Terraform AWS Cloudwatch 警报

Question

Here is an example of a cloudwatch_metric_alarm resource :以下是cloudwatch_metric_alarm resource的示例：

    resource "aws_cloudwatch_metric_alarm" "nlb_healthyhosts" {
  alarm_name          = "alarmname"
  comparison_operator = "LessThanThreshold"
  evaluation_periods  = "1"
  metric_name         = "HealthyHostCount"
  namespace           = "AWS/NetworkELB"
  period              = "60"
  statistic           = "Average"
  threshold           = var.logstash_servers_count
  alarm_description   = "Number of healthy nodes in Target Group"
  actions_enabled     = "true"
  alarm_actions       = [aws_sns_topic.sns.arn]
  ok_actions          = [aws_sns_topic.sns.arn]
  dimensions = {
    TargetGroup  = aws_lb_target_group.lb-tg.arn_suffix
    LoadBalancer = aws_lb.lb.arn_suffix
  }
}

I still don't understand the Alarm Actions Argument.我仍然不明白警报操作参数。 In the terraform documentation, we have:在 terraform 文档中，我们有：

alarm_actions - (Optional) The list of actions to execute when this alarm transitions into an ALARM state from any other state. alarm_actions - （可选）当此警报从任何其他 state 转换为 ALARM state 时要执行的操作列表。 Each action is specified as an Amazon Resource Name (ARN).每个操作都被指定为一个 Amazon 资源名称 (ARN)。

Could someone give me a concrete example for that, for example sending an Email / and / Creating an SNS Topic ( without an exiting topic ARN ).有人可以给我一个具体的例子，例如发送 Email / 和 / 创建一个 SNS 主题（没有退出主题 ARN）。

I thank you so much in advance for your help.我非常感谢你的帮助。

Answer 1

If you are looking for an example, it would looks like as follow.如果您正在寻找一个示例，它看起来如下所示。

First you need to create your alarm and in the in the alarm actions field reference to your sns topic arn:首先，您需要创建警报并在警报操作字段中引用您的 sns 主题 arn：

resource "aws_cloudwatch_metric_alarm" "nlb_healthyhosts" {
  alarm_name          = "alarmname"
  comparison_operator = "LessThanThreshold"
  evaluation_periods  = "1"
  metric_name         = "HealthyHostCount"
  namespace           = "AWS/NetworkELB"
  period              = "60"
  statistic           = "Average"
  threshold           = var.logstash_servers_count
  alarm_description   = "Number of healthy nodes in Target Group"
  actions_enabled     = "true"
  alarm_actions       = [aws_sns_topic.alarm.arn]
  dimensions = {
    TargetGroup  = aws_lb_target_group.lb-tg.arn_suffix
    LoadBalancer = aws_lb.lb.arn_suffix
  }
}

Then create the SNS topic and subscribe your email to that topic:然后创建 SNS 主题并将您的 email 订阅到该主题：

# SNS topic to send emails with the Alerts
resource "aws_sns_topic" "alarm" {
  name              = "my-alarm-topic"
  kms_master_key_id = aws_kms_key.sns_encryption_key.id
  delivery_policy   = <<EOF
{
  "http": {
    "defaultHealthyRetryPolicy": {
      "minDelayTarget": 20,
      "maxDelayTarget": 20,
      "numRetries": 3,
      "numMaxDelayRetries": 0,
      "numNoDelayRetries": 0,
      "numMinDelayRetries": 0,
      "backoffFunction": "linear"
    },
    "disableSubscriptionOverrides": false,
    "defaultThrottlePolicy": {
      "maxReceivesPerSecond": 1
    }
  }
}
EOF
  ## This local exec, suscribes your email to the topic 
  provisioner "local-exec" {
    command = "aws sns subscribe --topic-arn ${self.arn} --protocol email --notification-endpoint ${var.your_email} --region ${var.main_region}"
  }
}


## KMS Key to encrypt the SNS topic (security best practises)
resource "aws_kms_key" "sns_encryption_key" {
  description             = "alarms sns topic encryption key"
  deletion_window_in_days = 30
  enable_key_rotation     = true
}

Terraform AWS Cloudwatch 警报

问题描述

1 个解决方案

解决方案1
2 已采纳 2021-02-24 16:46:20

Terraform AWS Cloudwatch 警报

问题描述

1 个解决方案

解决方案1 2 已采纳 2021-02-24 16:46:20

解决方案1
2 已采纳 2021-02-24 16:46:20