-
Notifications
You must be signed in to change notification settings - Fork 1
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #3 from prajwalakhuj/main
added cw alerts with sns, lambda and slack integration
- Loading branch information
Showing
11 changed files
with
508 additions
and
34 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,30 +1,36 @@ | ||
locals { | ||
name = "skaf" | ||
region = "us-east-1" | ||
region = "us-east-2" | ||
environment = "production" | ||
engine_version = "3.10.20" | ||
host_instance_type = "mq.m5.large" | ||
vpc_id = "vpc-069a755f3a7" | ||
subnet_ids = ["subnet-0bb23128ab"] | ||
kms_key_arn = "arn:aws:kms:us-east-1:2222222222:key/bcfdc1c5-241e467d90" | ||
allowed_security_groups = ["sg-0e8d8b08e40"] | ||
vpc_id = "vpc-074713b4396150ec8" | ||
subnet_ids = ["subnet-0ba8240c1d81a77d3"] | ||
kms_key_arn = "" | ||
allowed_security_groups = ["sg-00489964279928181"] | ||
} | ||
|
||
module "rabbitmq_broker" { | ||
source = "[email protected]:sq-ia/terraform-aws-rabbitmq.git" | ||
name = local.name | ||
username = "admin" | ||
storage_type = "ebs" | ||
engine_version = local.engine_version | ||
host_instance_type = local.host_instance_type | ||
environment = local.environment | ||
vpc_id = local.vpc_id | ||
subnet_ids = local.subnet_ids | ||
deployment_mode = "SINGLE_INSTANCE" | ||
apply_immediately = true | ||
publicly_accessible = false | ||
authentication_strategy = "simple" | ||
allowed_security_groups = local.allowed_security_groups | ||
source = "[email protected]:sq-ia/terraform-aws-rabbitmq.git" | ||
name = local.name | ||
username = "admin" | ||
storage_type = "ebs" | ||
engine_version = local.engine_version | ||
host_instance_type = local.host_instance_type | ||
environment = local.environment | ||
vpc_id = local.vpc_id | ||
subnet_ids = local.subnet_ids | ||
deployment_mode = "SINGLE_INSTANCE" | ||
apply_immediately = true | ||
publicly_accessible = false | ||
authentication_strategy = "simple" | ||
allowed_security_groups = local.allowed_security_groups | ||
cloudwatch_metric_alarms_enabled = true | ||
alarm_cpu_threshold_percent = 70 | ||
alarm_memory_used_threshold = "10000000" # in bytes | ||
slack_username = "" | ||
slack_channel = "" | ||
slack_webhook_url = "https://hooks.slack.com/services/xxxxxxxxx" | ||
maintenance_window_start_time = { | ||
day_of_week = "SUNDAY" | ||
time_of_day = "00:30" | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,59 @@ | ||
## Lambda for SNS | ||
![squareops_avatar] | ||
|
||
[squareops_avatar]: https://squareops.com/wp-content/uploads/2022/12/squareops-logo.png | ||
|
||
### [SquareOps Technologies](https://squareops.com/) Your DevOps Partner for Accelerating cloud journey. | ||
<br> | ||
|
||
Here is Lambda that calls the Slack webhook and passes the alarm message as the payload. | ||
<!-- BEGINNING OF PRE-COMMIT-TERRAFORM DOCS HOOK --> | ||
## Requirements | ||
|
||
No requirements. | ||
|
||
## Providers | ||
|
||
| Name | Version | | ||
|------|---------| | ||
| <a name="provider_aws"></a> [aws](#provider\_aws) | n/a | | ||
|
||
## Modules | ||
|
||
No modules. | ||
|
||
## Resources | ||
|
||
| Name | Type | | ||
|------|------| | ||
| [aws_cloudwatch_log_group.lambda](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_log_group) | resource | | ||
| [aws_iam_role.lambda_exec_role](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role) | resource | | ||
| [aws_iam_role_policy.lambda_cwl_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy) | resource | | ||
| [aws_lambda_function.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/lambda_function) | resource | | ||
| [aws_iam_policy_document.lambda_cwl_access](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source | | ||
| [aws_iam_policy_document.lambda_exec_role_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source | | ||
|
||
## Inputs | ||
|
||
| Name | Description | Type | Default | Required | | ||
|------|-------------|------|---------|:--------:| | ||
| <a name="input_artifact_file"></a> [artifact\_file](#input\_artifact\_file) | The path to the function's deployment package within the local filesystem | `string` | `null` | no | | ||
