utrescu/terraform-azurerm-alerting

Terraform module for Azure Alerting

Azure Alerting

Azure module to create some Azure Monitor Alerts with an Action Group for notifications destination. This module handles alerts of type:

• Activity Log alerts

Global versioning rule for Claranet Azure modules

Module version	Terraform version	AzureRM version
>= 7.x.x	1.3.x	>= 3.0
>= 6.x.x	1.x	>= 3.0
>= 5.x.x	0.15.x	>= 2.0
>= 4.x.x	0.13.x / 0.14.x	>= 2.0
>= 3.x.x	0.12.x	>= 2.0
>= 2.x.x	0.12.x	< 2.0
< 2.x.x	0.11.x	< 2.0

Contributing

If you want to contribute to this repository, feel free to use our pre-commit git hook configuration which will help you automatically update and format some files for you by enforcing our Terraform code module best-practices.

More details are available in the CONTRIBUTING.md file.

Usage

This module is optimized to work with the Claranet terraform-wrapper tool which set some terraform variables in the environment needed by this module. More details about variables set by the terraform-wrapper available in the documentation.

module "azure_region" {
  source  = "claranet/regions/azurerm"
  version = "x.x.x"

  azure_region = var.azure_region
}

module "rg" {
  source  = "claranet/rg/azurerm"
  version = "x.x.x"

  location    = module.azure_region.location
  client_name = var.client_name
  environment = var.environment
  stack       = var.stack
}

module "alerting" {
  source  = "claranet/alerting/azurerm"
  version = "x.x.x"

  location_short = module.azure_region.location_short
  client_name    = var.client_name
  environment    = var.environment
  stack          = var.stack

  resource_group_name     = module.rg.resource_group_name
  action_group_short_name = "Alerting"

  action_group_webhooks = {
    PagerDuty = "https://events.pagerduty.com/integration/{integration-UID}/enqueue"
    Slack     = "https://hooks.slack.com/services/{azerty}/XXXXXXXXXXXXXXx/{hook-key}"
  }

  activity_log_alerts = {
    "service-health" = {
      description         = "ServiceHealth global Subscription alerts"
      resource_group_name = module.rg.resource_group_name
      scopes              = [format("/subscriptions/%s", var.azure_subscription_id)]
      criteria = {
        category = "ServiceHealth"
      }
    }

    "security-center" = {
      custom_name         = "${var.stack}-global-security-center"
      description         = "Security Center global Subscription alerts"
      resource_group_name = module.rg.resource_group_name
      scopes              = [format("/subscriptions/%s", var.azure_subscription_id)]
      criteria = {
        category = "Security"
        level    = "Error"
      }
    }

    "advisor" = {
      custom_name         = "${var.stack}-global-advisor-alerts"
      description         = "Advisor global Subscription alerts"
      resource_group_name = module.rg.resource_group_name
      scopes              = [format("/subscriptions/%s", var.azure_subscription_id)]
      criteria = {
        category = "Recommendation"
        level    = "Informational"
      }
    }

    "managed-disks" = {
      custom_name         = "${var.stack}-global-managed-disks-alerts"
      description         = "Azure disks movements alerts"
      resource_group_name = module.rg.resource_group_name
      scopes              = [format("/subscriptions/%s", var.azure_subscription_id)]
      criteria = {
        category      = "Administrative"
        resource_type = "Microsoft.Compute/disks"
        level         = "Informational"
        status        = "Succeeded"
      }
    }
  }

  extra_tags = {
    purpose = "alerting testing"
  }
}

Providers

Name	Version
azurecaf	~> 1.2, >= 1.2.22
azurerm	>= 2.56

Modules

No modules.

Resources

Name	Type
azurerm_monitor_action_group.action_group_notification	resource
azurerm_monitor_activity_log_alert.activity_log_alert	resource
azurerm_monitor_metric_alert.metric_alert	resource
azurecaf_name.action_group	data source
azurecaf_name.activity_log_alerts	data source
azurecaf_name.metric_alerts	data source

Inputs

Name	Description	Type	Default	Required
action_group_emails	Map of Emails to notify. Example: { ml-devops = devops@contoso.com }.	map(string)	{}	no
action_group_short_name	Action Group short name	string	n/a	yes
action_group_webhooks	Map of Webhooks to notify. Example: { PagerDuty = 'https://events.pagerduty.com/integration/abcdefgh12345azerty/enqueue' }.	map(string)	{}	no
activity_log_alerts	Map of Activity log Alerts.	map(object({ description = optional(string) custom_name = optional(string) resource_group_name = optional(string) scopes = list(string) criteria = object({ operation_name = optional(string) category = optional(string, "Recommendation") level = optional(string, "Error") status = optional(string) resource_provider = optional(string) resource_type = optional(string) resource_group = optional(string) resource_id = optional(string) }) }))	{}	no
client_name	Client name/account used in naming.	string	n/a	yes
custom_action_group_name	Optional custom Action Group name	string	null	no
default_tags_enabled	Option to enable or disable default tags.	bool	true	no
environment	Project environment.	string	n/a	yes
extra_tags	Extra tags to set on each created resource.	map(string)	{}	no
location_short	Short string for Azure location.	string	n/a	yes
metric_alerts	Map of metric Alerts	map(object({ custom_name = optional(string, null) description = optional(string, null) resource_group_name = optional(string) scopes = optional(list(string), []) enabled = optional(bool, true) auto_mitigate = optional(bool, true) severity = optional(number, 3) frequency = optional(string, "PT5M") window_size = optional(string, "PT5M") target_resource_type = optional(string, null) target_resource_location = optional(string, null) tags = optional(map(string), {}) criteria = optional(list(object({ metric_namespace = string metric_name = string aggregation = string operator = string threshold = number skip_metric_validation = optional(bool, false) dimension = optional(list(object({ name = string operator = optional(string, "Include") values = list(string) })), []) })), []) dynamic_criteria = optional(list(object({ metric_namespace = string metric_name = string aggregation = string operator = string alert_sensitivity = optional(string, "Medium") evaluation_total_count = optional(number, 4) evaluation_failure_count = optional(number, 4) ignore_data_before = optional(string) skip_metric_validation = optional(bool, false) dimension = optional(list(object({ name = string operator = optional(string, "Include") values = list(string) })), []) })), []) application_insights_web_test_location_availability_criteria = optional(object({ web_test_id = string component_id = string failed_location_count = number }), null) }))	{}	no
name_prefix	Optional prefix for the generated name	string	""	no
name_suffix	Optional suffix for the generated name	string	""	no
resource_group_name	Resource group name.	string	n/a	yes
service_health	A block supports the following: events, locations and services. https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/monitor_activity_log_alert	object({ events = optional(string, "Incident") locations = optional(string, "Global") services = optional(string) })	null	no
stack	Project stack name.	string	n/a	yes
use_caf_naming	Use the Azure CAF naming provider to generate default resource name. custom_action_group_name override this if set. Legacy default name is used if this is set to false.	bool	true	no

Outputs

Name	Description
action_group_id	Notification Action Group ID
action_group_name	Notification Action Group name
activity_log_alerts	Activity log alerts attributes

Related documentation

Microsoft Azure documentation:

• Activity Log alerts
• Activity Log view
• Activity Log PagerDuty

Github issues

Additional fields for Service Health (Regions and Services): hashicorp/terraform-provider-azurerm#2996

This is fixed now with AzureRM provider v2.56.0: azurerm_monitor_activity_log_alert - support for service_health (#10978)