Severity and state mappings for CloudWatch

Alert priority and resolution state mapping between CloudWatch and Incident Response.

CloudWatch alert priority mapping

CloudWatch's alert priority is based on one field in the payload.

The field of interest is: Message.NewStateValue.

CloudWatch payload field CloudWatch payload value Incident Response alert priority value
Message.NewStateValue ALARM P4-Low
OK Clear/0

If Message.NewStateValue property is not sent in payload, then alert priority value set is P5-INFORMATIONAL

CloudWatch resolution state mapping

The field of interest is: Message.NewStateValue

CloudWatch payload field CloudWatch payload value Incident Response alert resolution state value
Message.NewStateValue OK Closing
New
Note: If you require any other severity and state mappings, use the Generic webhook integration.