From 9ed446d3efcdd6d624b35828a326fb0b946cbea4 Mon Sep 17 00:00:00 2001 From: abhinavkumarsph Date: Mon, 30 Sep 2024 14:03:13 +0800 Subject: [PATCH] feat: alarm ok and insufficient_data state actions --- README.md | 8 +++--- alarms.tf | 72 +++++++++++++++++++++++++++++++++++++++------------- variables.tf | 20 ++++++++++++--- 3 files changed, 75 insertions(+), 25 deletions(-) diff --git a/README.md b/README.md index 9f94261..55a6986 100644 --- a/README.md +++ b/README.md @@ -41,7 +41,7 @@ | Name | Description | Type | Default | Required | |------|-------------|------|---------|:--------:| | [access\_policies](#input\_access\_policies) | IAM policy document specifying the access policies for the domain | `string` | `""` | no | -| [admin\_identifiers](#input\_admin\_identifiers) | Admin Identifiers to be allowed in the Access Policy of Opensearch Cluster | `list(string)` |
[
"*"
]
| no | +| [admin\_identifiers](#input\_admin\_identifiers) | Admin Identifiers to be allowed in the Access Policy of Opensearch Cluster | `list(string)` |
[
"*"
]
| no | | [advanced\_options](#input\_advanced\_options) | Note that the values for these configuration options must be strings (wrapped in quotes) or they may be wrong and cause a perpetual diff, causing Terraform to want to recreate your OpenSearch domain on every apply. | `map(string)` | `{}` | no | | [advanced\_security\_options\_enabled](#input\_advanced\_security\_options\_enabled) | Whether advanced security is enabled | `bool` | `false` | no | | [alarm\_actions](#input\_alarm\_actions) | The list of actions to execute when this alarm transitions into an ALARM state from any other state. Each action is specified as an Amazon Resource Name (ARN) | `list(string)` | `[]` | no | @@ -75,8 +75,9 @@ | [engine\_version](#input\_engine\_version) | Specify the engine version for the Amazon OpenSearch Service domain | `string` | `"OpenSearch_1.3"` | no | | [instance\_count](#input\_instance\_count) | The number of dedicated hot nodes in the cluster. | `number` | `3` | no | | [instance\_type](#input\_instance\_type) | The type of EC2 instances to run for each hot node. A list of available instance types can you find at https://aws.amazon.com/en/opensearch-service/pricing/#On-Demand_instance_pricing | `string` | `"t3.small.search"` | no | +| [insufficient\_data\_actions](#input\_insufficient\_data\_actions) | The list of actions to execute when this alarm transitions into an INSUFFICIENT\_DATA state from any other state | `list(string)` | `[]` | no | | [internal\_user\_database\_enabled](#input\_internal\_user\_database\_enabled) | Whether the internal user database is enabled | `bool` | `false` | no | -| [log\_publishing\_options](#input\_log\_publishing\_options) | Configuration block for publishing slow and application logs to CloudWatch Logs. |
map(object({
enabled = optional(bool, true)
cloudwatch_log_group_arn = optional(string, "")
}))
|
{
"audit_logs": {
"enabled": false
},
"index_slow_logs": {
"enabled": true
}
}
| no | +| [log\_publishing\_options](#input\_log\_publishing\_options) | Configuration block for publishing slow and application logs to CloudWatch Logs. |
map(object({
enabled = optional(bool, true)
cloudwatch_log_group_arn = optional(string, "")
}))
|
{
"audit_logs": {
"enabled": false
},
"index_slow_logs": {
"enabled": true
}
}
