wbyc/terraform-datadog-old-monitors
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

MON-237 - KeyVault monitors added

Browse Source
This commit is contained in:
Alexandre Gaillet 2018-07-06 14:37:40 +02:00 committed by Laurent Piroelle
parent c8f5e0e03e
commit a8ab2368d9
6 changed files with 271 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
cloud/azure/README.md
View File

@ -186,6 +186,15 @@ Inputs
| iothub_total_devices_silenced | Groups to mute for IoT Hub total devices monitor | map | `<map>` | no | | iothub_total_devices_silenced | Groups to mute for IoT Hub total devices monitor | map | `<map>` | no |
| iothub_total_devices_time_aggregator | Monitor aggregator for IoT Hub total devices [available values: min, max or avg] | string | `min` | no | | iothub_total_devices_time_aggregator | Monitor aggregator for IoT Hub total devices [available values: min, max or avg] | string | `min` | no |
| iothub_total_devices_timeframe | Monitor timeframe for IoT Hub total devices [available values: `last_#m` (1, 5, 10, 15, or 30), `last_#h` (1, 2, or 4), or `last_1d`] | string | `last_5m` | no | | iothub_total_devices_timeframe | Monitor timeframe for IoT Hub total devices [available values: `last_#m` (1, 5, 10, 15, or 30), `last_#h` (1, 2, or 4), or `last_1d`] | string | `last_5m` | no |
| keyvault_api_result_message | Custom message for Key Vault API result monitor | string | `` | no |
| keyvault_api_result_silenced | Groups to mute for Key Vault API result monitor | map | `<map>` | no |
| keyvault_api_result_threshold_critical | Critical threshold for Key Vault API result rate | string | `10` | no |
| keyvault_api_result_threshold_warning | Warning threshold for Key Vault API result rate | string | `30` | no |
| keyvault_api_result_timeframe | Monitor timeframe for Key Vault API result [available values: `last_#m` (1, 5, 10, 15, or 30), `last_#h` (1, 2, or 4), or `last_1d`] | string | `last_30m` | no |
| keyvault_status_message | Custom message for Key Vault status monitor | string | `` | no |
| keyvault_status_silenced | Groups to mute for Key Vault status monitor | map | `<map>` | no |
| keyvault_status_time_aggregator | Monitor aggregator for Key Vault status [available values: min, max or avg] | string | `max` | no |
| keyvault_status_timeframe | Monitor timeframe for Key Vault status [available values: `last_#m` (1, 5, 10, 15, or 30), `last_#h` (1, 2, or 4), or `last_1d`] | string | `last_15m` | no |
| message | Message sent when a monitor is triggered | string | - | yes | | message | Message sent when a monitor is triggered | string | - | yes |
| non_taggable_filter_tags | Tags used for filtering for components without tag support | string | `*` | no | | non_taggable_filter_tags | Tags used for filtering for components without tag support | string | `*` | no |
| redis_evictedkeys_limit_message | Custom message for Redis evicted keys monitor | string | `` | no | | redis_evictedkeys_limit_message | Custom message for Redis evicted keys monitor | string | `` | no |

50
cloud/azure/inputs.tf
View File

@ -1705,3 +1705,53 @@ variable "datalakestore_status_timeframe" {
description = "Monitor timeframe for Datalake Store status [available values: `last_#m` (1, 5, 10, 15, or 30), `last_#h` (1, 2, or 4), or `last_1d`]" description = "Monitor timeframe for Datalake Store status [available values: `last_#m` (1, 5, 10, 15, or 30), `last_#h` (1, 2, or 4), or `last_1d`]"
default = "last_15m" default = "last_15m"
} }
variable "keyvault_status_silenced" {
description = "Groups to mute for Key Vault status monitor"
type = "map"
default = {}
}
variable "keyvault_status_message" {
description = "Custom message for Key Vault status monitor"
type = "string"
default = ""
}
variable "keyvault_status_time_aggregator" {
description = "Monitor aggregator for Key Vault status [available values: min, max or avg]"
type = "string"
default = "max"
}
variable "keyvault_status_timeframe" {
description = "Monitor timeframe for Key Vault status [available values: `last_#m` (1, 5, 10, 15, or 30), `last_#h` (1, 2, or 4), or `last_1d`]"
default = "last_15m"
}
variable "keyvault_api_result_silenced" {
description = "Groups to mute for Key Vault API result monitor"
type = "map"
default = {}
}
variable "keyvault_api_result_message" {
description = "Custom message for Key Vault API result monitor"
type = "string"
default = ""
}
variable "keyvault_api_result_timeframe" {
description = "Monitor timeframe for Key Vault API result [available values: `last_#m` (1, 5, 10, 15, or 30), `last_#h` (1, 2, or 4), or `last_1d`]"
default = "last_30m"
}
variable "keyvault_api_result_threshold_critical" {
description = "Critical threshold for Key Vault API result rate"
default = 10
}
variable "keyvault_api_result_threshold_warning" {
description = "Warning threshold for Key Vault API result rate"
default = 30
}

