xpk/terraform.aws-baseline-infra
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

UPD: various updates on cloudwatch monitoring from upstream

Browse Source
This commit is contained in:
xpk 2024-01-24 11:18:35 +08:00
parent 436b799ff1
commit 1fe92a3f78
Signed by: xpk
GPG Key ID: CD4FF6793F09AB86
4 changed files with 207 additions and 122 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
modules/ManagementGovernance/Cwl-firehose-s3/README.md
View File

@ -43,14 +43,18 @@ No modules.
| cwl-region | AWS region where Cloudwatch LogGroup resides. Needed for setting up cwlog-stream-role | `string` | n/a | yes | | cwl-region | AWS region where Cloudwatch LogGroup resides. Needed for setting up cwlog-stream-role | `string` | n/a | yes |
| dest-bucket-arn | Destination S3 bucket ARN | `string` | n/a | yes | | dest-bucket-arn | Destination S3 bucket ARN | `string` | n/a | yes |
| dest-bucket-kmskey-arn | KMS key ARN for destination bucket | `string` | n/a | yes | | dest-bucket-kmskey-arn | KMS key ARN for destination bucket | `string` | n/a | yes |
| dest-bucket-prefix | S3 object prefix for this stream | `string` | n/a | yes | | dest-bucket-prefix | S3 object prefix for this stream. Please do not start with / end with a /. For example, r53-log/acme.local/ | `string` | n/a | yes |
| enable-firehose-errorlog | Enable firehose errorlog | `bool` | `false` | no |
| firehose-kmskey-arn | KMS Key arn for Firehose | `string` | n/a | yes | | firehose-kmskey-arn | KMS Key arn for Firehose | `string` | n/a | yes |
| source-cwlgroup-name | Name of source CloudwatchLog group | `string` | n/a | yes | | source-cwlgroup-name | Name of source CloudwatchLog group | `string` | n/a | yes |
| stream-name | Name of Kinesis Data Firehose delivery stream | `string` | n/a | yes | | stream-name | Name of Kinesis Data Firehose delivery stream | `string` | n/a | yes |
## Outputs ## Outputs
No outputs. | Name | Description |
|------|-------------|
| cloudwatchstream-iam-role-arn | n/a |
| firehose-iam-role-arn | n/a |
--- ---
## Authorship ## Authorship

7
modules/ManagementGovernance/Cwl-firehose-s3/outputs.tf Normal file
View File

@ -0,0 +1,7 @@
output firehose-iam-role-arn {
value = aws_iam_role.firehose-stream-iam-role.arn
}
output cloudwatchstream-iam-role-arn {
value = aws_iam_role.cwlog-stream-role.arn
}

43
modules/ManagementGovernance/Monitoring.EC2/README.md
View File

@ -29,3 +29,46 @@ module "ec2-monitoring" {
sns-targets = var.sns-targets sns-targets = var.sns-targets
} }
``` ```
## Sample cloudwatch alarm email notification
```
Subject: ALARM: "TestAlarmPleaseIgnore" in Asia Pacific (Hong Kong)
You are receiving this email because your Amazon CloudWatch Alarm "TestAlarmPleaseIgnore" in the
Asia Pacific (Hong Kong) region has entered the ALARM state, because "Threshold Crossed: 1 out of
the last 1 datapoints [864.0 (24/01/24 00:56:00)] was less than or equal to the threshold (900.0)
(minimum 1 datapoint for OK -> ALARM transition)." at "Wednesday 24 January, 2024 01:01:34 UTC".
View this alarm in the AWS Management Console:
https://ap-east-1.console.aws.amazon.com%2Fcloudwatch...
