tech-advisor / training /data /raw /configuring-capabilities-for-aws-devops-agent-invoking-devops-agent-through-webhook.md
| # Invoking DevOps Agent through Webhook | |
| Webhooks allow external systems to automatically trigger AWS DevOps Agent investigations. | |
| ## Webhook types | |
| + **Integration-specific webhooks** β Auto-generated with third-party integrations | |
| + **Generic webhooks** β Manually created, use HMAC authentication | |
| + **Grafana alert webhooks** β Through Grafana contact points | |
| ## Authentication methods | |
| **HMAC authentication** β Used by Dynatrace and generic webhooks | |
| **Bearer token authentication** β Used by Splunk, Datadog, New Relic, ServiceNow, Slack, Grafana | |
| | Consideration | HMAC | Bearer token | | |
| | --- | --- | --- | | |
| | Setup complexity | More complex | Simpler | | |
| | Payload integrity | Verified | Not verified | | |
| | Replay protection | Built-in | Not built-in | | |
| | Secret exposure risk | Lower | Higher | | |
| ## Webhook request format | |
| ### HMAC (Version 1) | |
| Headers: Content-Type, x-amzn-event-signature, x-amzn-event-timestamp | |
| ### Bearer token (Version 2) | |
| Headers: Content-Type, Authorization: Bearer <token> | |
| ### Payload schema | |
| ```json | |
| { | |
| "eventType": "incident", | |
| "incidentId": "string", | |
| "action": "created | updated | closed | resolved", | |
| "priority": "CRITICAL | HIGH | MEDIUM | LOW | MINIMAL", | |
| "title": "string", | |
| "description": "string", | |
| "timestamp": "string", | |
| "service": "string", | |
| "data": {} | |
| } | |
| ``` | |
| ## Example (cURL, HMAC) | |
| ```bash | |
| TIMESTAMP=$(date -u +%Y-%m-%dT%H:%M:%S.000Z) | |
| PAYLOAD='{"eventType":"incident","incidentId":"test-123","action":"created","priority":"HIGH","title":"Test Alert"}' | |
| SIGNATURE=$(echo -n "${TIMESTAMP}:${PAYLOAD}" | openssl dgst -sha256 -hmac "$SECRET" -binary | base64) | |
| curl -X POST "$WEBHOOK_URL" -H "Content-Type: application/json" -H "x-amzn-event-timestamp: $TIMESTAMP" -H "x-amzn-event-signature: $SIGNATURE" -d "$PAYLOAD" | |
| ``` | |
| ## Troubleshooting | |
| + No 200 response: Check authentication/headers | |
| + 200 but no investigation: Check payload format, ensure unique incidentId/timestamp | |
| + Investigation immediately cancelled: May have hit monthly limit | |