Zabbix v4.4 AMI

This page contains all the information necessary for the deployment, configuration and use of the Zabbix AMI v4.4. If there is something specific missing, please let us know so we can add it.


  • AMI based on Ubuntu Bionic Beaver
  • Latest stable version of Zabbix 4.4 server installed
  • Latest stable version of Zabbix 4.4 web interface installed and configured.
  • Program configured and configurable for sending notification via AWS SNS.
  • Optimized with: nginx, PHP 7.2, mariadb server, zabbix 4.4 repository
  • CloudFormation Stack to create all necessary related resources (SNS, IAM, etc)
  • All languages of the web interface are installed and available

Installation and configuration


The installation follows the normal process of creating an instance in EC2. The recommended instance size is c5.large.

The security group usually includes the following permissions:

TypeProtocolRange of portsSource
(*) SSHTCP220.0.0.0/0
(*) HTTPSHTTPS4430.0.0.0/0
(*) Custom TCP rule TCPTCP10050 – 100520.0.0.0/0

The fields marked with (*) are essential, either to access the web interface or for the normal operation of the server.

Once the instance is running, we can access using:

  • SSH: Using the .pem that we have selected when launching the instance.
  • HTTPS: Using the url https: //zabbix.instance.ip/zabbix/, with user Admin and password the ID of the instance that we just created.

Configure SNS alerts sending

This Zabbix installation is now ready to ship using AWS SNS . This configuration allows us to avoid problems related to sending mail in AWS, and have an advanced and secure notification delivery system.

Up to 5 different SNS issues can be configured (to distinguish according to the importance of the shipment), which are “Not classified”, “Information”, “Warning”, “Average”, “High” and “Disaster”.

The recommended steps to configure notifications are:

CloudFormation Stack

As this ami needs to create additional resources in AWS, such as SNS issues, IAM roles and users, a ready cloudformation stack is offered to do the whole process automatically.

You can download this stack here

This stack allows you to:

  • Create up to 6 SNS topics (one for each type of severity)
  • Create an IAM Role to use desired SNS topics (recommended way)
  • Create an IAM user with permissions to use SNS (only if you dont want to use IAM roles)

When you launch the stack it will ask you to complete the following variables:

  • SNS0NotClassified: (True/False) If True, we create NotClassified SNS topic
  • SNS0NotClassifiedName: (String) Name for NotClassified SNS topic
  • SNS1Information: (True/False) If True, we create Information SNS topic
  • SNS1InformationName: (String) Name for Information SNS topic
  • SNS2Warning: (True/False) If True, we create Warning SNS topic
  • SNS2WarningName: (String) Name for Warning SNS topic
  • SNS3Average: (True/False) If True, we create Average SNS topic
  • SNS3AverageName: (String) Name for Average SNS topic
  • SNS4High: (True/False) If True, we create High SNS topic
  • SNS4HighName: (String) Name for High SNS topic
  • SNS5Disaster: (True/False) If True, we create Disaster SNS topic
  • SNS5DisasterName: (String) Name for Disaster SNS topic
  • CreateSNSRole: (True/False) If True, create IAM Role
  • CreateIAMUser: (True/False) If True, create IAM user to send notifications

NOTE: Although the name of each topic refers to an alert type, it is possible to create fewer topics than possible and repeat them in different types of alerts.

After create desired resources, you can get required info on Outputs page, as:

  • FirstSNS: First SNS topic ARN (if you selected create it)
  • SecondSNS: Second SNS topic ARN (if you selected create it)
  • ThirdSNS: Third SNS topic ARN (if you selected create it)
  • FourthSNS: Fourth SNS topic ARN (if you selected create it)
  • FifthSSNS: Fifth SNS topic ARN (if you selected create it)
  • SixthSNS: Sixth SNS topic ARN (if you selected create it)
  • ZabbixSendingUserAccessKeyId: Access Key for IAM user (if option was selected)
  • ZabbixSendingUserSecretAccessKey: Secret Key for IAM user (if option was selected)

So you can complete zabbix_sns.ini with them

Other configure options

SSL configuration valid with Let’s Encrypt

In order to configure a valid certificate we must first change the host name of the EC2 instance to allow us to generate the certificate. AWS does not allow certificates to be generated for the default name of the instance, because names (and IPs are volatile).

Personalization and support

If you need to customize the default options of the AMI, or have any questions or problems, you can write me at the address:

Last modified June 14, 2020