AWS CloudWatch alerts → WhatsApp

AWS CloudWatch alerts to WhatsApp — without building it yourself

AWS published a tutorial showing how to forward CloudWatch alarms to WhatsApp. It involves a Lambda function, an SNS topic, WhatsApp Business API approval, and several hours of setup. ConvOps does the same thing in 10 minutes — and delivers a diagnosis, not just the raw alarm text.

Try ConvOps free →WhatsApp on-call →

Build it yourself vs. ConvOps

DIY (AWS tutorial approach)

Setup time: several hours. Ongoing maintenance required.

1.Apply for WhatsApp Business API access (approval can take days)
2.Set up a Meta Business Account and get a phone number approved
3.Deploy a Lambda function to handle SNS → WhatsApp formatting
4.Configure SNS topic to invoke the Lambda on alarm state changes
5.Write and maintain the message formatting code
6.Handle WhatsApp API rate limits, retries, and delivery failures
7.Keep the Lambda updated as CloudWatch and WhatsApp API evolve

Result: alarm name + threshold forwarded to WhatsApp. No diagnosis.

ConvOps

Setup time: 10 minutes. No maintenance.

Sign up at convops.io
Paste a read-only IAM role ARN
Add your WhatsApp number
Done — first diagnosis arrives with the next alarm

Result: full diagnosis in WhatsApp — cause, evidence, and numbered fix options.

What arrives in WhatsApp

DIY approach — raw alarm text

ALARM: prod-api-cpu-high

State: ALARM

Reason: Threshold Crossed: 1 datapoint [94.2] was greater than the threshold [80.0]

Now what?

ConvOps — diagnosis included

⚠️ HIGH — prod-api-cpu-high

CPUUtilization: 94% (threshold 80%)

Root cause

Deploy at 14:32 UTC introduced a tight processing loop in the payment worker. No scaling events triggered. No AWS Health issues.

1 — Force new ECS deployment

2 — Roll back to previous revision

3 — Scale out +1 task

What ConvOps investigates before sending

Unlike a simple alarm forwarder, ConvOps runs a full investigation before the message reaches your phone.

CloudWatch Logs

Error and exception lines from the last 45 minutes of the resource's log group.

CloudTrail events

Recent deploys, config changes, and resource modifications in the last 2 hours.

Correlated metrics

Neighbouring metrics on the same resource — CPU + memory + network together, not just the alarming one.

Resource state

ECS task status, RDS connectivity, ALB target health, Lambda concurrency — the actual current state.

AWS Health events

Active service disruptions in your region that could explain the alarm.

Security findings

GuardDuty and Security Hub findings correlated with the alarming resource.

Frequently asked questions

Do I need a WhatsApp Business account to use ConvOps?: No. ConvOps handles the WhatsApp Business API connection on its side. You receive messages on your regular WhatsApp number — no business account setup, no API approval process on your end.
What does a ConvOps WhatsApp message look like compared to the raw alarm?: A raw CloudWatch alarm tells you the metric name and threshold. A ConvOps message tells you what caused it, what evidence was checked (logs, CloudTrail, resource state), and gives you numbered action options to reply with.
Is this just forwarding the alarm to WhatsApp?: No. ConvOps investigates before it sends anything. By the time the message arrives, ConvOps has already checked CloudWatch Logs, CloudTrail events, correlated metrics, and resource state. You're reading a diagnosis, not a forwarded notification.
How is this different from the AWS blog tutorial?: The AWS tutorial (published October 2025) shows you how to build this yourself — deploying a Lambda, configuring SNS, and setting up your own WhatsApp Business API access. That setup takes several hours and requires ongoing maintenance. ConvOps is the ready-made version: paste an IAM role ARN and you're live in 10 minutes. ConvOps also adds AI diagnosis — the AWS tutorial only forwards the raw alarm text.
Can I send the same alert to both WhatsApp and Slack?: Yes. ConvOps supports simultaneous delivery to WhatsApp and Slack. Both channels receive the same diagnosis, and both support numbered reply-based actions.

