This Terraform module creates an OpenSearch alert for detecting specific conditions and sends notifications to a Slack channel. It allows users to configure various aspects of the alert, including the query, triggers, and Slack channel settings.
module "opensearch_alert" {
source = "github.com/ministryofjustice/cloud-platform-terraform-opensearch-alerts?ref=0.0.1"
secret_id = module.secret.secret_id
slack_channel_name = "slack-channel-name"
slack_channel_name_description = "slack-channel-description"
opensearch_alert_name = "opensearch-alert-name"
opensearch_alert_enabled = true
monitor_period_interval = 1
monitor_period_unit = "MINUTES"
alert_query = jsonencode(
{
Your_alert_query : query
}
)
trigger_name = "trigger-name"
serverity = "1"
query_source = "ctx.results[0].hits.total.value > 1"
action_name = "trigger-action-name"
slack_message_subject = "slack-message-subject"
slack_message_template = "Monitor {{ctx.monitor.name}} just entered alert status. Please investigate the issue.\n- Trigger: {{ctx.trigger.name}}\n- Severity: {{ctx.trigger.severity}}"
alert_throttle_enabled = true
throttle_value = 60
throttle_unit = "MINUTES"
}
For more details, you may refer to Cloud Platform User Guide.
Name | Version |
---|---|
terraform | >= 1.2.5 |
aws | ~> 5.31.0 |
kubernetes | 2.25.2 |
opensearch | 2.2.1 |
Name | Version |
---|---|
aws | ~> 5.31.0 |
opensearch.app_logs | 2.2.1 |
random | n/a |
No modules.
Name | Type |
---|---|
opensearch_channel_configuration.slack_alarm | resource |
opensearch_monitor.opensearch_alert | resource |
random_id.id | resource |
aws_caller_identity.current | data source |
aws_iam_role.os_access_role_app_logs | data source |
aws_opensearch_domain.live_app_logs | data source |
aws_partition.current | data source |
aws_region.current | data source |
aws_secretsmanager_secret_version.slack_webhook_url | data source |
Name | Description | Type | Default | Required |
---|---|---|---|---|
action_name | Name of the action | string |
n/a | yes |
alert_query | The OpenSearch query in JSON format | string |
n/a | yes |
alert_throttle_enabled | Trigger for Slack channel | bool |
true |
no |
application | Application name | string |
n/a | yes |
business_unit | Area of the MOJ responsible for the service | string |
n/a | yes |
environment_name | Environment name | string |
n/a | yes |
indices | Indices to be monitored | list(string) |
[ |
no |
infrastructure_support | The team responsible for managing the infrastructure. Should be of the form () | string |
n/a | yes |
is_production | Whether this is used for production or not | string |
n/a | yes |
monitor_period_interval | Interval for the monitor schedule period | number |
1 |
no |
monitor_period_unit | Unit for the monitor schedule period | string |
"MINUTES" |
no |
namespace | Namespace name | string |
n/a | yes |
opensearch_alert_enabled | OpenSearch Alert Name | bool |
true |
no |
opensearch_alert_name | OpenSearch Alert Name | string |
n/a | yes |
query_source | Source script for the query condition | string |
"ctx.results[0].hits.total.value > 1" |
no |
secret_id | secret id from cloud-platform-terraform-secrets-manager module output | string |
n/a | yes |
serverity | Alert Serverity that only allows values from 1 to 5 | number |
1 |
no |
slack_channel_name | Slack Channel Name | string |
n/a | yes |
slack_channel_name_description | Slack Channel Description | string |
"" |
no |
slack_message_subject | Subject for Slack Message | string |
n/a | yes |
slack_message_template | Message template for Slack notifications | string |
"Monitor {{ctx.monitor.name}} just entered alert status. Please investigate the issue.\n- Trigger: {{ctx.trigger.name}}\n- Severity: {{ctx.trigger.severity}}\n" |
no |
team_name | Team name | string |
n/a | yes |
throttle_unit | Unit for the throttle | string |
"MINUTES" |
no |
throttle_value | Use throttling to limit the number of notifications you receive within a given time frame | number |
60 |
no |
trigger_name | Name of the trigger | string |
n/a | yes |
No outputs.
Some of the inputs for this module are tags. All infrastructure resources must be tagged to meet the MOJ Technical Guidance on Documenting owners of infrastructure.
You should use your namespace variables to populate these. See the Usage section for more information.