Alarm Details:
- Name: TestAlarmPleaseIgnore
- Description: Cloudwatch alarm for the following resource
- Instance ID: xxx
- Instance Name: yyy
- Instance IP: zz.zz.zz.zz
- State Change: OK -> ALARM
- Reason for State Change: Threshold Crossed: 1 out of the last 1 datapoints [864.0 (24/01/24 00:56:00)] was less than or equal to the threshold (900.0) (minimum 1 datapoint for OK -> ALARM transition).
- Timestamp: Wednesday 24 January, 2024 01:01:34 UTC
- AWS Account: 111122223333
- Alarm Arn: arn:aws:cloudwatch:ap-east-1:111122223333:alarm:TestAlarmPleaseIgnore
Threshold:
- The alarm is in the ALARM state when the metric is LessThanOrEqualToThreshold 900.0 for at least 1 of the last 1 period(s) of 300 seconds.
Monitored Metric:
- MetricNamespace: AWS/EC2
- MetricName: CPUCreditBalance
- Dimensions: [InstanceId = i-050d4adeafaa53cd0]
- Period: 300 seconds
- Statistic: Average
- Unit: not specified
- TreatMissingData: missing
State Change Actions:
- OK:
- ALARM: [arn:aws:sns:ap-east-1:111122223333:CWA-SNS-Email-KenFong]
- INSUFFICIENT_DATA:
```

271
modules/ManagementGovernance/Monitoring.EC2/main.tf
View File

@ -1,12 +1,24 @@
locals {
# alarm-message limited to 1024 characters
alarm-message = <<EOF
Cloudwatch alarm for the following resource
- Instance ID: ${var.ec2-instance-id}
- Instance Name: ${data.aws_instance.ec2-instance.tags["Name"]}
- Instance IP: ${data.aws_instance.ec2-instance.private_ip}
- Instance Type: ${data.aws_instance.ec2-instance.instance_type}
EOF
}
resource "aws_cloudwatch_metric_alarm" "ec2-StatusCheckFailed_System" { resource "aws_cloudwatch_metric_alarm" "ec2-StatusCheckFailed_System" {
alarm_name = "${var.settings.StatusCheckFailed_System.ecccode}-EC2_${var.ec2-instance-id}-StatusCheckFailed_System" alarm_name = "${var.settings.StatusCheckFailed_System.ecccode}-EC2_${var.ec2-instance-id}-StatusCheckFailed_System"
comparison_operator = var.settings.StatusCheckFailed_System.comparison_operator comparison_operator = var.settings.StatusCheckFailed_System.comparison_operator
evaluation_periods = var.settings.StatusCheckFailed_System.evaluation_periods evaluation_periods = var.settings.StatusCheckFailed_System.evaluation_periods
metric_name = "StatusCheckFailed_System" metric_name = "StatusCheckFailed_System"
period = var.settings.StatusCheckFailed_System.period period = var.settings.StatusCheckFailed_System.period
statistic = var.settings.StatusCheckFailed_System.statistic statistic = var.settings.StatusCheckFailed_System.statistic
threshold = var.settings.StatusCheckFailed_System.threshold threshold = var.settings.StatusCheckFailed_System.threshold
alarm_description = "EC2:StatusCheckFailed_System" # alarm_description = "EC2:StatusCheckFailed_System"
alarm_description = local.alarm-message
namespace = "AWS/EC2" namespace = "AWS/EC2"
insufficient_data_actions = [] insufficient_data_actions = []
actions_enabled = var.actions-enabled actions_enabled = var.actions-enabled
@ -18,14 +30,15 @@ resource "aws_cloudwatch_metric_alarm" "ec2-StatusCheckFailed_System" {
} }
resource "aws_cloudwatch_metric_alarm" "ec2-StatusCheckFailed_Instance" { resource "aws_cloudwatch_metric_alarm" "ec2-StatusCheckFailed_Instance" {
alarm_name = "${var.settings.StatusCheckFailed_Instance.ecccode}-EC2_${var.ec2-instance-id}-StatusCheckFailed_Instance" alarm_name = "${var.settings.StatusCheckFailed_Instance.ecccode}-EC2_${var.ec2-instance-id}-StatusCheckFailed_Instance"
