Public Cloud (Infra) Webhooks

Webhooks enable your applications to receive real-time notifications when events occur in your infrastructure and cloud resources. This eliminates the need for polling and ensures your systems stay synchronized with infrastructure changes, deployments, and resource modifications across all integrated platforms.

Unizo normalizes webhook events from AWS, Azure, Google Cloud, Terraform, Kubernetes, and other infrastructure providers into a consistent format. This means you write your webhook handler once and it works with all supported platforms.

Webhook Configuration

To set up webhooks for your integration, visit the Unizo Console Webhooks section for step-by-step configuration guide.

Supported Event Types

These are the event types currently supported by Unizo's Public Cloud (Infra) webhooks. The list keeps growing as we add support for more events across different platforms.

Event Type	Description	Trigger Conditions
resource:created	A new resource has been created	VM, container, database, or other resource creation
resource:updated	Resource configuration has been modified	Configuration changes, scaling, or tag updates
resource:deleted	A resource has been deleted	Resource termination or removal
deployment:started	Deployment process has started	Application or infrastructure deployment initiation
deployment:completed	Deployment successfully completed	Successful deployment completion
deployment:failed	Deployment failed	Deployment errors or rollback
scaling:triggered	Auto-scaling event triggered	Scale up or scale down based on metrics
maintenance:scheduled	Maintenance window scheduled	Planned maintenance or updates
cost:alert	Cost threshold exceeded	Budget alerts or cost anomalies

Webhook Security

All webhooks from Unizo include security headers to verify authenticity:

Headers

Header	Description
x-unizo-event-type	The type of event that triggered the webhook
x-unizo-signature	HMAC SHA-256 signature for request validation
x-unizo-timestamp	Unix timestamp when the event was sent
x-unizo-delivery-id	Unique identifier for this webhook delivery

Signature Verification

Verify the authenticity of incoming webhooks using HMAC SHA-256:

const crypto = require('crypto');

function verifyWebhookSignature(payload, signature, secret) {
  const expectedSignature = crypto
    .createHmac('sha256', secret)
    .update(payload)
    .digest('hex');
  
  return crypto.timingSafeEqual(
    Buffer.from(signature, 'hex'),
    Buffer.from(expectedSignature, 'hex')
  );
}

Event Details

Resource Events

Event Type	Description	Trigger Conditions
resource:created	A new resource has been created	VM, container, database, or other resource creation
resource:updated	Resource configuration has been modified	Configuration changes, scaling, or tag updates
resource:deleted	A resource has been deleted	Resource termination or removal

Resource Created

resource:created

Triggered when a new infrastructure resource is created

POSThttps://api.yourapp.com/webhooks/unizo/infrastructure

Headers

Name	Type	Required	Description
Content-Type	string	Yes	Always application/json
x-unizo-event-type	string	Yes	Event type: resource:created
x-unizo-webhook-id	string	Yes	Unique webhook configuration ID
x-unizo-delivery-id	string	Yes	Unique delivery ID for idempotency
x-unizo-signature	string	Yes	HMAC SHA-256 signature

Request Body Schema

Property	Type	Required	Description
type	string	Yes	Event type identifier
version	string	Yes	Webhook payload version
resource.id	string	Yes	Unique resource identifier
resource.name	string	Yes	Resource name
resource.type	string	Yes	Resource type (vm, container, database, etc.)
resource.region	string	Yes	Deployment region
resource.provider	string	Yes	Cloud provider
resource.configuration	object	Yes	Resource configuration
resource.tags	object	No	Resource tags
resource.createdDateTime	string	Yes	ISO 8601 timestamp
resource.createdBy	object	No	User or system that created the resource
integration	object	Yes	Integration details

Example Payload

{
  "type": "resource:created",
  "version": "1.0.0",
  "resource": {
    "id": "i-1234567890abcdef0",
    "name": "prod-web-server-01",
    "type": "vm",
    "region": "us-east-1",
    "provider": "aws",
    "configuration": {
      "instanceType": "t3.medium",
      "imageId": "ami-0123456789",
      "vpcId": "vpc-12345",
      "subnetId": "subnet-67890",
      "securityGroups": [
        "sg-web-prod"
      ]
    },
    "tags": {
      "Environment": "production",
      "Application": "web-app",
      "Owner": "platform-team"
    },
    "createdDateTime": "2024-01-15T14:00:00Z",
    "createdBy": {
      "id": "user-123",
      "email": "devops@example.com",
      "type": "user"
    }
  },
  "integration": {
    "type": "INFRASTRUCTURE",
    "id": "int_123456",
    "name": "AWS Production",
    "provider": "aws"
  }
}