49
cloud/azure/keyvault/README.md Normal file
View File

@ -0,0 +1,49 @@
Key Vault Datadog monitor
=========================
How to use this module
----------------------
```
module "datadog-monitors-azure-keyvault" {
source = "git::ssh://git@bitbucket.org/morea/terraform.feature.datadog.git//cloud/azure/keyvault?ref={revision}"
message = "${module.datadog-message-alerting.alerting-message}"
environment = "${var.environment}"
}
```
Purpose
-------
Creates a Datadog monitor with the following checks :
* Service status check
* API result rate
Inputs
------
| Name | Description | Type | Default | Required |
|------|-------------|:----:|:-----:|:-----:|
| api_result_message | Custom message for Key Vault API result monitor | string | `` | no |
| api_result_silenced | Groups to mute for Key Vault API result monitor | map | `<map>` | no |
| api_result_threshold_critical | Critical threshold for Key Vault API result rate | string | `10` | no |
| api_result_threshold_warning | Warning threshold for Key Vault API result rate | string | `30` | no |
| api_result_timeframe | Monitor timeframe for Key Vault API result [available values: `last_#m` (1, 5, 10, 15, or 30), `last_#h` (1, 2, or 4), or `last_1d`] | string | `last_30m` | no |
| delay | Delay in seconds for the metric evaluation | string | `900` | no |
| environment | Architecture environment | string | - | yes |
| filter_tags_custom | Tags used for custom filtering when filter_tags_use_defaults is false | string | `*` | no |
| filter_tags_use_defaults | Use default filter tags convention | string | `true` | no |
| message | Message sent when a monitor is triggered | string | - | yes |
| status_message | Custom message for Key Vault status monitor | string | `` | no |
| status_silenced | Groups to mute for Key Vault status monitor | map | `<map>` | no |
| status_time_aggregator | Monitor aggregator for Key Vault status [available values: min, max or avg] | string | `max` | no |
| status_timeframe | Monitor timeframe for Key Vault status [available values: `last_#m` (1, 5, 10, 15, or 30), `last_#h` (1, 2, or 4), or `last_1d`] | string | `last_15m` | no |
Related documentation
---------------------
DataDog documentation : [https://docs.datadoghq.com/integrations/azure/](https://docs.datadoghq.com/integrations/azure/)
You must search `keyvault`, there is no integration for now.
Azure metrics documentation : [https://docs.microsoft.com/fr-fr/azure/monitoring-and-diagnostics/monitoring-supported-metrics#microsoftkeyvaultvaults](https://docs.microsoft.com/fr-fr/azure/monitoring-and-diagnostics/monitoring-supported-metrics#microsoftkeyvaultvaults)

74
cloud/azure/keyvault/inputs.tf Normal file
View File

@ -0,0 +1,74 @@
variable "environment" {
description = "Architecture environment"
type = "string"
}
variable "filter_tags_use_defaults" {
description = "Use default filter tags convention"
default = "true"
}
variable "filter_tags_custom" {
description = "Tags used for custom filtering when filter_tags_use_defaults is false"
default = "*"
}
variable "message" {
description = "Message sent when a monitor is triggered"
}
variable "delay" {
description = "Delay in seconds for the metric evaluation"
default = 900
}
# Azure Key Vault specific variables
variable "status_silenced" {
description = "Groups to mute for Key Vault status monitor"
type = "map"
default = {}
}
variable "status_message" {
description = "Custom message for Key Vault status monitor"
type = "string"
default = ""
}
variable "status_time_aggregator" {
description = "Monitor aggregator for Key Vault status [available values: min, max or avg]"
type = "string"
default = "max"
}
variable "status_timeframe" {
description = "Monitor timeframe for Key Vault status [available values: `last_#m` (1, 5, 10, 15, or 30), `last_#h` (1, 2, or 4), or `last_1d`]"
default = "last_15m"
}
variable "api_result_silenced" {
description = "Groups to mute for Key Vault API result monitor"
type = "map"
default = {}
}
variable "api_result_message" {
description = "Custom message for Key Vault API result monitor"
type = "string"
default = ""
}
variable "api_result_timeframe" {
description = "Monitor timeframe for Key Vault API result [available values: `last_#m` (1, 5, 10, 15, or 30), `last_#h` (1, 2, or 4), or `last_1d`]"
default = "last_30m"
}
variable "api_result_threshold_critical" {
description = "Critical threshold for Key Vault API result rate"
default = 10
}
variable "api_result_threshold_warning" {
description = "Warning threshold for Key Vault API result rate"
default = 30
}

