tech-advisor / training /data /raw /configuring-capabilities-for-aws-devops-agent-invoking-devops-agent-through-webhook.md
aslanconfig's picture
Initial commit: Tech Advisor fine-tuned on AWS DevOps Agent docs
975da6d
|
Raw
History Blame Contribute Delete
2.01 kB

A newer version of the Gradio SDK is available: 6.20.0

Upgrade

Invoking DevOps Agent through Webhook

Webhooks allow external systems to automatically trigger AWS DevOps Agent investigations.

Webhook types

  • Integration-specific webhooks – Auto-generated with third-party integrations
  • Generic webhooks – Manually created, use HMAC authentication
  • Grafana alert webhooks – Through Grafana contact points

Authentication methods

HMAC authentication – Used by Dynatrace and generic webhooks Bearer token authentication – Used by Splunk, Datadog, New Relic, ServiceNow, Slack, Grafana

Consideration HMAC Bearer token
Setup complexity More complex Simpler
Payload integrity Verified Not verified
Replay protection Built-in Not built-in
Secret exposure risk Lower Higher

Webhook request format

HMAC (Version 1)

Headers: Content-Type, x-amzn-event-signature, x-amzn-event-timestamp

Bearer token (Version 2)

Headers: Content-Type, Authorization: Bearer

Payload schema

{
    "eventType": "incident",
    "incidentId": "string",
    "action": "created | updated | closed | resolved",
    "priority": "CRITICAL | HIGH | MEDIUM | LOW | MINIMAL",
    "title": "string",
    "description": "string",
    "timestamp": "string",
    "service": "string",
    "data": {}
}

Example (cURL, HMAC)

TIMESTAMP=$(date -u +%Y-%m-%dT%H:%M:%S.000Z)
PAYLOAD='{"eventType":"incident","incidentId":"test-123","action":"created","priority":"HIGH","title":"Test Alert"}'
SIGNATURE=$(echo -n "${TIMESTAMP}:${PAYLOAD}" | openssl dgst -sha256 -hmac "$SECRET" -binary | base64)
curl -X POST "$WEBHOOK_URL" -H "Content-Type: application/json" -H "x-amzn-event-timestamp: $TIMESTAMP" -H "x-amzn-event-signature: $SIGNATURE" -d "$PAYLOAD"

Troubleshooting

  • No 200 response: Check authentication/headers
  • 200 but no investigation: Check payload format, ensure unique incidentId/timestamp
  • Investigation immediately cancelled: May have hit monthly limit