Skip to content

Commit

Permalink
Merge pull request #26 from BCDevOps/failure-alerts
Browse files Browse the repository at this point in the history
add event bridge rule for failure alerts
  • Loading branch information
wrnu authored Dec 13, 2023
2 parents 2f1bcb1 + ec50168 commit 52fd246
Show file tree
Hide file tree
Showing 4 changed files with 54 additions and 1 deletion.
2 changes: 2 additions & 0 deletions main.tf
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,8 @@ module "management-account" {
module "operations-account" {
source = "./terraform/operations-account"
lz_mgmt_account_id = var.mgmt_account_id
lambda_arn = var.lambda_arn
lambda_function_name= var.lambda_function_name

providers = {
aws = aws.Operations-account
Expand Down
33 changes: 32 additions & 1 deletion terraform/operations-account/main.tf
Original file line number Diff line number Diff line change
Expand Up @@ -300,6 +300,37 @@ resource "aws_ecs_cluster" "billing_reports_ecs_cluster" {
}
}

# adding the event bridge rule failure alerts
resource "aws_cloudwatch_event_rule" "ecs_task_state_change" {
name = "ecs-task-state-change"
description = "Triggers on ECS task state changes from RUNNING to STOPPED for ${local.app_name}-cluster"

event_pattern = jsonencode({
source : ["aws.ecs"],
"detail-type" : ["ECS Task State Change"],
detail : {
clusterArn : [aws_ecs_cluster.billing_reports_ecs_cluster.arn],
lastStatus : ["STOPPED"],
desiredStatus : ["STOPPED"]
}
})
}


resource "aws_cloudwatch_event_target" "lambda_target" {
rule = aws_cloudwatch_event_rule.ecs_task_state_change.name
target_id = "TargetFunctionV1"
arn = var.lambda_arn
}

resource "aws_lambda_permission" "allow_cloudwatch_to_call" {
statement_id = "AllowExecutionFromCloudWatch"
action = "lambda:InvokeFunction"
function_name = var.lambda_function_name
principal = "events.amazonaws.com"
source_arn = aws_cloudwatch_event_rule.ecs_task_state_change.arn
}

resource "aws_ecs_task_definition" "billing_reports_ecs_task" {
family = "${local.app_name}-ecs-task"
network_mode = "awsvpc"
Expand All @@ -310,7 +341,7 @@ resource "aws_ecs_task_definition" "billing_reports_ecs_task" {
task_role_arn = aws_iam_role.ecs_task_role.arn
runtime_platform {
operating_system_family = "LINUX"
# cpu_architecture = "ARM64" // Used when testing deployment from Local ARM64 based device
# cpu_architecture = "ARM64" // Used when testing deployment from Local ARM64 based device
}
container_definitions = jsonencode([{
name = "${local.app_name}-ecs-container-${data.aws_caller_identity.current.account_id}-${data.aws_region.current.name}"
Expand Down
11 changes: 11 additions & 0 deletions terraform/operations-account/variables.tf
Original file line number Diff line number Diff line change
Expand Up @@ -11,3 +11,14 @@ variable "lz_mgmt_account_id" {

type = string
}

variable "lambda_arn" {
description = "ARN of the Lambda function"
type = string
}

variable "lambda_function_name" {
description = "Name of the Lambda function"
type = string
}

9 changes: 9 additions & 0 deletions variables.tf
Original file line number Diff line number Diff line change
Expand Up @@ -9,3 +9,12 @@ variable "mgmt_account_id" {
variable "mgmt_account_phase1_bucket_suffix" {
description = "The suffix for the phase1 bucket in the management account."
}
variable "lambda_arn" {
description = "ARN of the Lambda function"
type = string
}

variable "lambda_function_name" {
description = "ARN of the Lambda function"
type = string
}

0 comments on commit 52fd246

Please sign in to comment.