From 9ee6722a0e13822ad57681f4807f4b80c8c6bc03 Mon Sep 17 00:00:00 2001 From: badra001 Date: Wed, 31 May 2023 10:07:57 -0400 Subject: [PATCH] add site composite --- vpn-transit-gateway/README.md | 1 + vpn-transit-gateway/cloudwatch_alarms.tf | 22 +++++++++++++++- ...vpn_tunnel_status_composite_site.alarm.tpl | 25 +++++++++++++++++++ 3 files changed, 47 insertions(+), 1 deletion(-) create mode 100644 vpn-transit-gateway/templates/vpn_tunnel_status_composite_site.alarm.tpl diff --git a/vpn-transit-gateway/README.md b/vpn-transit-gateway/README.md index cfb570c..a7f2820 100644 --- a/vpn-transit-gateway/README.md +++ b/vpn-transit-gateway/README.md @@ -71,6 +71,7 @@ No modules. | Name | Type | |------|------| +| [aws_cloudwatch_composite_alarm.tgw_vpn_site](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_composite_alarm) | resource | | [aws_cloudwatch_log_group.log](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_log_group) | resource | | [aws_cloudwatch_metric_alarm.tgw_vpn](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_metric_alarm) | resource | | [aws_customer_gateway.vpn](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/customer_gateway) | resource | diff --git a/vpn-transit-gateway/cloudwatch_alarms.tf b/vpn-transit-gateway/cloudwatch_alarms.tf index 5de634f..d924470 100644 --- a/vpn-transit-gateway/cloudwatch_alarms.tf +++ b/vpn-transit-gateway/cloudwatch_alarms.tf @@ -52,11 +52,11 @@ locals { resource "aws_cloudwatch_metric_alarm" "tgw_vpn" { for_each = var.enable_cloudwatch_alarms && var.cloudwatch_alarm_topic_arn != null ? local.vpn_details : {} + alarm_name = each.value.name actions_enabled = true alarm_actions = [var.cloudwatch_alarm_topic_arn] ok_actions = [var.cloudwatch_alarm_topic_arn] alarm_description = templatefile("${path.module}/templates/vpn_tunnel_status.alarm.tpl", merge(tomap(each.value), { "module_name" = local.base_tags["boc:tf_module_name"], "module_version" = local._module_version })) - alarm_name = each.value.name comparison_operator = "LessThanThreshold" datapoints_to_alarm = 5 dimensions = { @@ -75,3 +75,23 @@ resource "aws_cloudwatch_metric_alarm" "tgw_vpn" { var.tags, ) } + +resource "aws_cloudwatch_composite_alarm" "tgw_vpn_site" { + for_each = var.enable_cloudwatch_alarms && var.cloudwatch_alarm_topic_arn != null ? toset(distinct([for k, v in local.vpn_details : v.site])) : toset([]) + alarm_name = format("%v-%v-site-tunnels.%v.%v", each.key, var.tgw_environment, local.account_alias, local.region) + actions_enabled = true + alarm_actions = [var.cloudwatch_alarm_topic_arn] + ok_actions = [var.cloudwatch_alarm_topic_arn] + alarm_description = templatefile("${path.module}/templates/vpn_tunnel_status_composite_site.alarm.tpl", { + "site" = each.key, + "site_details" = [for k, v in local.vpn_details : merge(v, { "key" = k }) if v.site == each.key] + "module_name" = local.base_tags["boc:tf_module_name"], + "module_version" = local._module_version + }) + alarm_rule = join(" AND ", [for k, v in local.vpn_details : format("ALARM(%v)", aws_cloudwatch_metric_alarm.tgw_vpn[k].arn) if v.site == each.key]) + + tags = merge( + local.base_tags, + var.tags, + ) +} diff --git a/vpn-transit-gateway/templates/vpn_tunnel_status_composite_site.alarm.tpl b/vpn-transit-gateway/templates/vpn_tunnel_status_composite_site.alarm.tpl new file mode 100644 index 0000000..bc61e92 --- /dev/null +++ b/vpn-transit-gateway/templates/vpn_tunnel_status_composite_site.alarm.tpl @@ -0,0 +1,25 @@ + +# VPN Site Tunnel Status Change + +## ${site_details[0].account_alias} ${site_details[0].region} + +* account = ${site_details[0].account_alias} ${site_details[0].account_id} +* region = ${site_details[0].region} +* label = ${site_details[0].full_label} +* vpc + * id = ${site_details[0].vpc_id} + * cidr_block = ${site_details[0].cidr_block} + * name = ${site_details[0].vpc_short_name}-${site_details.[0].vpc_name} + * environment = ${site_details[0].vpn_environment} +* tunnels + * loopback = ${site_details[0].loopback} + * endpoint = ${site_details[0].customer_address} +%{ for t in site_details } + **${t.name}** + * vpn_connection = ${t.vpn_connection_id} + * tunnel_number = ${t.tunnel_number} + * tunnel_address = ${t.tunnel_address} + * tunnel_label = ${t.tunnel_label} +%{ endfor } + +_version = ${module_name} ${module_version}_