initial commit

modules/ManagementGovernance/Monitoring.RDS/README.md

@@ -0,0 +1,31 @@
+# Monitoring module 
+This module deploys the default cloudwatch metric monitoring
+
+## Notes
+Terraform lifecycle ignores tags to speed up terraform subsequent update. Cloudwatch alarm tags cannot be read on aws console anyway.
+AWS provider 4.47.0 or above is needed for datasource aws_db_instances (https://github.com/hashicorp/terraform-provider-aws/blob/main/CHANGELOG.md)
+
+## Example
+```terraform
+module "rds-instances" {
+  source        = "../../modules/util/resource-list"
+  resource-type = "rds"
+}
+
+module "rds-monitoring" {
+  # for_each = toset(var.rds-instance-ids)
+  cw-alarm-prefix            = local.cw-alarm-prefix
+  for_each                   = module.rds-instances.result-set
+  source                     = "../../modules/ManagementGovernance/Monitoring.RDS"
+  default-tags               = local.default-tags
+  rds-instance-name          = each.value
+  threshold-CpuUtilization   = 90
+  threshold-FreeableMemory   = 512 * 1024 * 1024
+  threshold-FreeStorageSpace = 5 * 1024 * 1024 * 1024
+  threshold-DiskQueueDepth   = 30
+  threshold-ReadLatency      = 0.03
+  threshold-WriteLatency     = 0.03
+  actions-enabled            = var.actions-enabled
+  sns-targets = var.sns-targets
+}
+```

modules/ManagementGovernance/Monitoring.RDS/main.tf

@@ -0,0 +1,19 @@
+resource "aws_cloudwatch_metric_alarm" "rds-alarms" {
+  for_each                  = var.settings
+  alarm_name                = "${each.value["ecccode"]}-RDS_${var.rds-instance-name}-${each.value["metric"]}"
+  comparison_operator       = each.value["comparison_operator"]
+  evaluation_periods        = each.value["evaluation_periods"]
+  metric_name               = each.value["metric"]
+  period                    = each.value["period"]
+  statistic                 = each.value["statistic"]
+  threshold                 = each.value["threshold"]
+  alarm_description         = "RDS:${each.value["metric"]}"
+  namespace                 = "AWS/RDS"
+  insufficient_data_actions = []
+  actions_enabled           = var.actions-enabled
+  alarm_actions             = [each.value["action"]]
+  ok_actions                = [each.value["action"]]
+  dimensions = {
+    DBInstanceIdentifier = var.rds-instance-name
+  }
+}

modules/ManagementGovernance/Monitoring.RDS/provider.tf

@@ -0,0 +1,9 @@
+terraform {
+  required_version = "~> 1.3.0"
+  required_providers {
+    aws = {
+      source  = "hashicorp/aws"
+      version = ">= 4.47.0"
+    }
+  }
+}

modules/ManagementGovernance/Monitoring.RDS/variables.tf

@@ -0,0 +1,4 @@
+variable cw-alarm-prefix {}
+variable actions-enabled {}
+variable rds-instance-name {}
+variable settings {}