如何使用 terraform 定义具有多个操作的 aws_cloudwatch_metric_alarm?
[英]How to define aws_cloudwatch_metric_alarm with multiple actions with terraform?
问题描述
I used the AWS Console to set up a Cloud Watch alarm that will send my team a slack notification and reboot the affected EC2 instance, when the EC2 instance fails a StatusCheck fails.
我使用 AWS 控制台设置了一个 Cloud Watch 警报,当 EC2 实例失败且 StatusCheck 失败时,该警报将向我的团队发送松弛通知并重新启动受影响的 EC2 实例。
Here's what the actions look like in the AWS console: AWS 控制台中的操作如下所示:
Now I want to write a terraform module that will set this up for me.现在我想编写一个 terraform 模块来为我设置它。 Here is what I have so far:这是我到目前为止所拥有的:
cloudwatch_metric_alarm/main.tf cloudwatch_metric_alarm/main.tf
locals {
name = format("%s_ec2-instance-down-alarm", var.name_prefix)
}
resource "aws_cloudwatch_metric_alarm" "ec2-instance-alarm" {
name = local.name
description = var.alarm_description
schedule_expression = var.schedule_expression
tags = merge(map("Name", local.name), var.extra_tags)
alarm_name = local.name
comparison_operator = var.comparison_operator
evaluation_periods = var.evaluation_periods
namespace = var.namespace
metric_name = var.metric_name
period = var.period
statistic = var.statistic
threshold = var.threshold
dimensions = {
InstanceId = var.instance_id
}
alarm_actions = [var.alarm_actions]
}
cloudwatch_metric_alarm/variables.tf cloudwatch_metric_alarm/variables.tf
variable "extra_tags" {
type = map
default = {}
}
variable "name_prefix" {
type = string
}
variable "comparison_operator" {
type = string
default = "GreaterThanOrEqualToThreshold"
}
variable "evaluation_periods" {
type = number
default = 1
}
variable "namespace" {
type = string
default = "AWS/EC2"
}
variable "metric_name" {
type = string
default = "StatusCheckFailed"
}
variable "period" {
type = string
default = "60"
}
variable "statistic" {
type = string
default = "Average"
}
variable "threshold" {
type = string
default = "1"
}
variable "instance_id" {
type = string
}
variable "alarm_actions" {
type = list(string)
}
variable "alarm_description" {
type = string
default = "This alarm will send a slack notification if the bastion host because unresponsive."
}
My question what do I pass in for alarm_actions in my parent module.我的问题是在我的父模块中为alarm_actions传递什么。 Here's the pertinent of the parent main.tf :这是父main.tf的相关内容:
... other stuff ...
module "my-cloudwatch-metric-alarm" {
source = "./cloudwatch_metric_alarm"
alarm_actions = [???]
}
... other stuff ...
I have no idea what I am suppose to pass in as the alarm_actions .我不知道我应该作为alarm_actions传递什么。 What am I suppose to pass in?我应该传入什么?
Thanks!谢谢!
UPDATE and NOTE to Self.更新和自我说明。
I was getting the error message我收到错误消息
Error: Creating metric alarm failed: ValidationError: Invalid use of EC2 action. An EC2 action can only be used if the alarm is monitoring an EC2 instance.
The cause of this error was this line were I misspelled InstanceId :这个错误的原因是这一行是我拼错了InstanceId :
InstatnceId = var.instance_id
1 个解决方案
解决方案1
2 已采纳 2021-05-05 20:44:47
First, your var.alarm_actions is already a list, so adding brackets around it like [var.alarm_actions] is going to create a list of lists, which is going to cause errors.首先,你的var.alarm_actions已经是一个列表,所以像[var.alarm_actions]这样在它周围添加括号会创建一个列表列表,这会导致错误。 You just need to pass it directly to the resource like:您只需要将其直接传递给资源,例如:
alarm_actions = var.alarm_actions
For the first value you need to pass in that list, you need the ARN of the SNS topic you want to send the notifications to.对于您需要在该列表中传递的第一个值,您需要要将通知发送到的 SNS 主题的 ARN。 You would find that in the AWS SNS console.您会在 AWS SNS 控制台中找到它。 If Terraform is managing the SNS topic for you, then you should have access to the topic ARN in Terraform already.如果 Terraform 正在为您管理 SNS 主题,那么您应该已经可以访问 Terraform 中的主题 ARN。 Alternatively you could look it up via a datasource by topic name.或者,您可以通过主题名称通过数据源查找它。
For the second value, it is a special ARN that indicates to CloudWatch to reboot the instance being monitored.对于第二个值,它是一个特殊的 ARN,指示 CloudWatch 重新启动受监控的实例。 It looks like this: arn:aws:automate:<region>:ec2:reboot .它看起来像这样: arn:aws:automate:<region>:ec2:reboot 。 For example if your infrastructure is in us-east-1 then the ARN would be arn:aws:automate:us-east-1:ec2:reboot .例如,如果您的基础架构位于 us-east-1 中,则 ARN 将为arn:aws:automate:us-east-1:ec2:reboot 。 You could construct that dynamically in your Terraform code based on the region Terraform is deploying to by using the aws_region datasource in the Terraform AWS provider.您可以使用 Terraform AWS 提供商中的aws_region 数据源,根据 Terraform 部署到的区域,在 Terraform 代码中动态构建它。
Your final code may look something like this:您的最终代码可能如下所示:
data "aws_sns_topic" "alerts" {
name = "Your Topic Name"
}
data "aws_region" "current" {}
module "my-cloudwatch-metric-alarm" {
source = "./cloudwatch_metric_alarm"
alarm_actions = [
data.aws_sns_topic.alerts.arn,
"arn:aws:automate:${data.aws_region.current.name}:ec2:reboot"
]
}
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.