From cf01ee5a62f1af30081bc77757adfdf323c994ba Mon Sep 17 00:00:00 2001
From: Hiroshi Nishio <4620828+hiroshinishio@users.noreply.github.com>
Date: Tue, 9 Jul 2024 19:07:52 +0900
Subject: [PATCH] Update CloudFormation template to add Lambda error monitoring
 with CloudWatch and SNS notifications.

---
 .github/workflows/deployment.yml |  3 ++-
 cloudformation.yml               | 36 ++++++++++++++++++++++++++++++++
 main.py                          |  2 +-
 3 files changed, 39 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/deployment.yml b/.github/workflows/deployment.yml
index 627e0983..cc6cdb56 100644
--- a/.github/workflows/deployment.yml
+++ b/.github/workflows/deployment.yml
@@ -33,6 +33,7 @@ jobs:
         run: |
           {
             echo "ECR_REGISTRY=${{ steps.login-ecr.outputs.registry }}"
+            echo "EMAIL=${{ secrets.EMAIL }}"
             echo "IMAGE_TAG=${{ github.sha }}"
             if [[ "${{ github.ref }}" == "refs/heads/main" ]]; then
               echo "ECR_REPOSITORY=${{ secrets.PROD_LAMBDA_NAME }}"
@@ -65,7 +66,7 @@ jobs:
           aws cloudformation deploy \
           --stack-name ScheduleStack \
           --template-file cloudformation.yml \
-          --parameter-overrides LambdaFunctionName=$LAMBDA_NAME LambdaFunctionArn=$LAMBDA_ARN \
+          --parameter-overrides LambdaFunctionName=$LAMBDA_NAME LambdaFunctionArn=$LAMBDA_ARN Email=$EMAIL \
           --capabilities CAPABILITY_NAMED_IAM
   
       - name: Notify Slack of deployment status
diff --git a/cloudformation.yml b/cloudformation.yml
index 8b6362de..cf25ea3b 100644
--- a/cloudformation.yml
+++ b/cloudformation.yml
@@ -2,6 +2,9 @@ AWSTemplateFormatVersion: '2010-09-09'
 Description: 'CloudFormation template to schedule a Lambda function using AWS EventBridge (formerly CloudWatch Events)'
 
 Parameters:
+  Email:
+    Type: String
+    Description: Email address to receive notifications
   LambdaFunctionName:
     Type: String
     Description: Name of the Lambda function to trigger
@@ -34,3 +37,36 @@ Resources:
       Action: lambda:InvokeFunction
       Principal: events.amazonaws.com
       SourceArn: !GetAtt SchedulerEventRule.Arn
+
+  # SNS Topic for sending notifications
+  ErrorNotificationTopic:
+    Type: AWS::SNS::Topic
+    Properties:
+      TopicName: LambdaErrorNotificationTopic
+
+  # SNS Subscription to send notifications to an email
+  ErrorNotificationSubscription:
+    Type: AWS::SNS::Subscription
+    Properties:
+      TopicArn: !Ref ErrorNotificationTopic
+      Protocol: email
+      Endpoint: !Ref Email
+
+  # CloudWatch Alarm for Lambda function errors
+  LambdaErrorAlarm:
+    Type: AWS::CloudWatch::Alarm
+    Properties:
+      AlarmName: LambdaFunctionErrorAlarm
+      AlarmDescription: Alarm for Lambda function errors
+      MetricName: Errors
+      Namespace: AWS/Lambda
+      Statistic: Sum  # Total number of errors in each period
+      Period: 300  # in seconds
+      EvaluationPeriods: 1
+      Threshold: 1
+      ComparisonOperator: GreaterThanOrEqualToThreshold
+      AlarmActions:
+        - !Ref ErrorNotificationTopic
+      Dimensions:
+        - Name: FunctionName
+          Value: !Ref LambdaFunctionName
diff --git a/main.py b/main.py
index 48a37753..ebc7d3cd 100644
--- a/main.py
+++ b/main.py
@@ -17,7 +17,7 @@
 
 if ENV != "local":
     sentry_sdk.init(
-        dsn="https://b7ca4effebf7d7825b6464eade11734f@o4506827828101120.ingest.us.sentry.io/4506865231200256",  # noqa
+        dsn="https://b7ca4effebf7d7825b6464eade11734f@o4506827828101120.ingest.us.sentry.io/4506865231200256",
         environment=ENV,
         integrations=[AwsLambdaIntegration()],
         traces_sample_rate=1.0,