Conversation
gsf
left a comment
gsf
left a comment
There was a problem hiding this comment.
Could we bring the lambda code itself into the alarm-to-slack directory? This is a great start and I think it could be turned into a general lambda, one per account, that listens for cloudwatch alarms for all teams and sends them on to the relevant channels.
| } | ||
|
|
||
| variable "env" { | ||
| description = "The application environment (dev, test, sandbox,prod)" |
There was a problem hiding this comment.
Missing a space before prod here.
MEspositoE14s
left a comment
MEspositoE14s
left a comment
There was a problem hiding this comment.
LGTM!
Does this mean I have to finally learn Python now?
| tags = { | ||
| application = var.app | ||
| business = "oeda" | ||
| code = "https://github.com/CMSgov/ab2d-bcda-dpc-platform/tree/main/terraform/services/alarm-to-slack" |
There was a problem hiding this comment.
Might as well make this CMSgov/cdap now.
There was a problem hiding this comment.
Actually, it should just be pointing to itself, since it is in the same repo!
There was a problem hiding this comment.
Oh wait, nm...
There was a problem hiding this comment.
The lambda zipping can be done in terraform with an archive_file data source and a filename attribute in the aws_lambda_function resource, but it would involve extending the function module. That can be left for a future PR.
As discussed in Slack, this could also be updated in the future to accept multiple SNS topics and route accordingly, allowing for a single lambda in each account to handle all alarms going to Slack.
| @@ -0,0 +1 @@ | |||
| __pycache__ | |||
There was a problem hiding this comment.
This can be added to the top-level .gitignore.
## 🎫 Ticket https://jira.cms.gov/browse/DPC-4713 ## 🛠 Changes Added lambda triggered by SNS message from CloudWatch alarm. Includes deploy workflow and the executable code. ## ℹ️ Context DPC is no longer allowed to use ChatBot to send messages to dpc-alerts from AWS, so we are following a recommendation to have alerts trigger a lambda that sends them to a slack webhook. The infrastructure still builds S3 buckets, although this is not used for actual deployment. ## 🧪 Validation Workflow which tests code and terraform passes. Deployed to dev manually and triggered manually and it worked.
5 participants
🎫 Ticket
https://jira.cms.gov/browse/DPC-4713
🛠 Changes
Added lambda triggered by SNS message from CloudWatch alarm. Includes deploy workflow and the executable code.
ℹ️ Context
DPC is no longer allowed to use ChatBot to send messages to dpc-alerts from AWS, so we are following a recommendation to have alerts trigger a lambda that sends them to a slack webhook.
The infrastructure still builds S3 buckets, although this is not used for actual deployment.
🧪 Validation
Workflow which tests code and terraform passes.
Deployed to dev manually and triggered manually and it worked.
Samples:
