[英]Terraform AWS Cloudwatch alarm
以下是cloudwatch_metric_alarm resource
的示例:
resource "aws_cloudwatch_metric_alarm" "nlb_healthyhosts" {
alarm_name = "alarmname"
comparison_operator = "LessThanThreshold"
evaluation_periods = "1"
metric_name = "HealthyHostCount"
namespace = "AWS/NetworkELB"
period = "60"
statistic = "Average"
threshold = var.logstash_servers_count
alarm_description = "Number of healthy nodes in Target Group"
actions_enabled = "true"
alarm_actions = [aws_sns_topic.sns.arn]
ok_actions = [aws_sns_topic.sns.arn]
dimensions = {
TargetGroup = aws_lb_target_group.lb-tg.arn_suffix
LoadBalancer = aws_lb.lb.arn_suffix
}
}
我仍然不明白警報操作參數。 在 terraform 文檔中,我們有:
alarm_actions - (可選)當此警報從任何其他 state 轉換為 ALARM state 時要執行的操作列表。 每個操作都被指定為一個 Amazon 資源名稱 (ARN)。
有人可以給我一個具體的例子,例如發送 Email / 和 / 創建一個 SNS 主題(沒有退出主題 ARN)。
我非常感謝你的幫助。
如果您正在尋找一個示例,它看起來如下所示。
首先,您需要創建警報並在警報操作字段中引用您的 sns 主題 arn:
resource "aws_cloudwatch_metric_alarm" "nlb_healthyhosts" {
alarm_name = "alarmname"
comparison_operator = "LessThanThreshold"
evaluation_periods = "1"
metric_name = "HealthyHostCount"
namespace = "AWS/NetworkELB"
period = "60"
statistic = "Average"
threshold = var.logstash_servers_count
alarm_description = "Number of healthy nodes in Target Group"
actions_enabled = "true"
alarm_actions = [aws_sns_topic.alarm.arn]
dimensions = {
TargetGroup = aws_lb_target_group.lb-tg.arn_suffix
LoadBalancer = aws_lb.lb.arn_suffix
}
}
然后創建 SNS 主題並將您的 email 訂閱到該主題:
# SNS topic to send emails with the Alerts
resource "aws_sns_topic" "alarm" {
name = "my-alarm-topic"
kms_master_key_id = aws_kms_key.sns_encryption_key.id
delivery_policy = <<EOF
{
"http": {
"defaultHealthyRetryPolicy": {
"minDelayTarget": 20,
"maxDelayTarget": 20,
"numRetries": 3,
"numMaxDelayRetries": 0,
"numNoDelayRetries": 0,
"numMinDelayRetries": 0,
"backoffFunction": "linear"
},
"disableSubscriptionOverrides": false,
"defaultThrottlePolicy": {
"maxReceivesPerSecond": 1
}
}
}
EOF
## This local exec, suscribes your email to the topic
provisioner "local-exec" {
command = "aws sns subscribe --topic-arn ${self.arn} --protocol email --notification-endpoint ${var.your_email} --region ${var.main_region}"
}
}
## KMS Key to encrypt the SNS topic (security best practises)
resource "aws_kms_key" "sns_encryption_key" {
description = "alarms sns topic encryption key"
deletion_window_in_days = 30
enable_key_rotation = true
}
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.