initial commit

2026-02-13 15:44:24 +08:00
parent 66be8224f4
commit 09ce4c881a
570 changed files with 61807 additions and 0 deletions
@@ -0,0 +1,5 @@
+# Monitoring module 
+This module deploys the default cloudwatch metric monitoring
+
+## Notes
+Terraform lifecycle ignores tags to speed up terraform subsequent update. Cloudwatch alarm tags cannot be read on aws console anyway.
@@ -0,0 +1,46 @@
+resource "aws_cloudwatch_event_rule" "EventRule" {
+  name          = "${var.cw-alarm-prefix}-health-events"
+  description   = "A CloudWatch Event Rule that triggers on changes in the status of AWS Personal Health Dashboard (AWS Health) and forwards the events to an SNS topic."
+  state         = var.actions-enabled
+  event_pattern = <<PATTERN
+{
+  "detail": {
+    "service": ["DIRECTCONNECT", "VPN", "LAMBDA", "EC2", "RDS"]
+  },
+  "detail-type": [
+    "AWS Health Event"
+  ],
+  "source": [
+    "aws.health"
+  ]
+}
+PATTERN
+  lifecycle {
+    ignore_changes = [tags["LastModified"]]
+  }
+}
+
+resource "aws_cloudwatch_event_target" "TargetForEventRule" {
+  rule = aws_cloudwatch_event_rule.EventRule.name
+  # target_id = "health-event-notification-sns"
+  arn = var.settings.healthEvents.action
+  input_transformer {
+    input_paths = {
+      "account" : "$.account",
+      "endTime" : "$.detail.endTime",
+      "message" : "$.detail.eventDescription[0].latestDescription",
+      "resources" : "$.resources",
+      "service" : "$.detail.service",
+      "startTime" : "$.detail.startTime"
+    }
+    input_template = <<EOF
+"A maintenance has been scheduled for <service> on AWS account <account>."
+
+"Resources: <resources>"
+"Start time: <startTime>"
+"End time: <endTime>"
+
+"Detail: <message>"
+EOF
+  }
+}
@@ -0,0 +1,9 @@
+terraform {
+  required_version = "~> 1.3.0"
+  required_providers {
+    aws = {
+      source  = "hashicorp/aws"
+      version = ">= 4.36.1"
+    }
+  }
+}
@@ -0,0 +1,3 @@
+variable cw-alarm-prefix {}
+variable actions-enabled {}
+variable settings {}