Response

200 OK	Webhook processed successfully
400 Bad Request	Invalid webhook payload
401 Unauthorized	Invalid or missing signature

Resource Updated

resource:updated

Triggered when a resource configuration is modified

POSThttps://api.yourapp.com/webhooks/unizo/scm

Headers

Name	Type	Required	Description
Content-Type	string	Yes	Always application/json
x-unizo-event-type	string	Yes	Event type: resource:updated
x-unizo-webhook-id	string	Yes	Unique webhook configuration ID
x-unizo-delivery-id	string	Yes	Unique delivery ID for idempotency
x-unizo-signature	string	Yes	HMAC SHA-256 signature

Request Body Schema

Property	Type	Required	Description
type	string	Yes	Event type identifier
version	string	Yes	Webhook payload version
resource.id	string	Yes	Unique resource identifier
resource.name	string	Yes	Resource name
resource.type	string	Yes	Resource type
resource.changes	object	Yes	Object containing changed fields
resource.updatedDateTime	string	Yes	ISO 8601 timestamp
resource.updatedBy	object	No	User or system that updated the resource
integration	object	Yes	Integration details

Example Payload

{
  "type": "resource:updated",
  "version": "1.0.0",
  "resource": {
    "id": "i-1234567890abcdef0",
    "name": "prod-web-server-01",
    "type": "vm",
    "changes": {
      "instanceType": {
        "from": "t3.medium",
        "to": "t3.large"
      },
      "tags": {
        "added": {
          "ScalingGroup": "web-asg-prod"
        },
        "removed": {},
        "modified": {
          "LastModified": {
            "from": "2024-01-01",
            "to": "2024-01-15"
          }
        }
      }
    },
    "updatedDateTime": "2024-01-15T15:00:00Z",
    "updatedBy": {
      "id": "auto-scaling",
      "type": "system"
    }
  },
  "integration": {
    "type": "INFRASTRUCTURE",
    "id": "int_123456",
    "name": "AWS Production",
    "provider": "aws"
  }
}

Response

200 OK	Webhook processed successfully
400 Bad Request	Invalid webhook payload
401 Unauthorized	Invalid or missing signature

Resource Deleted

resource:deleted

Triggered when a resource is terminated or deleted

POSThttps://api.yourapp.com/webhooks/unizo/scm

Headers

Name	Type	Required	Description
Content-Type	string	Yes	Always application/json
x-unizo-event-type	string	Yes	Event type: resource:deleted
x-unizo-webhook-id	string	Yes	Unique webhook configuration ID
x-unizo-delivery-id	string	Yes	Unique delivery ID for idempotency
x-unizo-signature	string	Yes	HMAC SHA-256 signature

Request Body Schema

Property	Type	Required	Description
type	string	Yes	Event type identifier
version	string	Yes	Webhook payload version
resource.id	string	Yes	Unique resource identifier
resource.name	string	Yes	Resource name
resource.type	string	Yes	Resource type
resource.deletedDateTime	string	Yes	ISO 8601 timestamp
resource.deletedBy	object	No	User or system that deleted the resource
resource.reason	string	No	Reason for deletion
integration	object	Yes	Integration details

Example Payload

{
  "type": "resource:deleted",
  "version": "1.0.0",
  "resource": {
    "id": "i-1234567890abcdef0",
    "name": "prod-web-server-01",
    "type": "vm",
    "deletedDateTime": "2024-01-15T16:00:00Z",
    "deletedBy": {
      "id": "user-456",
      "email": "admin@example.com",
      "type": "user"
    },
    "reason": "Instance replaced by new deployment"
  },
  "integration": {
    "type": "INFRASTRUCTURE",
    "id": "int_123456",
    "name": "AWS Production",
    "provider": "aws"
  }
}

Response

200 OK	Webhook processed successfully
400 Bad Request	Invalid webhook payload
401 Unauthorized	Invalid or missing signature

Deployment Events

Event Type	Description	Trigger Conditions
deployment:started	Deployment process has started	Application or infrastructure deployment initiation
deployment:completed	Deployment successfully completed	Successful deployment completion
deployment:failed	Deployment failed	Deployment errors or rollback

Deployment Started

deployment:started

Triggered when a deployment process begins

POSThttps://api.yourapp.com/webhooks/unizo/scm

Headers

Name	Type	Required	Description
Content-Type	string	Yes	Always application/json
x-unizo-event-type	string	Yes	Event type: deployment:started
x-unizo-webhook-id	string	Yes	Unique webhook configuration ID
x-unizo-delivery-id	string	Yes	Unique delivery ID for idempotency
x-unizo-signature	string	Yes	HMAC SHA-256 signature

