
Control: 4.2 Create at least one notification topic and subscription to receive monitoring alerts


Notifications provide a multi-channel messaging service that allow users and applications to be notified of events of interest occurring within OCI. Messages can be sent via eMail, HTTPs, PagerDuty, Slack or the OCI Function service. Some channels, such as eMail require confirmation of the subscription before it becomes active.

Creating one or more notification topics allow administrators to be notified of relevant changes made to OCI infrastructure.


From Console

  1. Go to the Notifications Service page.
  2. Select the Compartment that hosts the notifications.
  3. Click Create Topic.
  4. Set the name to something relevant.
  5. Set the description to describe the purpose of the topic.
  6. Click Create.
  7. Click the newly created topic.
  8. Click Create Subscription.
  9. Choose the correct protocol.
  10. Complete the correct parameter, for instance email address.
  11. Click Create.

From CLI

  1. Create a topic in a compartment
oci ons topic create --name <topic name> --description <topic description> -- compartment-id <compartment OCID>
  1. Note the OCID of the topic using the topic-id field of the returned JSON and use it to create new subscriptions
oci ons subscription create --compartment-id <compartment OCID> --topic-id <topic OCID> --protocol <protocol> --subscription-endpoint <subscription endpoint>
  1. The returned JSON includes the id of the subscription.


Run the control in your terminal:

powerpipe control run oci_compliance.control.cis_v200_4_2

Snapshot and share results via Turbot Pipes:

powerpipe login
powerpipe control run oci_compliance.control.cis_v200_4_2 --share


This control uses a named query:

t.topic_id as resource,
when s.lifecycle_state = 'ACTIVE' then 'ok'
else 'alarm'
end as status,
when s.lifecycle_state = 'ACTIVE' then t.title || ' with active subscription.'
else t.title || ' with no active subscription.'
end as reason
, t.region as region, t.tenant_name as tenant
, coalesce(c.name, 'root') as compartment
oci_ons_notification_topic as t
inner join oci_ons_subscription as s on (t.topic_id = s.topic_id)
left join oci_identity_compartment as c on c.id = t.compartment_id;
