Incident Manager Provider

​

Authentication

• region: AWS region (required: True, sensitive: False)
• response_plan_arn: AWS Response Plan’s arn (required: True, sensitive: False)
• sns_topic_arn: AWS SNS Topic arn you want to be used/using in response plan (required: True, sensitive: False)
• access_key: AWS access key (Leave empty if using IAM role at EC2) (required: False, sensitive: True)
• access_key_secret: AWS access key secret (Leave empty if using IAM role at EC2) (required: False, sensitive: True)

• ssm-incidents:ListIncidentRecords: Required to retrieve incidents. (mandatory) (Documentation)
• ssm-incidents:GetResponsePlan: Required to get response plan and register keep as webhook (Documentation)
• ssm-incidents:UpdateResponsePlan: Required to update response plan and register keep as webhook (Documentation)
• iam:SimulatePrincipalPolicy: Allow Keep to test the scopes of the current user/role without modifying any resource. (Documentation)
• sns:ListSubscriptionsByTopic: Required to list all subscriptions of a topic, so Keep will be able to add itself as a subscription. (Documentation)

​

In workflows

steps:
    - name: Query incidentmanager
      provider: incidentmanager
      config: "{{ provider.my_provider_name }}"
      
        

​

Status Map

• “OPEN” to AlertStatus.FIRING
• “RESOLVED” to AlertStatus.RESOLVED

​

Severities Map

• 1 to AlertSeverity.CRITICAL
• 2 to AlertSeverity.HIGH
• 3 to AlertSeverity.LOW
• 4 to AlertSeverity.WARNING
• 5 to AlertSeverity.INFO

​

Notes

1. Incident Manager only throws notification when there is chatChannel attached to response plan. Make sure to add chatChannel to response plan before adding webhook