diff --git a/.github/workflows/readme.yml b/.github/workflows/readme.yml index cefeddd..9d83b2b 100644 --- a/.github/workflows/readme.yml +++ b/.github/workflows/readme.yml @@ -52,4 +52,3 @@ jobs: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # required SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_TERRAFORM }} # required if: always() - diff --git a/.github/workflows/terraform.yml b/.github/workflows/terraform.yml index 10e9868..85a0002 100644 --- a/.github/workflows/terraform.yml +++ b/.github/workflows/terraform.yml @@ -31,7 +31,9 @@ jobs: - ${{ needs.versionExtract.outputs.minVersion }} - ${{ needs.versionExtract.outputs.maxVersion }} directory: - - _example/ + - _example/anomaly_example/ + - _example/basic_example/ + - _example/expression_example/ steps: - name: Checkout diff --git a/.github/workflows/terratest.yml b/.github/workflows/terratest.yml index 732ac8f..a043a42 100644 --- a/.github/workflows/terratest.yml +++ b/.github/workflows/terratest.yml @@ -6,47 +6,27 @@ on: types: [labeled] jobs: - terraform: - name: 'Terraform' + Terratest: + name: 'terratest' runs-on: ubuntu-latest steps: - name: 'Checkout' - uses: actions/checkout@master + uses: actions/checkout@v2.3.4 - - name: Configure AWS Credentials + - name: 'Configure AWS Credentials' uses: clouddrove/configure-aws-credentials@v1 with: aws-access-key-id: ${{ secrets.TEST_AWS_ACCESS_KEY }} aws-secret-access-key: ${{ secrets.TEST_AWS_ACCESS_SECRET_KEY }} aws-region: us-east-2 - - name: 'Terratest anomaly_example' - if: ${{ github.event.label.name == 'terratest' }} + - name: 'terratest' uses: 'clouddrove/github-actions@v9.0.2' with: actions_subcommand: 'terratest' - tf_actions_working_dir: '_test/anomaly_example' - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - - - name: 'Terratest basic_example' - if: ${{ github.event.label.name == 'terratest' }} - uses: 'clouddrove/github-actions@v9.0.2' - with: - actions_subcommand: 'terratest' - tf_actions_working_dir: '_test/basic_example' - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - - - name: 'Terratest expression_example' - if: ${{ github.event.label.name == 'terratest' }} - uses: 'clouddrove/github-actions@v9.0.2' - with: - actions_subcommand: 'terratest' - tf_actions_working_dir: '_test/expression_example' - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + if: ${{ github.event.label.name == 'terratest' }} + tf_actions_working_dir: '_test' - name: 'Slack Notification' uses: clouddrove/action-slack@v2 @@ -57,4 +37,4 @@ jobs: env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # required SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_TERRAFORM }} # required - if: always() \ No newline at end of file + if: always() diff --git a/README.yaml b/README.yaml index 7baf1bb..82b1310 100644 --- a/README.yaml +++ b/README.yaml @@ -45,25 +45,29 @@ usage: |- module "alarm" { source = "clouddrove/cloudwatch-alarms/aws" version = "1.3.0" - name = "alarm" - environment = "test" - label_order = ["name", "environment"] - alarm_name = "cpu-alarm" - comparison_operator = "LessThanThreshold" - evaluation_periods = 2 - metric_name = "CPUUtilization" - namespace = "AWS/EC2" - period = "60" - statistic = "Average" - threshold = "40" - alarm_description = "This metric monitors ec2 cpu utilization" - alarm_actions = ["arn:aws:sns:eu-west-1:xxxxxxxxxxx:test"] + name = "alarm" + environment = "test" + label_order = ["name", "environment"] + + + alarm_name = "cpu-alarm" + comparison_operator = "GreaterThanOrEqualToThreshold" + evaluation_periods = 2 + metric_name = "CPUUtilization" + namespace = "AWS/EC2" + period = 60 + statistic = "Average" + threshold = 40 + alarm_description = "This metric monitors ec2 cpu utilization" + alarm_actions = [] + actions_enabled = true insufficient_data_actions = [] ok_actions = [] - dimensions = { - instance_id = "i-xxxxxxxxxxxxx" + dimensions = { + instance_id = module.ec2.instance_id[0] } + } ``` @@ -72,20 +76,21 @@ usage: |- module "alarm" { source = "clouddrove/cloudwatch-alarms/aws" version = "1.3.0" - name = "alarm" - environment = "test" - label_order = ["name", "environment"] - alarm_name = "cpu-alarm" - comparison_operator = "GreaterThanUpperThreshold" - evaluation_periods = 2 - threshold_metric_id = "e1" - query_expressions = [{ + name = "alarm" + environment = "test" + label_order = ["name", "environment"] + + alarm_name = "cpu-alarm" + comparison_operator = "GreaterThanUpperThreshold" + evaluation_periods = 2 + threshold_metric_id = "e1" + query_expressions = [{ id = "e1" expression = "ANOMALY_DETECTION_BAND(m1)" label = "CPUUtilization (Expected)" return_data = "true" }] - query_metrics = [{ + query_metrics = [{ id = "m1" return_data = "true" metric_name = "CPUUtilization" @@ -93,16 +98,17 @@ usage: |- period = "120" stat = "Average" unit = "Count" - dimensions = { + dimensions = { InstanceId = module.ec2.instance_id[0] } }] - alarm_description = "This metric monitors ec2 cpu utilization" - alarm_actions = [] + alarm_description = "This metric monitors ec2 cpu utilization" + alarm_actions = [] + actions_enabled = true insufficient_data_actions = [] ok_actions = [] - } + } ``` ### Epression Example @@ -110,36 +116,50 @@ usage: |- module "alarm" { source = "clouddrove/cloudwatch-alarms/aws" version = "1.3.0" - name = "alarm" - environment = "test" - label_order = ["name", "environment"] - expression_enabled = true - alarm_name = "cpu-alarm" - comparison_operator = "GreaterThanUpperThreshold" - evaluation_periods = 2 - threshold = 40 - query_expressions = [{ + name = "alarm" + environment = "test" + label_order = ["name", "environment"] + + expression_enabled = true + alarm_name = "cpu-alarm" + comparison_operator = "GreaterThanOrEqualToThreshold" + evaluation_periods = 2 + threshold = 40 + query_expressions = [{ id = "e1" - expression = "ANOMALY_DETECTION_BAND(m1)" - label = "CPUUtilization (Expected)" + expression = "m2/m1*100" + label = "Error Rate" return_data = "true" }] - query_metrics = [{ - id = "m1" - return_data = "true" - metric_name = "CPUUtilization" - namespace = "AWS/EC2" - period = "120" - stat = "Average" - unit = "Count" - dimensions = { - InstanceId = module.ec2.instance_id[0] - } + query_metrics = [ + { + id = "m1" + metric_name = "RequestCount" + namespace = "AWS/ApplicationELB" + period = "120" + stat = "Sum" + unit = "Count" + return_data = null + dimensions = { + LoadBalancer = "app/web" + } + }, { + id = "m2" + metric_name = "HTTPCode_ELB_5XX_Count" + namespace = "AWS/ApplicationELB" + period = "120" + stat = "Sum" + unit = "Count" + return_data = null + dimensions = { + LoadBalancer = "app/web" + } }] - alarm_description = "This metric monitors ec2 cpu utilization" - alarm_actions = [] + alarm_description = "This metric monitors ec2 cpu utilization" + alarm_actions = [] + actions_enabled = true insufficient_data_actions = [] ok_actions = [] - } + } ``` diff --git a/_example/anomaly_example/example.tf b/_example/anomaly_example/example.tf index b05ddc9..a41e4e3 100644 --- a/_example/anomaly_example/example.tf +++ b/_example/anomaly_example/example.tf @@ -1,7 +1,13 @@ +##--------------------------------------------------------------------------------------------------------------------------- +## Provider block added, Use the Amazon Web Services (AWS) provider to interact with the many resources supported by AWS. +##-------------------------------------------------------------------------------------------------------------------------- provider "aws" { region = "eu-west-1" } +##--------------------------------------------------------------------------------------------------------------------------- +## A VPC is a virtual network that closely resembles a traditional network that you'd operate in your own data center. +##-------------------------------------------------------------------------------------------------------------------------- module "vpc" { source = "clouddrove/vpc/aws" version = "1.3.1" @@ -13,6 +19,9 @@ module "vpc" { cidr_block = "172.16.0.0/16" } +##----------------------------------------------------- +## A subnet is a range of IP addresses in your VPC. +##----------------------------------------------------- module "public_subnets" { source = "clouddrove/subnet/aws" version = "1.3.0" @@ -30,6 +39,9 @@ module "public_subnets" { igw_id = module.vpc.igw_id } +##----------------------------------------------------- +## An AWS security group acts as a virtual firewall for incoming and outgoing traffic with http-https. +##----------------------------------------------------- module "http-https" { source = "clouddrove/security-group/aws" version = "1.3.0" @@ -43,6 +55,9 @@ module "http-https" { allowed_ports = [80, 443] } +##----------------------------------------------------- +## An AWS security group acts as a virtual firewall for incoming and outgoing traffic with ssh. +##----------------------------------------------------- module "ssh" { source = "clouddrove/security-group/aws" version = "1.3.0" @@ -56,6 +71,9 @@ module "ssh" { allowed_ports = [22] } +##----------------------------------------------------- +## Amazon EC2 provides cloud hosted virtual machines, called "instances", to run applications. +##----------------------------------------------------- module "ec2" { source = "clouddrove/ec2/aws" version = "1.3.0" @@ -83,6 +101,9 @@ module "ec2" { user_data = "./_bin/user_data.sh" } +##----------------------------------------------------------------------------- +## alarm