initial public commit

Author: lorenzoaiello

.gitignore

@@ -0,0 +1,29 @@
+# Local dev things
+.idea
+
+# Local .terraform directories
+**/.terraform/*
+
+# .tfstate files
+*.tfstate
+*.tfstate.*
+
+# Crash log files
+crash.log
+
+# Ignore any .tfvars files that are generated automatically for each Terraform run. Most
+# .tfvars files are managed as part of configuration and so should be included in
+# version control.
+#
+# example.tfvars
+
+# Ignore override files as they are usually used to override resources locally and so
+# are not checked in
+override.tf
+override.tf.json
+*_override.tf
+*_override.tf.json
+
+# Include override files you do wish to add to version control using negated pattern
+#
+# !example_override.tf

.gitlab-ci.yml

@@ -0,0 +1,21 @@
+image:
+  name: hashicorp/terraform:light
+  entrypoint:
+    - '/usr/bin/env'
+    - 'PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin'
+
+cache:
+  paths:
+    - .terraform
+
+before_script:
+  - terraform --version
+
+stages:
+  - format
+
+format:
+  stage: format
+  script:
+    - terraform fmt -check
+

LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2020 Lorenzo Aiello
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

README.md

@@ -0,0 +1,49 @@
+# Terraform Module for AWS ALB Cloudwatch Alarms
+
+This Terraform module manages Cloudwatch Alarms for an ALB in the region. It does NOT create or manage Load Balancers, only Metric Alarms.
+
+**Requires**:
+- AWS Provider
+- Terraform 0.12
+
+## Alarms Created
+
+Alarms Always Created:
+- Any 5xx errors from the target group
+- Any 5xx errors from the load balancer
+- Unacceptably high average response times
+
+**Estimated Operating Cost**: $ 0.30 / month
+
+- $ 0.10 / month for Metric Alarms (3x)
+
+## Example
+
+```hcl-terraform
+module "aws-efs-alarms" {
+  source            = "lorenzoaiello/nat-alarms/aws"
+  version           = "x.y.z"
+}
+
+```
+
+## Variables
+
+| Name | Description | Type | Default | Required |
+|------|-------------|------|---------|:-----:|
+| actions\_alarm | A list of actions to take when alarms are triggered. Will likely be an SNS topic for event distribution. | `list` | `[]` | no |
+| actions\_ok | A list of actions to take when alarms are cleared. Will likely be an SNS topic for event distribution. | `list` | `[]` | no |
+| evaluation\_period | The evaluation period over which to use when triggering alarms. | `string` | `"5"` | no |
+| load\_balancer\_id | ALB ID | `string` | n/a | yes |
+| prefix | Alarm Name Prefix | `string` | `""` | no |
+| response\_time\_threshold | The average number of milliseconds that requests should complete within. | `string` | `"50"` | no |
+| statistic\_period | The number of seconds that make each statistic period. | `string` | `"60"` | no |
+| target\_group\_id | Target Group ID | `string` | n/a | yes |
+
+## Outputs
+
+| Name | Description |
+|------|-------------|
+| alarm\_httpcode\_lb\_5xx\_count | The CloudWatch Metric Alarm resource block for 5xx errors on the load balancer |
+| alarm\_httpcode\_target\_5xx\_counts | The CloudWatch Metric Alarm resource block for 5xx errors on the target group |
+| alarm\_target\_response\_time\_average | The CloudWatch Metric Alarm resource block for unacceptably high response time averages |