comparison_operator = var.settings.StatusCheckFailed_Instance.comparison_operator comparison_operator = var.settings.StatusCheckFailed_Instance.comparison_operator
evaluation_periods = var.settings.StatusCheckFailed_Instance.evaluation_periods evaluation_periods = var.settings.StatusCheckFailed_Instance.evaluation_periods
metric_name = "StatusCheckFailed_Instance" metric_name = "StatusCheckFailed_Instance"
period = var.settings.StatusCheckFailed_Instance.period period = var.settings.StatusCheckFailed_Instance.period
statistic = var.settings.StatusCheckFailed_Instance.statistic statistic = var.settings.StatusCheckFailed_Instance.statistic
threshold = var.settings.StatusCheckFailed_Instance.threshold threshold = var.settings.StatusCheckFailed_Instance.threshold
alarm_description = "EC2:StatusCheckFailed_Instance" # alarm_description = "EC2:StatusCheckFailed_Instance"
alarm_description = local.alarm-message
namespace = "AWS/EC2" namespace = "AWS/EC2"
insufficient_data_actions = [] insufficient_data_actions = []
actions_enabled = var.actions-enabled actions_enabled = var.actions-enabled
@ -37,14 +50,15 @@ resource "aws_cloudwatch_metric_alarm" "ec2-StatusCheckFailed_Instance" {
} }
resource "aws_cloudwatch_metric_alarm" "ec2-CPUUtilization" { resource "aws_cloudwatch_metric_alarm" "ec2-CPUUtilization" {
alarm_name = "${var.settings.CPUUtilization.ecccode}-EC2_${var.ec2-instance-id}-CPUUtilization" alarm_name = "${var.settings.CPUUtilization.ecccode}-EC2_${var.ec2-instance-id}-CPUUtilization"
comparison_operator = var.settings.CPUUtilization.comparison_operator comparison_operator = var.settings.CPUUtilization.comparison_operator
evaluation_periods = var.settings.CPUUtilization.evaluation_periods evaluation_periods = var.settings.CPUUtilization.evaluation_periods
metric_name = "CPUUtilization" metric_name = "CPUUtilization"
period = var.settings.CPUUtilization.period period = var.settings.CPUUtilization.period
statistic = var.settings.CPUUtilization.statistic statistic = var.settings.CPUUtilization.statistic
threshold = var.settings.CPUUtilization.threshold threshold = var.settings.CPUUtilization.threshold
alarm_description = "EC2:CPUUtilization" # alarm_description = "EC2:CPUUtilization"
alarm_description = local.alarm-message
namespace = "AWS/EC2" namespace = "AWS/EC2"
insufficient_data_actions = [] insufficient_data_actions = []
actions_enabled = var.actions-enabled actions_enabled = var.actions-enabled
@ -61,6 +75,12 @@ data "aws_instance" "ec2-instance" {
instance_id = var.ec2-instance-id instance_id = var.ec2-instance-id
} }
# put instance name or ip in alarm name
locals {
instance-ip = data.aws_instance.ec2-instance.private_ip
instance-name = data.aws_instance.ec2-instance.tags["Name"]
}
module "ec2_os" { module "ec2_os" {
source = "../../util/awscli" source = "../../util/awscli"
access_key = var.target-account-ak access_key = var.target-account-ak
@ -82,15 +102,16 @@ module "detect_cloudwatch_agent" {
} }
resource "aws_cloudwatch_metric_alarm" "ec2-mem_used_percent" { resource "aws_cloudwatch_metric_alarm" "ec2-mem_used_percent" {
count = module.ec2_os.awscliout[0] != "Windows" && length(module.detect_cloudwatch_agent.awscliout) > 0 ? 1 : 0 count = module.ec2_os.awscliout[0] != "Windows" && length(module.detect_cloudwatch_agent.awscliout) > 0 ? 1 : 0