| no | | [maintenance\_schedule](#input\_maintenance\_schedule) | configuration for auto tune maintenance schedule | `map(any)` | `{}` | no | | [master\_instance\_count](#input\_master\_instance\_count) | The number of dedicated master nodes in the cluster. | `number` | `3` | no | | [master\_instance\_enabled](#input\_master\_instance\_enabled) | Indicates whether dedicated master nodes are enabled for the cluster. | `bool` | `true` | no | @@ -85,7 +86,8 @@ | [master\_user\_name](#input\_master\_user\_name) | Main user's username, which is stored in the Amazon OpenSearch Service domain's internal database | `string` | `""` | no | | [master\_user\_password](#input\_master\_user\_password) | Main user's password, which is stored in the Amazon OpenSearch Service domain's internal database | `string` | `""` | no | | [node\_to\_node\_encryption\_enabled](#input\_node\_to\_node\_encryption\_enabled) | Enable node-to-node encryption. | `bool` | `true` | no | -| [off\_peak\_window\_options](#input\_off\_peak\_window\_options) | Configuration for off peak window | `map(any)` |
{
"hours": 14,
"minutes": 0
}
| no | +| [off\_peak\_window\_options](#input\_off\_peak\_window\_options) | Configuration for off peak window | `map(any)` |
{
"hours": 14,
"minutes": 0
}
| no | +| [ok\_actions](#input\_ok\_actions) | The list of actions to execute when this alarm transitions into an OK state from any other state | `list(string)` | `[]` | no | | [rollback\_on\_disable](#input\_rollback\_on\_disable) | whether to roll back auto tune if auto tune is disabled | `string` | `"NO_ROLLBACK"` | no | | [saml\_enabled](#input\_saml\_enabled) | Whether SAML authentication is enabled | `bool` | `false` | no | | [saml\_entity\_id](#input\_saml\_entity\_id) | The unique Entity ID of the application in SAML Identity Provider. | `string` | `""` | no | diff --git a/alarms.tf b/alarms.tf index 2622477..4819dc0 100644 --- a/alarms.tf +++ b/alarms.tf @@ -20,7 +20,9 @@ locals { dimensions = { DomainName = aws_opensearch_domain.this.domain_name } - alarm_actions = var.alarm_actions + alarm_actions = var.alarm_actions + ok_actions = var.ok_actions + insufficient_data_actions = var.insufficient_data_actions } cluster_status_yellow = { @@ -40,7 +42,9 @@ locals { dimensions = { DomainName = aws_opensearch_domain.this.domain_name } - alarm_actions = var.alarm_actions + alarm_actions = var.alarm_actions + ok_actions = var.ok_actions + insufficient_data_actions = var.insufficient_data_actions } cluster_writes_blocked = { @@ -60,7 +64,9 @@ locals { dimensions = { DomainName = aws_opensearch_domain.this.domain_name } - alarm_actions = var.alarm_actions + alarm_actions = var.alarm_actions + ok_actions = var.ok_actions + insufficient_data_actions = var.insufficient_data_actions } unreachable_nodes = { @@ -80,7 +86,9 @@ locals { dimensions = { DomainName = aws_opensearch_domain.this.domain_name } - alarm_actions = var.alarm_actions + alarm_actions = var.alarm_actions + ok_actions = var.ok_actions + insufficient_data_actions = var.insufficient_data_actions } # /cluster status @@ -103,7 +111,9 @@ locals { dimensions = { DomainName = aws_opensearch_domain.this.domain_name } - alarm_actions = var.alarm_actions + alarm_actions = var.alarm_actions + ok_actions = var.ok_actions + insufficient_data_actions = var.insufficient_data_actions } master_high_cpu_utilization = { @@ -124,7 +134,9 @@ locals { dimensions = { DomainName = aws_opensearch_domain.this.domain_name } - alarm_actions = var.alarm_actions + alarm_actions = var.alarm_actions + ok_actions = var.ok_actions + insufficient_data_actions = var.insufficient_data_actions } warm_high_cpu_utilization = { @@ -146,7 +158,9 @@ locals { dimensions = { DomainName = aws_opensearch_domain.this.domain_name } - alarm_actions = var.alarm_actions + alarm_actions = var.alarm_actions + ok_actions = var.ok_actions + insufficient_data_actions = var.insufficient_data_actions } # /cpuutilization @@ -169,7 +183,9 @@ locals { dimensions = { DomainName = aws_opensearch_domain.this.domain_name } - alarm_actions = var.alarm_actions + alarm_actions = var.alarm_actions + ok_actions = var.ok_actions + insufficient_data_actions = var.insufficient_data_actions } data_high_oldjvm_pressure = { @@ -190,7 +206,9 @@ locals { dimensions = { DomainName = aws_opensearch_domain.this.domain_name } - alarm_actions = var.alarm_actions + alarm_actions = var.alarm_actions + ok_actions = var.ok_actions + insufficient_data_actions = var.insufficient_data_actions } master_high_jvm_pressure = { @@ -211,7 +229,9 @@ locals { dimensions = { DomainName = aws_opensearch_domain.this.domain_name } - alarm_actions = var.alarm_actions + alarm_actions = var.alarm_actions + ok_actions = var.ok_actions + insufficient_data_actions = var.insufficient_data_actions } master_high_oldjvm_pressure = { @@ -232,7 +252,9 @@ locals { dimensions = { DomainName = aws_opensearch_domain.this.domain_name } - alarm_actions = var.alarm_actions + alarm_actions = var.alarm_actions + ok_actions = var.ok_actions + insufficient_data_actions = var.insufficient_data_actions } # /jvmpressure @@ -256,7 +278,9 @@ locals { dimensions = { DomainName = aws_opensearch_domain.this.domain_name } - alarm_actions = var.alarm_actions + alarm_actions = var.alarm_actions + ok_actions = var.ok_actions + insufficient_data_actions = var.insufficient_data_actions } aos_key_inaccessible = { @@ -278,7 +302,9 @@ locals { dimensions = { DomainName = aws_opensearch_domain.this.domain_name } - alarm_actions = var.alarm_actions + alarm_actions = var.alarm_actions + ok_actions = var.ok_actions + insufficient_data_actions = var.insufficient_data_actions } # 5xx errors @@ -299,7 +325,9 @@ locals { dimensions = { DomainName = aws_opensearch_domain.this.domain_name } - alarm_actions = var.alarm_actions + alarm_actions = var.alarm_actions + ok_actions = var.ok_actions + insufficient_data_actions = var.insufficient_data_actions } # threadpool @@ -320,7 +348,9 @@ locals { dimensions = { DomainName = aws_opensearch_domain.this.domain_name } - alarm_actions = var.alarm_actions + alarm_actions = var.alarm_actions + ok_actions = var.ok_actions + insufficient_data_actions = var.insufficient_data_actions } threadpool_high_search_avg = { @@ -340,7 +370,9 @@ locals { dimensions = { DomainName = aws_opensearch_domain.this.domain_name } - alarm_actions = var.alarm_actions + alarm_actions = var.alarm_actions + ok_actions = var.ok_actions + insufficient_data_actions = var.insufficient_data_actions } threadpool_high_search_max = { @@ -360,7 +392,9 @@ locals { dimensions = { DomainName = aws_opensearch_domain.this.domain_name } - alarm_actions = var.alarm_actions + alarm_actions = var.alarm_actions + ok_actions = var.ok_actions + insufficient_data_actions = var.insufficient_data_actions } # Migrations @@ -382,7 +416,9 @@ locals { dimensions = { DomainName = aws_opensearch_domain.this.domain_name } - alarm_actions = var.alarm_actions + alarm_actions = var.alarm_actions + ok_actions = var.ok_actions + insufficient_data_actions = var.insufficient_data_actions } } diff --git a/variables.tf b/variables.tf index c528893..f5a0e35 100644 --- a/variables.tf +++ b/variables.tf @@ -413,16 +413,28 @@ variable "cloudwatch_log_group_retention_days" { ############ ## Alerts ## ############ +variable "create_alarms" { + description = "Whether to create default set of alarms" + type = bool + default = true +} + variable "alarm_actions" { description = "The list of actions to execute when this alarm transitions into an ALARM state from any other state. Each action is specified as an Amazon Resource Name (ARN)" type = list(string) default = [] } -variable "create_alarms" { - description = "Whether to create default set of alarms" - type = bool - default = true +variable "ok_actions" { + description = "The list of actions to execute when this alarm transitions into an OK state from any other state" + type = list(string) + default = [] +} + +variable "insufficient_data_actions" { + description = "The list of actions to execute when this alarm transitions into an INSUFFICIENT_DATA state from any other state" + type = list(string) + default = [] } variable "alarm_overrides" {