Request Body Schema

Property	Type	Required	Description
type	string	Yes	Event type identifier
version	string	Yes	Webhook payload version
deployment.id	string	Yes	Unique deployment identifier
deployment.name	string	Yes	Deployment name
deployment.environment	string	Yes	Target environment
deployment.version	string	Yes	Application or configuration version
deployment.type	string	Yes	Deployment type (rolling, blue-green, canary)
deployment.startedDateTime	string	Yes	ISO 8601 timestamp
deployment.initiatedBy	object	Yes	User or system that initiated deployment
integration	object	Yes	Integration details

Example Payload

{
  "type": "deployment:started",
  "version": "1.0.0",
  "deployment": {
    "id": "deploy-789",
    "name": "web-app-v2.5.0",
    "environment": "production",
    "version": "2.5.0",
    "type": "rolling",
    "startedDateTime": "2024-01-15T14:00:00Z",
    "initiatedBy": {
      "id": "ci-system",
      "name": "Jenkins Pipeline",
      "type": "system"
    }
  },
  "integration": {
    "type": "INFRASTRUCTURE",
    "id": "int_123456",
    "name": "Kubernetes Production",
    "provider": "kubernetes"
  }
}

Response

200 OK	Webhook processed successfully
400 Bad Request	Invalid webhook payload
401 Unauthorized	Invalid or missing signature

Deployment Completed

deployment:completed

Triggered when a deployment successfully completes

POSThttps://api.yourapp.com/webhooks/unizo/scm

Headers

Name	Type	Required	Description
Content-Type	string	Yes	Always application/json
x-unizo-event-type	string	Yes	Event type: deployment:completed
x-unizo-webhook-id	string	Yes	Unique webhook configuration ID
x-unizo-delivery-id	string	Yes	Unique delivery ID for idempotency
x-unizo-signature	string	Yes	HMAC SHA-256 signature

Request Body Schema

Property	Type	Required	Description
type	string	Yes	Event type identifier
version	string	Yes	Webhook payload version
deployment.id	string	Yes	Unique deployment identifier
deployment.name	string	Yes	Deployment name
deployment.environment	string	Yes	Target environment
deployment.version	string	Yes	Application or configuration version
deployment.duration	string	Yes	Deployment duration
deployment.completedDateTime	string	Yes	ISO 8601 timestamp
deployment.summary	object	Yes	Deployment summary statistics
integration	object	Yes	Integration details

Example Payload

{
  "type": "deployment:completed",
  "version": "1.0.0",
  "deployment": {
    "id": "deploy-789",
    "name": "web-app-v2.5.0",
    "environment": "production",
    "version": "2.5.0",
    "duration": "5m32s",
    "completedDateTime": "2024-01-15T14:05:32Z",
    "summary": {
      "nodesUpdated": 6,
      "podsReplaced": 18,
      "healthChecks": "passed",
      "rollbackRequired": false
    }
  },
  "integration": {
    "type": "INFRASTRUCTURE",
    "id": "int_123456",
    "name": "Kubernetes Production",
    "provider": "kubernetes"
  }
}

Response

200 OK	Webhook processed successfully
400 Bad Request	Invalid webhook payload
401 Unauthorized	Invalid or missing signature

Scaling Events

Event Type	Description	Trigger Conditions
scaling:triggered	Auto-scaling event triggered	Scale up or scale down based on metrics

Scaling Triggered

scaling:triggered

Triggered when auto-scaling adjusts resource capacity

POSThttps://api.yourapp.com/webhooks/unizo/scm

Headers

Name	Type	Required	Description
Content-Type	string	Yes	Always application/json
x-unizo-event-type	string	Yes	Event type: scaling:triggered
x-unizo-webhook-id	string	Yes	Unique webhook configuration ID
x-unizo-delivery-id	string	Yes	Unique delivery ID for idempotency
x-unizo-signature	string	Yes	HMAC SHA-256 signature

Request Body Schema

Property	Type	Required	Description
type	string	Yes	Event type identifier
version	string	Yes	Webhook payload version
scaling.resourceId	string	Yes	Resource being scaled
scaling.resourceType	string	Yes	Type of resource
scaling.direction	string	Yes	Scale direction: up or down
scaling.from	number	Yes	Previous capacity
scaling.to	number	Yes	New capacity
scaling.metric	object	Yes	Metric that triggered scaling
scaling.triggeredDateTime	string	Yes	ISO 8601 timestamp
integration	object	Yes	Integration details