alarm_name = "${var.settings.mem_used_percent.ecccode}-EC2_${var.ec2-instance-id}-mem_used_percent" alarm_name = "${var.settings.mem_used_percent.ecccode}-EC2_${var.ec2-instance-id}-mem_used_percent"
comparison_operator = var.settings.mem_used_percent.comparison_operator comparison_operator = var.settings.mem_used_percent.comparison_operator
evaluation_periods = var.settings.mem_used_percent.evaluation_periods evaluation_periods = var.settings.mem_used_percent.evaluation_periods
metric_name = "mem_used_percent" metric_name = "mem_used_percent"
period = var.settings.mem_used_percent.period period = var.settings.mem_used_percent.period
statistic = var.settings.mem_used_percent.statistic statistic = var.settings.mem_used_percent.statistic
threshold = var.settings.mem_used_percent.threshold threshold = var.settings.mem_used_percent.threshold
alarm_description = "EC2:mem_used_percent" # alarm_description = "EC2:mem_used_percent"
alarm_description = local.alarm-message
namespace = "CWAgent" namespace = "CWAgent"
insufficient_data_actions = [] insufficient_data_actions = []
actions_enabled = var.actions-enabled actions_enabled = var.actions-enabled
@ -124,15 +145,16 @@ module "cw-dimensions" {
*/ */
resource "aws_cloudwatch_metric_alarm" "ec2-swap_used_percent" { resource "aws_cloudwatch_metric_alarm" "ec2-swap_used_percent" {
count = module.ec2_os.awscliout[0] != "Windows" && length(module.detect_cloudwatch_agent.awscliout) > 0 ? 1 : 0 count = module.ec2_os.awscliout[0] != "Windows" && length(module.detect_cloudwatch_agent.awscliout) > 0 ? 1 : 0
alarm_name = "${var.settings.swap_used_percent.ecccode}-EC2_${var.ec2-instance-id}-swap_used_percent" alarm_name = "${var.settings.swap_used_percent.ecccode}-EC2_${var.ec2-instance-id}-swap_used_percent"
comparison_operator = var.settings.swap_used_percent.comparison_operator comparison_operator = var.settings.swap_used_percent.comparison_operator
evaluation_periods = var.settings.swap_used_percent.evaluation_periods evaluation_periods = var.settings.swap_used_percent.evaluation_periods
metric_name = "swap_used_percent" metric_name = "swap_used_percent"
period = var.settings.swap_used_percent.period period = var.settings.swap_used_percent.period
statistic = var.settings.swap_used_percent.statistic statistic = var.settings.swap_used_percent.statistic
threshold = var.settings.swap_used_percent.threshold threshold = var.settings.swap_used_percent.threshold
alarm_description = "EC2:swap_used_percent" # alarm_description = "EC2:swap_used_percent"
alarm_description = local.alarm-message
namespace = "CWAgent" namespace = "CWAgent"
insufficient_data_actions = [] insufficient_data_actions = []
actions_enabled = var.actions-enabled actions_enabled = var.actions-enabled
@ -146,15 +168,16 @@ resource "aws_cloudwatch_metric_alarm" "ec2-swap_used_percent" {
} }
resource "aws_cloudwatch_metric_alarm" "ec2-disk_used_percent_warn" { resource "aws_cloudwatch_metric_alarm" "ec2-disk_used_percent_warn" {
count = module.ec2_os.awscliout[0] != "Windows" && data.external.cw-dimensions.result != null ? 1 : 0 count = module.ec2_os.awscliout[0] != "Windows" && data.external.cw-dimensions.result != null ? 1 : 0
alarm_name = "${var.settings.disk_used_percent_warn.ecccode}-EC2_${var.ec2-instance-id}-disk_used_percent" alarm_name = "${var.settings.disk_used_percent_warn.ecccode}-EC2_${var.ec2-instance-id}-disk_used_percent"
