For example, Health events where TypeCategory = scheduledChange
and service = EC2
.
To receive notifications across accounts, create notification configurations for the organization or OUs. A notification configuration contains the services and event rules you want notifications for. An event rule specifies which events generate notifications in the AWS Management Console and which delivery channels to use.
Important
Configuring notifications for organization accounts creates read-only notification configurations in member accounts. These configurations don't generate notifications in member accounts, only the management account receives organization notifications. To configure notification for a member account, see Step 1: Creating a notification configuration.
To create a notification configuration for your organization
-
Open User Notifications in the AWS Management Console
: -
Choose the bell icon in the top navigation bar.
-
Choose Notification center.
-
In the navigation pane, choose Notification configurations.
-
Choose Create notification configuration.
-
Select at least one notification hub.
-
-
Add a name and description:
-
Enter a name for your configuration.
-
(Optional) Enter a description for your configuration.
-
-
Select the OUs you're notified about. You can only select your organization or OUs, not individual accounts. To select individual accounts, use the advanced filter.
Note
This only generates notifications in the management or delegated administrator accounts about relevant member accounts.
-
Create an Event Rule:
-
For AWS service name, select the name of an AWS service to use as the event source.
-
For Event type, select event types.
-
For Regions, select the AWS Regions where your service data is located.
Note
You can filter event rules further by using the code editor under Advanced filter (optional). The Advanced filter doesn't currently support wildcards. To view examples of Event Patterns that you can use, see Filtering event rules using customized JSON event patterns in AWS User Notifications.
-
-
Define aggregation settings:
Tip
Aggregation settings reduce the number of notifications that you receive by combining multiple events into fewer notifications based on the option you choose. Aggregation settings are turned on by default. We recommend you use aggregation settings.
-
Choose if you would like to Receive within 5 minutes (recommended), Receive within 12 hours, or Do not aggregate.
Tip
Choose Receive fewer notifications for low priority notifications. Choose Reduce notifications delivery time for high priority notifications.
-
-
(Optional) Add delivery channels:
-
Select your delivery channels. We recommend that you view an event before adding additional recipients.
-
-
(Optional) Manage tags:
Tip
A tag is a label that you assign to an AWS resource. Tags help you organize your resources. For more information, see Tagging your resources.
-
For Key, enter the key name you want to use.
-
(Optional) For Value, enter a value for the specified key.
-
(Optional) Choose Add new tag to add more tags.
-
-
Review your configuration and confirm its details.
-
Choose Create notification configuration.
Tip
To edit or delete notification configurations, see Notification configurations in AWS User Notifications.