One of the use cases that gets considered frequently by our customers is to send out notifications to DevOps or Administrators or Business Process Experts in the organization based on certain conditions in the context of cloud integration.
These alerts and notifications can be either technical in nature – pertaining to the health of cloud integration or it could also be a business alert sent to the line of business users regarding an end-to-end process that they are responsible for. The possibilities and use cases are immense.
Few of the often asked requirements by our customers in the context of technical alerts and notifications are the following:
- A reminder to the DevOps or Administrator colleagues when certificates are about to expire. Or a scheduled mail to inform colleagues about the health of different security content being used for integrations.
- A high-priority alert escalated to an Administrator if the cloud integration security certificate has expired or is about to expire within a threshold period.
- Consolidation of errors – A scheduled recurrence to collect all failed messages in cloud integration and send alerts to business users to retry or correct. (We have a pre-packaged integration flow addressing this use case in the SAP API Business Hub. Blog: Receive Notifications for Failed SAP Cloud Platform Integration Flows via Any Channel with Alert Notification)
- A notification about an exception during the process flow. In this case – the notification may be to the business user if there is a need to correct the data, or it may be a to correct the integration flow itself.
- Notification regarding the health of JMS queues(critical or exhausted JMS resources).It could be an out-of-memory error or transaction status or provider/consumer connection status related notification to an administrator. (Here is a blog that describes how the Mail adapter can be used as part of cloud integration – Notification for Critical or Exhausted JMS Resources. But, the same can be also used in the context of ANS – with ANS providing a central place to maintain notifications, as well as the choice of communication channel for notifications being abstracted out of the integration flow logic).
You can also consider SAP Cloud Platform Alert Notification Service for business alerts in case of message failures or to share information about the successful processing of critical business messages.
- Consider the case of a new employee getting onboarded. At the end of the onboarding process, you would want to send a notification to the hiring manager, that the process has been completed and that all systems of record have been updated with the new employee information.
- A high-value invoice has been approved, the information needs to be shared with Finance head.
- A lead has completed evaluation and has initiated purchase, inform the sales executive of the customer conversion.
- A critical purchase order has not been sent to the vendor due to message failure, the procurement head needs to be informed immediately.
In this blog, we cover a simple scenario to create custom alerts in the context of integration security content in use by you. With custom alerts, you get the flexibility to create alerts that can be easily pushed to ANS using its REST APIs.
To note: with the premium edition of SAP Cloud Platform Integration Suite, customers now get the capabilities of SAP Cloud Platform Alert Notification Service for their integration use cases. This offering from SAP simplifies the consumption and pricing of services across the platform. (Learn more about the different SAP Cloud Platform Integration Suite editions)
Let us consider the use case of scheduled mail to DevOps regarding the health of security artifacts consumed in your integration flows. This is done with the following simple steps:
- Create a subscription using the Alert Notification Service.
- Create an Integration Flow that posts a custom alert in cloud integration.
I. Create a subscription:
This is a combination of actions and conditions that allow the ANS to be able to receive notifications and react to the event via the communication channel that has been set up.
To complete this step: you need to
1. Create a condition: that allows you to compare the property of the event payload to a specified value.
2. Create an action: by selecting the channel of notification. It can be an email, a custom webhook, a ticketing system, and so on. The ANS has integrations with third-party systems – Slack, Microsoft Teams, Service Now, VictorOps. (configure the channel of use)
3. Create a subscription: add in the necessary conditions to be fulfilled and actions to be triggered.
To learn more, explore the API specification of the producer REST API on SAP API Business Hub that allows you to post custom events.
II. Create an Integration Flow that posts a custom alert
In this integration flow, we add in the checks to the cloud integration security content and to create custom alerts if the certificate is about to expire in a defined threshold.
Specification to cloud integration security content OData API can be found on SAP API Business Hub.
As part of this Integration Flow, we use a timer start event. Using the OData API we will get the list of all Keystore Entries (/KeystoreEntries) in a specified tenant.
As part of the OData receiver adapter to CPI Tenant, we set the:
- Connection address : https://<CPI Tenant URL> /api/v1
- Provide the required authentication to this tenant.
- Select the Query Operation
- Resource Path: KeystoreEntries
- In this example, I set the query option to $select=Alias,ValidNotAfter,Owner,Type
To check each of the Keystore entry retrieved, we use a general splitter with the XPath Expression: /KeystoreEntries/KeystoreEntry
To keep the code clean, we will use a local integration process to check if the expiry of the certificate is imminent and needs the attention of the DevOps colleague. This custom alert is being created by using the producer API – https://<ans-service>/cf/producer/v1/resource-events
In this local integration flow, we have introduced the logic to check if the expiry of the certificates is within a defined threshold period. And in which case, we raise an alert to the colleagues via Slack.
In the local integration process, I have used the content modifier to define a few properties.
Here, the Threshold to be checked has been set to 30 days. I extract the type of Keystore content retrieved, the ownership details as well as the expiry date.
I use a groovy script to calculate the days to expire.
Check if the days to expire is less than the threshold days defined. And if the expiry is within the next 30days, I creat the payload to be sent to the ANS. (an example of this payload can be found on the SAP API Business Hub). We then post this payload to the producer REST API: https://<ans-service>/cf/producer/v1/resource-events.
We next add in a Process Call step to this local integration process. Save and run the process.
With this process now established, we now have a scheduled information notification sent out to the DevOps or Administrators in the organization about the cloud integration security content that is going to expire in the next 30 days. With SAP Cloud Platform Alert Notification Service being used in the context of this integration flow, you have the flexibility to react to the custom event that is getting generated. The communication channel of choice can be used for the notification.