comparison_operator = var.settings.disk_used_percent_warn.comparison_operator comparison_operator = var.settings.disk_used_percent_warn.comparison_operator
evaluation_periods = var.settings.disk_used_percent_warn.evaluation_periods evaluation_periods = var.settings.disk_used_percent_warn.evaluation_periods
metric_name = "disk_used_percent" metric_name = "disk_used_percent"
period = var.settings.disk_used_percent_warn.period period = var.settings.disk_used_percent_warn.period
statistic = var.settings.disk_used_percent_warn.statistic statistic = var.settings.disk_used_percent_warn.statistic
threshold = var.settings.disk_used_percent_warn.threshold threshold = var.settings.disk_used_percent_warn.threshold
alarm_description = "EC2:disk_used_percent" # alarm_description = "EC2:disk_used_percent"
alarm_description = local.alarm-message
namespace = "CWAgent" namespace = "CWAgent"
insufficient_data_actions = [] insufficient_data_actions = []
actions_enabled = var.actions-enabled actions_enabled = var.actions-enabled
@ -164,15 +187,16 @@ resource "aws_cloudwatch_metric_alarm" "ec2-disk_used_percent_warn" {
} }
resource "aws_cloudwatch_metric_alarm" "ec2-disk_used_percent_crit" { resource "aws_cloudwatch_metric_alarm" "ec2-disk_used_percent_crit" {
count = module.ec2_os.awscliout[0] != "Windows" && data.external.cw-dimensions.result != null ? 1 : 0 count = module.ec2_os.awscliout[0] != "Windows" && data.external.cw-dimensions.result != null ? 1 : 0
alarm_name = "${var.settings.disk_used_percent_crit.ecccode}-EC2_${var.ec2-instance-id}-disk_used_percent" alarm_name = "${var.settings.disk_used_percent_crit.ecccode}-EC2_${var.ec2-instance-id}-disk_used_percent"
comparison_operator = var.settings.disk_used_percent_crit.comparison_operator comparison_operator = var.settings.disk_used_percent_crit.comparison_operator
evaluation_periods = var.settings.disk_used_percent_crit.evaluation_periods evaluation_periods = var.settings.disk_used_percent_crit.evaluation_periods
metric_name = "disk_used_percent" metric_name = "disk_used_percent"
period = var.settings.disk_used_percent_crit.period period = var.settings.disk_used_percent_crit.period
statistic = var.settings.disk_used_percent_crit.statistic statistic = var.settings.disk_used_percent_crit.statistic
threshold = var.settings.disk_used_percent_crit.threshold threshold = var.settings.disk_used_percent_crit.threshold
alarm_description = "EC2:disk_used_percent" # alarm_description = "EC2:disk_used_percent"
alarm_description = local.alarm-message
namespace = "CWAgent" namespace = "CWAgent"
insufficient_data_actions = [] insufficient_data_actions = []
actions_enabled = var.actions-enabled actions_enabled = var.actions-enabled
@ -182,15 +206,16 @@ resource "aws_cloudwatch_metric_alarm" "ec2-disk_used_percent_crit" {
} }
resource "aws_cloudwatch_metric_alarm" "ec2-disk_inodes_free" { resource "aws_cloudwatch_metric_alarm" "ec2-disk_inodes_free" {
count = module.ec2_os.awscliout[0] != "Windows" && data.external.cw-dimensions.result != null ? 1 : 0 count = module.ec2_os.awscliout[0] != "Windows" && data.external.cw-dimensions.result != null ? 1 : 0
alarm_name = "${var.settings.disk_inodes_free.ecccode}-EC2_${var.ec2-instance-id}-disk_inodes_free" alarm_name = "${var.settings.disk_inodes_free.ecccode}-EC2_${var.ec2-instance-id}-disk_inodes_free"
