Notification Routing
Route specific event types to specific notification channels using configurable rules.
Overview
Notification routing extends the basic notification preferences by letting you create granular rules that direct events to the right channel based on conditions. Instead of sending all alerts to one Slack channel, you can route critical drift alerts to PagerDuty, scan completions to a Slack channel, and weekly summaries to email.
Routing vs. Basic Notifications
| Feature | Basic Notifications | Notification Routing |
|---|---|---|
| Channel selection | One channel per type | Multiple channels per rule |
| Conditions | Toggle on/off per event | Filter by severity, provider, resource type, event type |
| Flexibility | All-or-nothing | Fine-grained per-event-type routing |
| Use case | Simple setups | Teams with multiple channels and escalation needs |
Creating a Routing Rule
- Go to Settings > Integrations > Notification Routing
- Click Create Route
- The route editor modal opens with three sections: Conditions, Destination, and Settings
Conditions
Define when this route should fire. A route matches when all conditions are met.
| Condition | Options |
|---|---|
| Event Type | Drift detected, Scan completed, Scan failed, Runner offline, Discovery completed, Discovery failed, Guardrail triggered, PR created, PR merged |
| Severity | Critical, High, Medium, Low, Any |
| Provider | AWS, Azure, GCP, Any |
| Resource Type | Free text — e.g., aws_security_group, azurerm_virtual_machine |
TIP
Leave a condition set to Any to match all values for that field. For example, setting Severity to Any means the route fires regardless of drift severity.
Destinations
Select one or more channels to receive the notification when conditions match:
| Destination | Requirements |
|---|---|
| Slack | Webhook URL or Bot Token configured in Notifications |
| Microsoft Teams | Incoming Webhook configured in Notifications |
| PagerDuty | Events API v2 routing key configured |
| One or more Alert Groups configured | |
| Webhook | Custom webhook endpoint configured |
If using a Slack Bot Token, you can select a specific Slack channel for this route.
Settings
- Name — A descriptive label (e.g., "Critical drift to PagerDuty")
- Enabled — Toggle the route on or off without deleting it
- Description (optional) — Notes about the route's purpose
Managing Routes
Route List
The routing page shows all configured routes in a table:
| Column | Description |
|---|---|
| Name | Route label |
| Conditions | Summary of event type, severity, provider filters |
| Destination | Channel name(s) |
| Status | Enabled or Disabled badge |
| Actions | Edit, Test, Delete |
Editing a Route
Click the pencil icon on any route to re-open the route editor modal. Changes take effect immediately after saving.
Enabling and Disabling
Toggle the Enabled switch on any route to temporarily disable it without losing the configuration. Disabled routes are shown with a muted appearance.
Testing a Route
Click the Test button to send a synthetic test event through the route. This verifies that the destination channel receives the notification correctly.
WARNING
Test events are clearly labeled as "[TEST]" in the destination channel. PagerDuty test events are sent with info severity to avoid triggering real pages.
Deleting a Route
Click the trash icon and confirm to permanently delete a route.
Route Evaluation Order
When an event occurs, Controlinfra evaluates all enabled routes. Every route whose conditions match the event will fire. Routes are independent — there is no "first match wins" behavior.
If no routing rules match an event, it falls back to the basic notification preferences configured in Settings > Integrations > Notifications.
Example Configurations
Route critical drift to PagerDuty
| Field | Value |
|---|---|
| Name | Critical drift escalation |
| Event Type | Drift detected |
| Severity | Critical |
| Provider | Any |
| Destination | PagerDuty |
Route low-severity drift to Slack
| Field | Value |
|---|---|
| Name | Low severity to Slack |
| Event Type | Drift detected |
| Severity | Low |
| Provider | Any |
| Destination | Slack (#infra-low-priority) |
Route GCP scan failures to email
| Field | Value |
|---|---|
| Name | GCP scan failure alert |
| Event Type | Scan failed |
| Severity | Any |
| Provider | GCP |
| Destination | Email (Platform Engineers group) |
Route guardrail alerts to Teams
| Field | Value |
|---|---|
| Name | Guardrail violations |
| Event Type | Guardrail triggered |
| Severity | High, Critical |
| Provider | Any |
| Destination | Microsoft Teams (#security-alerts) |
Next Steps
- Notifications Setup - Configure notification channels
- Notification Routing Guide - Step-by-step setup walkthrough
- Drift Watch - Per-resource watch notifications