main.tf

@@ -0,0 +1,55 @@
+resource "aws_cloudwatch_metric_alarm" "httpcode_target_5xx_count" {
+  alarm_name          = "${var.prefix}alb-tg-${var.target_group_id}-high5XXCount"
+  comparison_operator = "GreaterThanThreshold"
+  evaluation_periods  = var.evaluation_period
+  metric_name         = "HTTPCode_Target_5XX_Count"
+  namespace           = "AWS/ApplicationELB"
+  period              = var.statistic_period
+  statistic           = "Sum"
+  threshold           = "0"
+  alarm_description   = "Average API 5XX target group error code count is too high"
+  alarm_actions       = var.actions_alarm
+  ok_actions          = var.actions_ok
+
+  dimensions = {
+    "TargetGroup"  = var.target_group_id
+    "LoadBalancer" = var.load_balancer_id
+  }
+}
+
+resource "aws_cloudwatch_metric_alarm" "httpcode_lb_5xx_count" {
+  alarm_name          = "${var.prefix}alb-${var.load_balancer_id}-high5XXCount"
+  comparison_operator = "GreaterThanThreshold"
+  evaluation_periods  = var.evaluation_period
+  metric_name         = "HTTPCode_ELB_5XX_Count"
+  namespace           = "AWS/ApplicationELB"
+  period              = var.statistic_period
+  statistic           = "Sum"
+  threshold           = "0"
+  alarm_description   = "Average API 5XX load balancer error code count is too high"
+  alarm_actions       = var.actions_alarm
+  ok_actions          = var.actions_ok
+
+  dimensions = {
+    "LoadBalancer" = var.load_balancer_id
+  }
+}
+
+resource "aws_cloudwatch_metric_alarm" "target_response_time_average" {
+  alarm_name          = "${var.prefix}alb-tg-${var.target_group_id}-highResponseTime"
+  comparison_operator = "GreaterThanThreshold"
+  evaluation_periods  = var.evaluation_period
+  metric_name         = "TargetResponseTime"
+  namespace           = "AWS/ApplicationELB"
+  period              = var.statistic_period
+  statistic           = "Average"
+  threshold           = var.response_time_threshold
+  alarm_description   = "Average API response time is too high"
+  alarm_actions       = var.actions_alarm
+  ok_actions          = var.actions_ok
+
+  dimensions = {
+    "TargetGroup"  = var.target_group_id
+    "LoadBalancer" = var.load_balancer_id
+  }
+}

outputs.tf

@@ -0,0 +1,14 @@
+output "alarm_httpcode_target_5xx_counts" {
+  value       = aws_cloudwatch_metric_alarm.httpcode_target_5xx_count
+  description = "The CloudWatch Metric Alarm resource block for 5xx errors on the target group"
+}
+
+output "alarm_httpcode_lb_5xx_count" {
+  value       = aws_cloudwatch_metric_alarm.httpcode_lb_5xx_count
+  description = "The CloudWatch Metric Alarm resource block for 5xx errors on the load balancer"
+}
+
+output "alarm_target_response_time_average" {
+  value       = aws_cloudwatch_metric_alarm.target_response_time_average
+  description = "The CloudWatch Metric Alarm resource block for unacceptably high response time averages"
+}

variables.tf

@@ -0,0 +1,45 @@
+variable "load_balancer_id" {
+  type        = "string"
+  description = "ALB ID"
+}
+
+variable "target_group_id" {
+  type        = "string"
+  description = "Target Group ID"
+}
+
+variable "prefix" {
+  type        = "string"
+  default     = ""
+  description = "Alarm Name Prefix"
+}
+
+variable "response_time_threshold" {
+  type        = "string"
+  default     = "50"
+  description = "The average number of milliseconds that requests should complete within."
+}
+
+variable "evaluation_period" {
+  type        = "string"
+  default     = "5"
+  description = "The evaluation period over which to use when triggering alarms."
+}
+
+variable "statistic_period" {
+  type        = "string"
+  default     = "60"
+  description = "The number of seconds that make each statistic period."
+}
+
+variable "actions_alarm" {
+  type        = "list"
+  default     = []
+  description = "A list of actions to take when alarms are triggered. Will likely be an SNS topic for event distribution."
+}
+
+variable "actions_ok" {
+  type        = "list"
+  default     = []
+  description = "A list of actions to take when alarms are cleared. Will likely be an SNS topic for event distribution."
+}