comparison_operator = var.settings.disk_inodes_free.comparison_operator comparison_operator = var.settings.disk_inodes_free.comparison_operator
evaluation_periods = var.settings.disk_inodes_free.evaluation_periods evaluation_periods = var.settings.disk_inodes_free.evaluation_periods
metric_name = "disk_inodes_free" metric_name = "disk_inodes_free"
period = var.settings.disk_inodes_free.period period = var.settings.disk_inodes_free.period
statistic = var.settings.disk_inodes_free.statistic statistic = var.settings.disk_inodes_free.statistic
threshold = var.settings.disk_inodes_free.threshold threshold = var.settings.disk_inodes_free.threshold
alarm_description = "EC2:disk_inodes_free" # alarm_description = "EC2:disk_inodes_free"
alarm_description = local.alarm-message
namespace = "CWAgent" namespace = "CWAgent"
insufficient_data_actions = [] insufficient_data_actions = []
actions_enabled = var.actions-enabled actions_enabled = var.actions-enabled
@ -201,15 +226,16 @@ resource "aws_cloudwatch_metric_alarm" "ec2-disk_inodes_free" {
# process metric not published by default cw agent config # process metric not published by default cw agent config
resource "aws_cloudwatch_metric_alarm" "ec2-processes_total" { resource "aws_cloudwatch_metric_alarm" "ec2-processes_total" {
count = module.ec2_os.awscliout[0] != "Windows" && length(module.detect_cloudwatch_agent.awscliout) > 0 ? 1 : 0 count = module.ec2_os.awscliout[0] != "Windows" && length(module.detect_cloudwatch_agent.awscliout) > 0 ? 1 : 0
alarm_name = "${var.settings.processes_total.ecccode}-EC2_${var.ec2-instance-id}-processes_total" alarm_name = "${var.settings.processes_total.ecccode}-EC2_${var.ec2-instance-id}-processes_total"
comparison_operator = var.settings.processes_total.comparison_operator comparison_operator = var.settings.processes_total.comparison_operator
evaluation_periods = var.settings.processes_total.evaluation_periods evaluation_periods = var.settings.processes_total.evaluation_periods
metric_name = "processes_total" metric_name = "processes_total"
period = var.settings.processes_total.period period = var.settings.processes_total.period
statistic = var.settings.processes_total.statistic statistic = var.settings.processes_total.statistic
threshold = var.settings.processes_total.threshold threshold = var.settings.processes_total.threshold
alarm_description = "EC2:processes_total" # alarm_description = "EC2:processes_total"
alarm_description = local.alarm-message
namespace = "CWAgent" namespace = "CWAgent"
insufficient_data_actions = [] insufficient_data_actions = []
actions_enabled = var.actions-enabled actions_enabled = var.actions-enabled
@ -223,12 +249,13 @@ resource "aws_cloudwatch_metric_alarm" "ec2-processes_total" {
} }
resource "aws_cloudwatch_metric_alarm" "ec2-net_err" { resource "aws_cloudwatch_metric_alarm" "ec2-net_err" {
count = module.ec2_os.awscliout[0] != "Windows" && length(module.detect_cloudwatch_agent.awscliout) > 0 ? 1 : 0 count = module.ec2_os.awscliout[0] != "Windows" && length(module.detect_cloudwatch_agent.awscliout) > 0 ? 1 : 0
alarm_name = "${var.settings.net_err_in.ecccode}-EC2_${var.ec2-instance-id}-net_err" alarm_name = "${var.settings.net_err_in.ecccode}-EC2_${var.ec2-instance-id}-net_err"
