Create a Simple Notification Service (SNS) topic and the necessary subscription to send email notifications whenever CloudWatch alarm is triggered.

1. Sign in to the AWS Management Console.

2. Go to SNS dashboard.

3. In the navigation panel, select Topics and click the Create new topic button.

4. In the Create new topic dialog box, enter a name and a display name for your topic then click Create Topic.

5. Open the newly created SNS topic configuration page by clicking on its Amazon Resource Name (ARN):

6. Under Subscription section click Create Subscription.

7. Select Email as subscription protocol from the Protocol drop-down list.

8. In the Endpoint box, enter the email address where you want to receive the CloudWatch alarm notifications then click Create Subscription to create the required subscription.

9. Go to the inbox to open the message received from AWS Notifications then click on the appropriate link to confirm your subscription.

To Create the ALARM

1. Sign in to the AWS Management Console.

2. Navigate to Cloudwatch dashboard.

3. In the left navigation panel, select Logs.

4. Select the log group created for your CloudTrail trail event logs and click.Create Metric Filterbutton.

5. On theDefine Logs Metric Filterpage, paste the following pattern inside theFilter Patternbox{($.eventName=RunInstances) || ($.eventName=RebootInstances) || ($.eventName=StartInstances) || ($.eventName=StopInstances) || ($.eventName=TerminateInstances)}. This pattern will be used for scanning the AWS CloudTrail logs for event names like“RunInstances”, “RebootInstances” or “TerminateInstances”.

6. Review the metric filter config details then click Assign Metric.

7. On the Create Metric Filter and Assign a Metric page, perform the following:

1. 1. In the&nbsp