From 4888d6b9d3b159e729bca87a84c07364a460f9cf Mon Sep 17 00:00:00 2001
From: badra001 <donald.e.badrak.ii@census.gov>
Date: Wed, 31 May 2023 11:02:23 -0400
Subject: [PATCH] update to include composite

---
 CHANGELOG.md                             |  1 +
 vpn-transit-gateway/README.md            |  1 +
 vpn-transit-gateway/cloudwatch_alarms.tf | 18 ++++++++++++++++++
 3 files changed, 20 insertions(+)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 6c55c54..c55460f 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -320,3 +320,4 @@
 * 2.9.1 -- 2023-05-31
   - vpn-transit-gateway
     - add ok_action, update template, add version to description
+    - add composite alarms for whole site and all tunnels
diff --git a/vpn-transit-gateway/README.md b/vpn-transit-gateway/README.md
index a7f2820..771c876 100644
--- a/vpn-transit-gateway/README.md
+++ b/vpn-transit-gateway/README.md
@@ -71,6 +71,7 @@ No modules.
 
 | Name | Type |
 |------|------|
+| [aws_cloudwatch_composite_alarm.tgw_vpn](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_composite_alarm) | resource |
 | [aws_cloudwatch_composite_alarm.tgw_vpn_site](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_composite_alarm) | resource |
 | [aws_cloudwatch_log_group.log](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_log_group) | resource |
 | [aws_cloudwatch_metric_alarm.tgw_vpn](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_metric_alarm) | resource |
diff --git a/vpn-transit-gateway/cloudwatch_alarms.tf b/vpn-transit-gateway/cloudwatch_alarms.tf
index 90484db..0b9bd33 100644
--- a/vpn-transit-gateway/cloudwatch_alarms.tf
+++ b/vpn-transit-gateway/cloudwatch_alarms.tf
@@ -102,3 +102,21 @@ resource "aws_cloudwatch_composite_alarm" "tgw_vpn_site" {
   )
 }
 
+resource "aws_cloudwatch_composite_alarm" "tgw_vpn" {
+  alarm_name      = format("%v-all-tunnels.%v.%v", var.tgw_environment, local.account_alias, local.region)
+  actions_enabled = true
+  alarm_actions   = [var.cloudwatch_alarm_topic_arn]
+  ok_actions      = [var.cloudwatch_alarm_topic_arn]
+  alarm_description = templatefile("${path.module}/templates/vpn_tunnel_status_composite.alarm.tpl", {
+    "site"           = each.key,
+    "site_details"   = [for k, v in local.vpn_details : merge(v, { "key" = k })]
+    "module_name"    = local.base_tags["boc:tf_module_name"],
+    "module_version" = local._module_version
+  })
+  alarm_rule = join(" AND ", [for k, v in local.vpn_details : format("ALARM(%v)", aws_cloudwatch_metric_alarm.tgw_vpn[k].arn)])
+
+  tags = merge(
+    local.base_tags,
+    var.tags,
+  )
+}