comparison_operator = "GreaterThanThreshold" comparison_operator = "GreaterThanThreshold"
evaluation_periods = var.settings.net_err_in.evaluation_periods evaluation_periods = var.settings.net_err_in.evaluation_periods
threshold = 0 threshold = 0
alarm_description = "EC2:net_err_in or EC2:net_err_out exceeds threshold" # alarm_description = "EC2:net_err_in or EC2:net_err_out exceeds threshold"
alarm_description = local.alarm-message
insufficient_data_actions = [] insufficient_data_actions = []
actions_enabled = false actions_enabled = false
alarm_actions = [var.settings.net_err_in.action] alarm_actions = [var.settings.net_err_in.action]
@ -276,15 +303,16 @@ resource "aws_cloudwatch_metric_alarm" "ec2-net_err" {
} }
resource "aws_cloudwatch_metric_alarm" "ec2-NetworkIn" { resource "aws_cloudwatch_metric_alarm" "ec2-NetworkIn" {
count = try(var.settings.NetworkIn.monitor,false) ? 1 : 0 count = try(var.settings.NetworkIn.monitor, false) ? 1 : 0
alarm_name = "${var.settings.NetworkIn.ecccode}-EC2_${var.ec2-instance-id}-NetworkIn" alarm_name = "${var.settings.NetworkIn.ecccode}-EC2_${var.ec2-instance-id}-NetworkIn"
comparison_operator = var.settings.NetworkIn.comparison_operator comparison_operator = var.settings.NetworkIn.comparison_operator
evaluation_periods = var.settings.NetworkIn.evaluation_periods evaluation_periods = var.settings.NetworkIn.evaluation_periods
metric_name = "NetworkIn" metric_name = "NetworkIn"
period = var.settings.NetworkIn.period period = var.settings.NetworkIn.period
statistic = var.settings.NetworkIn.statistic statistic = var.settings.NetworkIn.statistic
threshold = var.settings.NetworkIn.threshold threshold = var.settings.NetworkIn.threshold
alarm_description = "EC2:NetworkIn" # alarm_description = "EC2:NetworkIn"
alarm_description = local.alarm-message
namespace = "AWS/EC2" namespace = "AWS/EC2"
insufficient_data_actions = [] insufficient_data_actions = []
actions_enabled = var.actions-enabled actions_enabled = var.actions-enabled
@ -296,15 +324,16 @@ resource "aws_cloudwatch_metric_alarm" "ec2-NetworkIn" {
} }
resource "aws_cloudwatch_metric_alarm" "ec2-NetworkOut" { resource "aws_cloudwatch_metric_alarm" "ec2-NetworkOut" {
count = try(var.settings.NetworkIn.monitor,false) ? 1 : 0 count = try(var.settings.NetworkIn.monitor, false) ? 1 : 0
alarm_name = "${var.settings.NetworkOut.ecccode}-EC2_${var.ec2-instance-id}-NetworkOut" alarm_name = "${var.settings.NetworkOut.ecccode}-EC2_${var.ec2-instance-id}-NetworkOut"
comparison_operator = var.settings.NetworkOut.comparison_operator comparison_operator = var.settings.NetworkOut.comparison_operator
evaluation_periods = var.settings.NetworkOut.evaluation_periods evaluation_periods = var.settings.NetworkOut.evaluation_periods
metric_name = "NetworkOut" metric_name = "NetworkOut"
period = var.settings.NetworkOut.period period = var.settings.NetworkOut.period
statistic = var.settings.NetworkOut.statistic statistic = var.settings.NetworkOut.statistic
threshold = var.settings.NetworkOut.threshold threshold = var.settings.NetworkOut.threshold
alarm_description = "EC2:NetworkOut" # alarm_description = "EC2:NetworkOut"
alarm_description = local.alarm-message
namespace = "AWS/EC2" namespace = "AWS/EC2"
insufficient_data_actions = [] insufficient_data_actions = []
actions_enabled = var.actions-enabled actions_enabled = var.actions-enabled
