Terraform AWS Cloudwatch 警报

Question

Terraform AWS Cloudwatch 警报

Nid*_*o94 4 amazon-web-services amazon-cloudwatch terraform

这是一个示例cloudwatch_metric_alarm resource：

    resource "aws_cloudwatch_metric_alarm" "nlb_healthyhosts" {
  alarm_name          = "alarmname"
  comparison_operator = "LessThanThreshold"
  evaluation_periods  = "1"
  metric_name         = "HealthyHostCount"
  namespace           = "AWS/NetworkELB"
  period              = "60"
  statistic           = "Average"
  threshold           = var.logstash_servers_count
  alarm_description   = "Number of healthy nodes in Target Group"
  actions_enabled     = "true"
  alarm_actions       = [aws_sns_topic.sns.arn]
  ok_actions          = [aws_sns_topic.sns.arn]
  dimensions = {
    TargetGroup  = aws_lb_target_group.lb-tg.arn_suffix
    LoadBalancer = aws_lb.lb.arn_suffix
  }
}

Run Code Online (Sandbox Code Playgroud)

我仍然不明白警报操作参数。在 terraform 文档中，我们有：

Alarm_actions -（可选）当该警报从任何其他状态转换为 ALARM 状态时要执行的操作列表。每个操作都指定为 Amazon 资源名称 (ARN)。

有人可以给我一个具体的例子吗，例如发送电子邮件/和/创建 SNS 主题（没有现有主题 ARN ）。

我预先非常感谢您的帮助。

Answer 1

Jai*_*e S 5

如果您正在寻找示例，它将如下所示。

首先，您需要创建警报，并在警报操作字段中引用您的 sns 主题 arn：

resource "aws_cloudwatch_metric_alarm" "nlb_healthyhosts" {
  alarm_name          = "alarmname"
  comparison_operator = "LessThanThreshold"
  evaluation_periods  = "1"
  metric_name         = "HealthyHostCount"
  namespace           = "AWS/NetworkELB"
  period              = "60"
  statistic           = "Average"
  threshold           = var.logstash_servers_count
  alarm_description   = "Number of healthy nodes in Target Group"
  actions_enabled     = "true"
  alarm_actions       = [aws_sns_topic.alarm.arn]
  dimensions = {
    TargetGroup  = aws_lb_target_group.lb-tg.arn_suffix
    LoadBalancer = aws_lb.lb.arn_suffix
  }
}

Run Code Online (Sandbox Code Playgroud)

然后创建 SNS 主题并将您的电子邮件订阅到该主题：

# SNS topic to send emails with the Alerts
resource "aws_sns_topic" "alarm" {
  name              = "my-alarm-topic"
  kms_master_key_id = aws_kms_key.sns_encryption_key.id
  delivery_policy   = <<EOF
{
  "http": {
    "defaultHealthyRetryPolicy": {
      "minDelayTarget": 20,
      "maxDelayTarget": 20,
      "numRetries": 3,
      "numMaxDelayRetries": 0,
      "numNoDelayRetries": 0,
      "numMinDelayRetries": 0,
      "backoffFunction": "linear"
    },
    "disableSubscriptionOverrides": false,
    "defaultThrottlePolicy": {
      "maxReceivesPerSecond": 1
    }
  }
}
EOF
  ## This local exec, suscribes your email to the topic 
  provisioner "local-exec" {
    command = "aws sns subscribe --topic-arn ${self.arn} --protocol email --notification-endpoint ${var.your_email} --region ${var.main_region}"
  }
}


## KMS Key to encrypt the SNS topic (security best practises)
resource "aws_kms_key" "sns_encryption_key" {
  description             = "alarms sns topic encryption key"
  deletion_window_in_days = 30
  enable_key_rotation     = true
}

Run Code Online (Sandbox Code Playgroud)

归档时间：	4 年，7 月前
查看次数：	8044 次
最近记录：	4 年，7 月前