module call. +##----------------------------------------------------------------------------- module "alarm" { source = "../../" diff --git a/_example/basic_example/example.tf b/_example/basic_example/example.tf index 483e1cf..175be19 100644 --- a/_example/basic_example/example.tf +++ b/_example/basic_example/example.tf @@ -1,7 +1,13 @@ +##--------------------------------------------------------------------------------------------------------------------------- +## Provider block added, Use the Amazon Web Services (AWS) provider to interact with the many resources supported by AWS. +##-------------------------------------------------------------------------------------------------------------------------- provider "aws" { region = "eu-west-1" } +##--------------------------------------------------------------------------------------------------------------------------- +## A VPC is a virtual network that closely resembles a traditional network that you'd operate in your own data center. +##-------------------------------------------------------------------------------------------------------------------------- module "vpc" { source = "clouddrove/vpc/aws" version = "1.3.1" @@ -14,6 +20,9 @@ module "vpc" { cidr_block = "172.16.0.0/16" } +##----------------------------------------------------- +## A subnet is a range of IP addresses in your VPC. +##----------------------------------------------------- module "public_subnets" { source = "clouddrove/subnet/aws" version = "1.3.0" @@ -31,6 +40,9 @@ module "public_subnets" { igw_id = module.vpc.igw_id } +##----------------------------------------------------- +## An AWS security group acts as a virtual firewall for incoming and outgoing traffic with http-https. +##----------------------------------------------------- module "http-https" { source = "clouddrove/security-group/aws" version = "1.3.0" @@ -45,6 +57,9 @@ module "http-https" { allowed_ports = [80, 443] } +##----------------------------------------------------- +## An AWS security group acts as a virtual firewall for incoming and outgoing traffic with ssh. +##----------------------------------------------------- module "ssh" { source = "clouddrove/security-group/aws" version = "1.3.0" @@ -59,6 +74,9 @@ module "ssh" { allowed_ports = [22] } +##----------------------------------------------------- +## Amazon EC2 provides cloud hosted virtual machines, called "instances", to run applications. +##----------------------------------------------------- module "ec2" { source = "clouddrove/ec2/aws" version = "1.3.0" @@ -85,6 +103,9 @@ module "ec2" { user_data = "./_bin/user_data.sh" } +##----------------------------------------------------------------------------- +## alarm module call. +##----------------------------------------------------------------------------- module "alarm" { source = "../../" diff --git a/_example/basic_example/versions.tf b/_example/basic_example/versions.tf deleted file mode 100644 index cbc6f9c..0000000 --- a/_example/basic_example/versions.tf +++ /dev/null @@ -1,11 +0,0 @@ -# Terraform version -terraform { - required_version = ">= 1.3.6" - - required_providers { - aws = { - source = "hashicorp/aws" - version = ">= 4.48.0" - } - } -} \ No newline at end of file diff --git a/_example/expression_example/example.tf b/_example/expression_example/example.tf index f1b1e4b..9200708 100644 --- a/_example/expression_example/example.tf +++ b/_example/expression_example/example.tf @@ -1,7 +1,13 @@ +##--------------------------------------------------------------------------------------------------------------------------- +## Provider block added, Use the Amazon Web Services (AWS) provider to interact with the many resources supported by AWS. +##-------------------------------------------------------------------------------------------------------------------------- provider "aws" { region = "eu-west-1" } +##--------------------------------------------------------------------------------------------------------------------------- +## A VPC is a virtual network that closely resembles a traditional network that you'd operate in your own data center. +##-------------------------------------------------------------------------------------------------------------------------- module "vpc" { source = "clouddrove/vpc/aws" version = "1.3.1" @@ -13,6 +19,9 @@ module "vpc" { cidr_block = "172.16.0.0/16" } +##----------------------------------------------------- +## A subnet is a range of IP addresses in your VPC. +##----------------------------------------------------- module "public_subnets" { source = "clouddrove/subnet/aws" version = "1.3.0" @@ -30,6 +39,9 @@ module "public_subnets" { igw_id = module.vpc.igw_id } +##----------------------------------------------------- +## An AWS security group acts as a virtual firewall for incoming and outgoing traffic with http-https. +##----------------------------------------------------- module "http-https" { source = "clouddrove/security-group/aws" version = "1.3.0" @@ -44,6 +56,9 @@ module "http-https" { allowed_ports = [80, 443] } +##----------------------------------------------------- +## An AWS security group acts as a virtual firewall for incoming and outgoing traffic with ssh. +##----------------------------------------------------- module "ssh" { source = "clouddrove/security-group/aws" version = "1.3.0" @@ -58,6 +73,9 @@ module "ssh" { allowed_ports = [22] } +##----------------------------------------------------- +## Amazon EC2 provides cloud hosted virtual machines, called "instances", to run applications. +##----------------------------------------------------- module "ec2" { source = "clouddrove/ec2/aws" version = "1.3.0" @@ -84,6 +102,9 @@ module "ec2" { user_data = "./_bin/user_data.sh" } +##----------------------------------------------------------------------------- +## alarm module call. +##----------------------------------------------------------------------------- module "alarm" { source = "../../" diff --git a/_example/expression_example/versions.tf b/_example/expression_example/versions.tf deleted file mode 100644 index cbc6f9c..0000000 --- a/_example/expression_example/versions.tf +++ /dev/null @@ -1,11 +0,0 @@ -# Terraform version -terraform { - required_version = ">= 1.3.6" - - required_providers { - aws = { - source = "hashicorp/aws" - version = ">= 4.48.0" - } - } -} \ No newline at end of file diff --git a/main.tf b/main.tf index ecd9422..f13808e 100644 --- a/main.tf +++ b/main.tf @@ -1,11 +1,6 @@ -# Managed By : CloudDrove -# Description : This Script is used to create Cloudwatch Alarms. -# Copyright @ CloudDrove. All Right Reserved. - -#Module : Label -#Description : This terraform module is designed to generate consistent label names and tags -# for resources. You can use terraform-labels to implement a strict naming -# convention. +##----------------------------------------------------------------------------- +## Labels module callled that will be used for naming and tags. +##----------------------------------------------------------------------------- module "labels" { source = "clouddrove/labels/aws" version = "1.3.0" @@ -18,8 +13,9 @@ module "labels" { enabled = var.enabled } -#Module : CLOUDWATCH METRIC ALARM -#Description : Terraform module creates Cloudwatch Alarm on AWS for monitoriing AWS services. +##----------------------------------------------------------------------------- +## creates Cloudwatch Alarm on AWS for monitoriing AWS services. +##----------------------------------------------------------------------------- resource "aws_cloudwatch_metric_alarm" "default" { count = var.enabled == true && var.expression_enabled == false && var.threshold_metric_id == "" ? 1 : 0 @@ -41,8 +37,9 @@ resource "aws_cloudwatch_metric_alarm" "default" { dimensions = var.dimensions } -#Module : CLOUDWATCH METRIC ALARM -#Description : Terraform module creates Cloudwatch Alarm on AWS for monitoriing AWS services. +##----------------------------------------------------------------------------- +## creates Cloudwatch Alarm on AWS for monitoriing AWS services. +##----------------------------------------------------------------------------- resource "aws_cloudwatch_metric_alarm" "expression" { count = var.enabled == true && var.expression_enabled == true && var.threshold_metric_id == "" ? 1 : 0 @@ -85,8 +82,9 @@ resource "aws_cloudwatch_metric_alarm" "expression" { } -#Module : CLOUDWATCH METRIC ALARM -#Description : Terraform module creates Cloudwatch Alarm on AWS for monitoriing AWS services. +##----------------------------------------------------------------------------- +## creates Cloudwatch Alarm on AWS for monitoriing AWS services. +##----------------------------------------------------------------------------- resource "aws_cloudwatch_metric_alarm" "anomaly" { count = var.enabled == true && var.expression_enabled == false && var.threshold_metric_id != "" ? 1 : 0 diff --git a/_example/anomaly_example/versions.tf b/versions.tf similarity index 64% rename from _example/anomaly_example/versions.tf rename to versions.tf index cbc6f9c..c3cde87 100644 --- a/_example/anomaly_example/versions.tf +++ b/versions.tf @@ -1,11 +1,11 @@ # Terraform version terraform { - required_version = ">= 1.3.6" + required_version = ">= 1.4.6" required_providers { aws = { source = "hashicorp/aws" - version = ">= 4.48.0" + version = ">= 5.1.0" } } -} \ No newline at end of file +}