@ -317,15 +346,16 @@ resource "aws_cloudwatch_metric_alarm" "ec2-NetworkOut" {
# Windows specific checks # Windows specific checks
resource "aws_cloudwatch_metric_alarm" "ec2-MemoryCommittedPct" { resource "aws_cloudwatch_metric_alarm" "ec2-MemoryCommittedPct" {
count = module.ec2_os.awscliout[0] == "Windows" && length(module.detect_cloudwatch_agent.awscliout) > 0 ? 1 : 0 count = module.ec2_os.awscliout[0] == "Windows" && length(module.detect_cloudwatch_agent.awscliout) > 0 ? 1 : 0
alarm_name = "${var.settings.MemoryCommittedPct.ecccode}-EC2_${var.ec2-instance-id}-MemoryCommittedPct" alarm_name = "${var.settings.MemoryCommittedPct.ecccode}-EC2_${var.ec2-instance-id}-MemoryCommittedPct"
comparison_operator = var.settings.MemoryCommittedPct.comparison_operator comparison_operator = var.settings.MemoryCommittedPct.comparison_operator
evaluation_periods = var.settings.MemoryCommittedPct.evaluation_periods evaluation_periods = var.settings.MemoryCommittedPct.evaluation_periods
metric_name = "Memory % Committed Bytes In Use" metric_name = "Memory % Committed Bytes In Use"
period = var.settings.MemoryCommittedPct.period period = var.settings.MemoryCommittedPct.period
statistic = var.settings.MemoryCommittedPct.statistic statistic = var.settings.MemoryCommittedPct.statistic
threshold = var.settings.MemoryCommittedPct.threshold threshold = var.settings.MemoryCommittedPct.threshold
alarm_description = "EC2:MemoryCommittedBytes" # alarm_description = "EC2:MemoryCommittedBytes"
alarm_description = local.alarm-message
namespace = "CWAgent" namespace = "CWAgent"
insufficient_data_actions = [] insufficient_data_actions = []
actions_enabled = var.actions-enabled actions_enabled = var.actions-enabled
@ -340,15 +370,16 @@ resource "aws_cloudwatch_metric_alarm" "ec2-MemoryCommittedPct" {
} }
resource "aws_cloudwatch_metric_alarm" "ec2-LogicalDiskFreePct" { resource "aws_cloudwatch_metric_alarm" "ec2-LogicalDiskFreePct" {
count = module.ec2_os.awscliout[0] == "Windows" && length(module.detect_cloudwatch_agent.awscliout) > 0 ? 1 : 0 count = module.ec2_os.awscliout[0] == "Windows" && length(module.detect_cloudwatch_agent.awscliout) > 0 ? 1 : 0
alarm_name = "${var.settings.LogicalDiskFreePct.ecccode}-EC2_${var.ec2-instance-id}-LogicalDiskFreePct" alarm_name = "${var.settings.LogicalDiskFreePct.ecccode}-EC2_${var.ec2-instance-id}-LogicalDiskFreePct"
comparison_operator = var.settings.LogicalDiskFreePct.comparison_operator comparison_operator = var.settings.LogicalDiskFreePct.comparison_operator
evaluation_periods = var.settings.LogicalDiskFreePct.evaluation_periods evaluation_periods = var.settings.LogicalDiskFreePct.evaluation_periods
metric_name = "LogicalDisk % Free Space" metric_name = "LogicalDisk % Free Space"
period = var.settings.LogicalDiskFreePct.period period = var.settings.LogicalDiskFreePct.period
statistic = var.settings.LogicalDiskFreePct.statistic statistic = var.settings.LogicalDiskFreePct.statistic
threshold = var.settings.LogicalDiskFreePct.threshold threshold = var.settings.LogicalDiskFreePct.threshold
alarm_description = "EC2:OsDiskFreePct" # alarm_description = "EC2:OsDiskFreePct"
alarm_description = local.alarm-message
namespace = "CWAgent" namespace = "CWAgent"
insufficient_data_actions = [] insufficient_data_actions = []
actions_enabled = var.actions-enabled actions_enabled = var.actions-enabled