67
cloud/azure/keyvault/monitors-keyvault.tf Normal file
View File

@ -0,0 +1,67 @@
data "template_file" "filter" {
template = "$${filter}"
vars {
filter = "${var.filter_tags_use_defaults == "true" ? format("dd_monitoring:enabled,dd_azure_servicebus:enabled,env:%s", var.environment) : "${var.filter_tags_custom}"}"
}
}
resource "datadog_monitor" "keyvault_status" {
name = "[${var.environment}] Key Vault is down"
message = "${coalesce(var.status_message, var.message)}"
query = <<EOF
${var.status_time_aggregator}(${var.status_timeframe}): (
avg:azure.keyvault_vaults.status{${data.template_file.filter.rendered}} by {resource_group,region,name}
) != 1
EOF
type = "metric alert"
silenced = "${var.status_silenced}"
notify_no_data = true
evaluation_delay = "${var.delay}"
renotify_interval = 0
notify_audit = false
timeout_h = 0
include_tags = true
locked = false
require_full_window = false
new_host_delay = "${var.delay}"
tags = ["env:${var.environment}", "resource:keyvault", "team:azure", "provider:azure"]
}
resource "datadog_monitor" "keyvault_api_result" {
name = "[${var.environment}] Key Vault API result rate is low {{#is_alert}}{{{comparator}}} {{threshold}}% ({{value}}%){{/is_alert}}{{#is_warning}}{{{comparator}}} {{warn_threshold}}% ({{value}}%){{/is_warning}}"
message = "${coalesce(var.status_message, var.message)}"
query = <<EOF
sum(${var.api_result_timeframe}): (
avg:azure.keyvault_vaults.service_api_result{${data.template_file.filter.rendered}} by {name,resource_group,region}.as_count() /
avg:azure.keyvault_vaults.service_api_hit{${data.template_file.filter.rendered}} by {name,resource_group,region}.as_count()
) * 100 < ${var.api_result_threshold_critical}
EOF
thresholds {
critical = "${var.api_result_threshold_critical}"
warning = "${var.api_result_threshold_warning}"
}
type = "metric alert"
silenced = "${var.api_result_silenced}"
notify_no_data = true
evaluation_delay = "${var.delay}"
renotify_interval = 0
notify_audit = false
timeout_h = 0
include_tags = true
locked = false
require_full_window = false
new_host_delay = "${var.delay}"
tags = ["env:${var.environment}", "resource:keyvault", "team:azure", "provider:azure"]
}

22
cloud/azure/monitors.tf
View File

@ -429,3 +429,25 @@ module "datalakestore" {
status_timeframe = "${var.datalakestore_status_timeframe}" status_timeframe = "${var.datalakestore_status_timeframe}"
status_time_aggregator = "${var.datalakestore_status_time_aggregator}" status_time_aggregator = "${var.datalakestore_status_time_aggregator}"
} }
module "keyvault" {
source = "./keyvault"
environment = "${var.environment}"
message = "${var.message}"
delay = "${var.delay}"
filter_tags_use_defaults = "${var.filter_tags_use_defaults}"
filter_tags_custom = "${var.filter_tags_custom}"
status_silenced = "${var.keyvault_status_silenced}"
status_message = "${var.keyvault_status_message}"
status_timeframe = "${var.keyvault_status_timeframe}"
status_time_aggregator = "${var.keyvault_status_time_aggregator}"
api_result_silenced = "${var.keyvault_api_result_silenced}"
api_result_message = "${var.keyvault_api_result_message}"
api_result_timeframe = "${var.keyvault_api_result_timeframe}"
api_result_threshold_critical = "${var.keyvault_api_result_threshold_critical}"
api_result_threshold_warning = "${var.keyvault_api_result_threshold_warning}"
}