AWS CloudWatch diagnosis in WhatsApp — in 10 minutes.

No Lambda. No CloudFormation. No API approval. Free to start.

Start free — no card needed →

WhatsApp on-call alerts CloudWatch alarm diagnosis AWS incident response without SRE CloudWatch alert management PagerDuty alternative

AWS CloudWatch alerts to WhatsApp — without building it yourself

Build it yourself vs. ConvOps

DIY (AWS tutorial approach)

Setup time: several hours. Ongoing maintenance required.

1.Apply for WhatsApp Business API access (approval can take days)
2.Set up a Meta Business Account and get a phone number approved
3.Deploy a Lambda function to handle SNS → WhatsApp formatting
4.Configure SNS topic to invoke the Lambda on alarm state changes
5.Write and maintain the message formatting code
6.Handle WhatsApp API rate limits, retries, and delivery failures
7.Keep the Lambda updated as CloudWatch and WhatsApp API evolve

Result: alarm name + threshold forwarded to WhatsApp. No diagnosis.

ConvOps

Setup time: 10 minutes. No maintenance.

Sign up at convops.io
Paste a read-only IAM role ARN
Add your WhatsApp number
Done — first diagnosis arrives with the next alarm

Result: full diagnosis in WhatsApp — cause, evidence, and numbered fix options.

What arrives in WhatsApp

DIY approach — raw alarm text

ALARM: prod-api-cpu-high

State: ALARM

Reason: Threshold Crossed: 1 datapoint [94.2] was greater than the threshold [80.0]

Now what?

ConvOps — diagnosis included

⚠️ HIGH — prod-api-cpu-high

CPUUtilization: 94% (threshold 80%)

Root cause

Deploy at 14:32 UTC introduced a tight processing loop in the payment worker. No scaling events triggered. No AWS Health issues.

1 — Force new ECS deployment

2 — Roll back to previous revision

3 — Scale out +1 task

What ConvOps investigates before sending

Unlike a simple alarm forwarder, ConvOps runs a full investigation before the message reaches your phone.

CloudWatch Logs

Error and exception lines from the last 45 minutes of the resource's log group.

CloudTrail events

Recent deploys, config changes, and resource modifications in the last 2 hours.

Correlated metrics

Neighbouring metrics on the same resource — CPU + memory + network together, not just the alarming one.

Resource state

ECS task status, RDS connectivity, ALB target health, Lambda concurrency — the actual current state.

AWS Health events

Active service disruptions in your region that could explain the alarm.

Security findings

GuardDuty and Security Hub findings correlated with the alarming resource.

Frequently asked questions

Do I need a WhatsApp Business account to use ConvOps?

No. ConvOps handles the WhatsApp Business API connection on its side. You receive messages on your regular WhatsApp number — no business account setup, no API approval process on your end.

What does a ConvOps WhatsApp message look like compared to the raw alarm?

A raw CloudWatch alarm tells you the metric name and threshold. A ConvOps message tells you what caused it, what evidence was checked (logs, CloudTrail, resource state), and gives you numbered action options to reply with.

Is this just forwarding the alarm to WhatsApp?

No. ConvOps investigates before it sends anything. By the time the message arrives, ConvOps has already checked CloudWatch Logs, CloudTrail events, correlated metrics, and resource state. You're reading a diagnosis, not a forwarded notification.

How is this different from the AWS blog tutorial?

The AWS tutorial (published October 2025) shows you how to build this yourself — deploying a Lambda, configuring SNS, and setting up your own WhatsApp Business API access. That setup takes several hours and requires ongoing maintenance. ConvOps is the ready-made version: paste an IAM role ARN and you're live in 10 minutes. ConvOps also adds AI diagnosis — the AWS tutorial only forwards the raw alarm text.

Can I send the same alert to both WhatsApp and Slack?

Yes. ConvOps supports simultaneous delivery to WhatsApp and Slack. Both channels receive the same diagnosis, and both support numbered reply-based actions.