[英]Terraform AWS Cloudwatch alarm
以下是cloudwatch_metric_alarm resource
的示例:
resource "aws_cloudwatch_metric_alarm" "nlb_healthyhosts" {
alarm_name = "alarmname"
comparison_operator = "LessThanThreshold"
evaluation_periods = "1"
metric_name = "HealthyHostCount"
namespace = "AWS/NetworkELB"
period = "60"
statistic = "Average"
threshold = var.logstash_servers_count
alarm_description = "Number of healthy nodes in Target Group"
actions_enabled = "true"
alarm_actions = [aws_sns_topic.sns.arn]
ok_actions = [aws_sns_topic.sns.arn]
dimensions = {
TargetGroup = aws_lb_target_group.lb-tg.arn_suffix
LoadBalancer = aws_lb.lb.arn_suffix
}
}
我仍然不明白警报操作参数。 在 terraform 文档中,我们有:
alarm_actions - (可选)当此警报从任何其他 state 转换为 ALARM state 时要执行的操作列表。 每个操作都被指定为一个 Amazon 资源名称 (ARN)。
有人可以给我一个具体的例子,例如发送 Email / 和 / 创建一个 SNS 主题(没有退出主题 ARN)。
我非常感谢你的帮助。
如果您正在寻找一个示例,它看起来如下所示。
首先,您需要创建警报并在警报操作字段中引用您的 sns 主题 arn:
resource "aws_cloudwatch_metric_alarm" "nlb_healthyhosts" {
alarm_name = "alarmname"
comparison_operator = "LessThanThreshold"
evaluation_periods = "1"
metric_name = "HealthyHostCount"
namespace = "AWS/NetworkELB"
period = "60"
statistic = "Average"
threshold = var.logstash_servers_count
alarm_description = "Number of healthy nodes in Target Group"
actions_enabled = "true"
alarm_actions = [aws_sns_topic.alarm.arn]
dimensions = {
TargetGroup = aws_lb_target_group.lb-tg.arn_suffix
LoadBalancer = aws_lb.lb.arn_suffix
}
}
然后创建 SNS 主题并将您的 email 订阅到该主题:
# SNS topic to send emails with the Alerts
resource "aws_sns_topic" "alarm" {
name = "my-alarm-topic"
kms_master_key_id = aws_kms_key.sns_encryption_key.id
delivery_policy = <<EOF
{
"http": {
"defaultHealthyRetryPolicy": {
"minDelayTarget": 20,
"maxDelayTarget": 20,
"numRetries": 3,
"numMaxDelayRetries": 0,
"numNoDelayRetries": 0,
"numMinDelayRetries": 0,
"backoffFunction": "linear"
},
"disableSubscriptionOverrides": false,
"defaultThrottlePolicy": {
"maxReceivesPerSecond": 1
}
}
}
EOF
## This local exec, suscribes your email to the topic
provisioner "local-exec" {
command = "aws sns subscribe --topic-arn ${self.arn} --protocol email --notification-endpoint ${var.your_email} --region ${var.main_region}"
}
}
## KMS Key to encrypt the SNS topic (security best practises)
resource "aws_kms_key" "sns_encryption_key" {
description = "alarms sns topic encryption key"
deletion_window_in_days = 30
enable_key_rotation = true
}
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.