| <a name="input_cwl_retention_days"></a> [cwl\_retention\_days](#input\_cwl\_retention\_days) | The retention time in days for the CloudWatch Logs Stream. | `number` | `30` | no | | ||
| <a name="input_description"></a> [description](#input\_description) | Description of what the Lambda Function does. | `string` | `null` | no | | ||
| <a name="input_environment"></a> [environment](#input\_environment) | The Lambda environment's configuration settings. | `map(string)` | `{}` | no | | ||
| <a name="input_handler"></a> [handler](#input\_handler) | The function entrypoint in the code. | `string` | `"index.handler"` | no | | ||
| <a name="input_memory_size"></a> [memory\_size](#input\_memory\_size) | Amount of memory in MB your Lambda Function can use at runtime. | `number` | `128` | no | | ||
| <a name="input_name"></a> [name](#input\_name) | A unique name for the Lambda Function. | `string` | n/a | yes | | ||
| <a name="input_runtime"></a> [runtime](#input\_runtime) | The Runtime used in the Lambda Function. | `string` | n/a | yes | | ||
| <a name="input_tags"></a> [tags](#input\_tags) | A mapping of tags to assign to the module resources. | `map(string)` | `{}` | no | | ||
| <a name="input_timeout"></a> [timeout](#input\_timeout) | The amount of time your Lambda Function has to run in seconds. | `number` | `6` | no | | ||
|
||
## Outputs | ||
|
||
| Name | Description | | ||
|------|-------------| | ||
| <a name="output_arn"></a> [arn](#output\_arn) | The ARN identifying the Lambda Function. | | ||
| <a name="output_exec_role_id"></a> [exec\_role\_id](#output\_exec\_role\_id) | The ID of the Function's IAM Role. | | ||
| <a name="output_invoke_arn"></a> [invoke\_arn](#output\_invoke\_arn) | The ARN to be used for invoking Lambda Function from API Gateway. | | ||
| <a name="output_name"></a> [name](#output\_name) | The name of the Lambda Function. | | ||
<!-- END OF PRE-COMMIT-TERRAFORM DOCS HOOK --> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,32 @@ | ||
# Lambda Assume Role policy | ||
data "aws_iam_policy_document" "lambda_exec_role_policy" { | ||
statement { | ||
sid = "LambdaExecRolePolicy" | ||
effect = "Allow" | ||
principals { | ||
identifiers = [ | ||
"lambda.amazonaws.com", | ||
] | ||
type = "Service" | ||
} | ||
actions = [ | ||
"sts:AssumeRole", | ||
] | ||
} | ||
} | ||
|
||
# Lambda CloudWatch Logs access | ||
data "aws_iam_policy_document" "lambda_cwl_access" { | ||
statement { | ||
sid = "LambdaCreateCloudWatchLogGroup" | ||
effect = "Allow" | ||
actions = [ | ||
"logs:PutLogEvents", | ||
"logs:CreateLogStream", | ||
"logs:CreateLogGroup" | ||
] | ||
resources = [ | ||
"arn:aws:logs:*:*:log-group:/aws/lambda/*:*:*" | ||
] | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,10 @@ | ||
resource "aws_iam_role" "lambda_exec_role" { | ||
name = "${replace(title(var.name), "-", "")}LambdaExecRole" | ||
assume_role_policy = data.aws_iam_policy_document.lambda_exec_role_policy.json | ||
} | ||
|
||
resource "aws_iam_role_policy" "lambda_cwl_policy" { | ||
name = "${replace(title(var.name), "-", "")}LambdaCWLogsPolicy" | ||
role = aws_iam_role.lambda_exec_role.id | ||
policy = data.aws_iam_policy_document.lambda_cwl_access.json | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,26 @@ | ||
resource "aws_cloudwatch_log_group" "lambda" { | ||
name = "/aws/lambda/${var.name}" | ||
retention_in_days = var.cwl_retention_days | ||
tags = var.tags | ||
} | ||
|
||
resource "aws_lambda_function" "this" { | ||
function_name = var.name | ||
description = var.description | ||
filename = var.artifact_file | ||
source_code_hash = var.artifact_file != null ? filebase64sha256(var.artifact_file) : null | ||
role = aws_iam_role.lambda_exec_role.arn | ||
handler = var.handler | ||
runtime = var.runtime | ||
memory_size = var.memory_size | ||
timeout = var.timeout | ||
|
||
dynamic "environment" { | ||
for_each = (length(var.environment) > 0 ? [1] : []) | ||
content { | ||
variables = var.environment | ||
} | ||
} | ||
|
||
tags = var.tags | ||
} |
Oops, something went wrong.