Example Payload

{
  "type": "scaling:triggered",
  "version": "1.0.0",
  "scaling": {
    "resourceId": "asg-web-prod",
    "resourceType": "auto-scaling-group",
    "direction": "up",
    "from": 3,
    "to": 5,
    "metric": {
      "name": "cpu_utilization",
      "value": 85,
      "threshold": 80,
      "unit": "percent"
    },
    "triggeredDateTime": "2024-01-15T14:30:00Z"
  },
  "integration": {
    "type": "INFRASTRUCTURE",
    "id": "int_123456",
    "name": "AWS Production",
    "provider": "aws"
  }
}

Response

200 OK	Webhook processed successfully
400 Bad Request	Invalid webhook payload
401 Unauthorized	Invalid or missing signature

Cost Events

Event Type	Description	Trigger Conditions
cost:alert	Cost threshold exceeded	Budget alerts or cost anomalies

Cost Alert

cost:alert

Triggered when cloud costs exceed defined thresholds

POSThttps://api.yourapp.com/webhooks/unizo/scm

Headers

Name	Type	Required	Description
Content-Type	string	Yes	Always application/json
x-unizo-event-type	string	Yes	Event type: cost:alert
x-unizo-webhook-id	string	Yes	Unique webhook configuration ID
x-unizo-delivery-id	string	Yes	Unique delivery ID for idempotency
x-unizo-signature	string	Yes	HMAC SHA-256 signature

Request Body Schema

Property	Type	Required	Description
type	string	Yes	Event type identifier
version	string	Yes	Webhook payload version
cost.alertId	string	Yes	Cost alert identifier
cost.alertName	string	Yes	Alert name
cost.budget	number	Yes	Budget amount
cost.actual	number	Yes	Actual spend
cost.forecast	number	No	Forecasted spend
cost.currency	string	Yes	Currency code
cost.period	string	Yes	Budget period
cost.triggeredDateTime	string	Yes	ISO 8601 timestamp
integration	object	Yes	Integration details

Example Payload

{
  "type": "cost:alert",
  "version": "1.0.0",
  "cost": {
    "alertId": "budget-123",
    "alertName": "Monthly AWS Budget",
    "budget": 10000,
    "actual": 11250,
    "forecast": 13500,
    "currency": "USD",
    "period": "2024-01",
    "triggeredDateTime": "2024-01-15T12:00:00Z",
    "breakdown": {
      "compute": 6500,
      "storage": 2500,
      "network": 1500,
      "other": 750
    }
  },
  "integration": {
    "type": "INFRASTRUCTURE",
    "id": "int_123456",
    "name": "AWS Billing",
    "provider": "aws"
  }
}

Response

200 OK	Webhook processed successfully
400 Bad Request	Invalid webhook payload
401 Unauthorized	Invalid or missing signature

Webhook Delivery & Retries

Unizo implements automatic retry logic for failed webhook deliveries:

1. Initial Delivery: Immediate
2. First Retry: After 1 minute
3. Second Retry: After 5 minutes
4. Third Retry: After 15 minutes
5. Final Retry: After 1 hour

Webhooks are considered failed if:

• Your endpoint returns a non-2xx status code
• Connection timeout (30 seconds)
• SSL/TLS errors

Best Practices

1. Idempotency

Idempotent Webhook Handler

async function handleWebhook(request) {
const deliveryId = request.headers['x-unizo-delivery-id'];

// Check if already processed
if (await isProcessed(deliveryId)) {
  return { status: 200, message: 'Already processed' };
}

// Process webhook
await processWebhook(request.body);

// Mark as processed
await markProcessed(deliveryId);

return { status: 200 };
}

2. Async Processing

Asynchronous Processing

app.post('/webhooks/infrastructure', (req, res) => {
// Validate signature
if (!verifySignature(req)) {
  return res.status(401).send('Invalid signature');
}

// Queue for processing
infraQueue.add(req.body);

// Return immediately
res.status(200).send('OK');
});

3. Resource Tracking

Resource State Tracking

async function processResourceEvent(payload) {
const { resource, type } = payload;

switch (type) {
  case 'resource:created':
    await addToInventory(resource);
    await updateCostTracking(resource);
    break;
  
  case 'resource:updated':
    await updateInventory(resource);
    await checkComplianceRules(resource);
    break;
  
  case 'resource:deleted':
    await removeFromInventory(resource);
    await updateBilling(resource);
    break;
}

// Update CMDB
await updateCMDB(payload);
}

Need Help?

For webhook-related support:

• Contact support at support@unizo.ai