feat: DTOSS-8458: Create a terraform module for azure action group (#145)

* DTOSS-8458: Create a Terraform module for Azure Action Group

* DTOSS-8458: Create a Terraform module for Azure Action Group

* Pr changes

* Pr changes

* Pr changes

Author: mrlockstar

infrastructure/.gitignore

@@ -11,12 +11,6 @@
 crash.log
 crash.*.log
 
-# Exclude all .tfvars files, which are likely to contain sensitive data, such as
-# password, private keys, and other secrets. These should not be part of version
-# control as they are data points which are potentially sensitive and subject
-# to change depending on the environment.
-*.tfvars
-*.tfvars.json
 
 # Ignore override files as they are usually used to override resources locally and so
 # are not checked in

infrastructure/modules/monitor-action-group/examples/example.tfvars

@@ -0,0 +1,64 @@
+regions = {
+  uksouth = {
+    is_primary_region = true
+    address_space     = "10.113.0.0/16"
+    connect_peering   = false
+    subnets           = {}
+  }
+}
+
+monitor_action_group = {
+
+  action_group_1 = {
+    short_name = "group1"
+    email_receiver = {
+      alert_team = {
+        name                    = "email1"
+        email_address           = "alert_team@testing.com"
+        use_common_alert_schema = false
+      }
+
+      devops = {
+        name                    = "email2"
+        email_address           = "devops@testing.com"
+        use_common_alert_schema = false
+      }
+    }
+  }
+
+  action_group_2 = {
+    short_name = "group2"
+    webhook_receiver = {
+      slack_alerts = {
+        name                    = "slack_alerts"
+        service_uri             = "http://example.com/alert1"
+        use_common_alert_schema = false
+      }
+      monitoring_alerts = {
+        name                    = "webhook2"
+        service_uri             = "http://example.com/slack"
+        use_common_alert_schema = false
+      }
+    }
+  }
+
+  action_group_3 = {
+    short_name = "group3"
+    voice_receiver = {
+      alerts1 = {
+        name         = "voice_alerts"
+        country_code = "44"
+        phone_number = "1234567890"
+      }
+    }
+
+    sms_receiver = {
+      alerts2 = {
+        name         = "sms_alerts"
+        country_code = "44"
+        phone_number = "1234567890"
+      }
+    }
+  }
+
+}

infrastructure/modules/monitor-action-group/examples/main.tf

@@ -0,0 +1,34 @@
+module "monitor_action_group" {
+  for_each = local.monitor_action_group_map
+
+  source = "../monitor-action-group"
+
+  name                = "${module.regions_config[each.value.region].names.monitor-action-group}-${lower(each.value.short_name)}"
+  resource_group_name = azurerm_resource_group.core[each.value.region].name
+  location            = each.value.region
+  short_name          = each.value.short_name
+  email_receiver      = each.value.email_receiver
+  event_hub_receiver  = each.value.event_hub_receiver
+  sms_receiver        = each.value.sms_receiver
+  voice_receiver      = each.value.voice_receiver
+  webhook_receiver    = each.value.webhook_receiver
+}
+
+locals {
+  monitor_action_group_object_list = flatten([
+    for region in keys(var.regions) : [
+      for action_group_key, action_group_details in var.monitor_action_group : merge(
+        {
+          region           = region
+          action_group_key = action_group_key
+        },
+        action_group_details
+      )
+    ]
+  ])
+
+  # ...then project the list of objects into a map with unique keys (combining the iterators), for consumption by a for_each meta argument
+  monitor_action_group_map = {
+    for object in local.monitor_action_group_object_list : "${object.action_group_key}-${object.region}" => object
+  }
+}

infrastructure/modules/monitor-action-group/examples/variables.tf

@@ -0,0 +1,51 @@
+variable "regions" {
+  type = map(object({
+    address_space     = optional(string)
+    is_primary_region = bool
+    connect_peering   = optional(bool, false)
+    subnets = optional(map(object({
+      cidr_newbits               = string
+      cidr_offset                = string
+      create_nsg                 = optional(bool, true) # defaults to true
+      name                       = optional(string)     # Optional name override
+      delegation_name            = optional(string)
+      service_delegation_name    = optional(string)
+      service_delegation_actions = optional(list(string))
+    })))
+  }))
+}
+
+variable "monitor_action_group" {
+  description = "Default configuration for the monitor action groups."
+  type = map(object({
+    short_name = string
+    email_receiver = optional(map(object({
+      name                    = string
+      email_address           = string
+      use_common_alert_schema = optional(bool, false)
+    })))
+    event_hub_receiver = optional(map(object({
+      name                    = string
+      event_hub_namespace     = string
+      event_hub_name          = string
+      subscription_id         = string
+      use_common_alert_schema = optional(bool, false)
+    })))
+    sms_receiver = optional(map(object({
+      name         = string
+      country_code = string
+      phone_number = string
+    })))
+    voice_receiver = optional(map(object({
+      name         = string
+      country_code = string
+      phone_number = string
+    })))
+    webhook_receiver = optional(map(object({
+      name                    = string
+      service_uri             = string
+      use_common_alert_schema = optional(bool, false)
+    })))
+
+  }))
+}

infrastructure/modules/monitor-action-group/main.tf

@@ -0,0 +1,53 @@
+resource "azurerm_monitor_action_group" "this" {
+  name                = var.name
+  resource_group_name = var.resource_group_name
+  short_name          = var.short_name
+
+  dynamic "email_receiver" {
+    for_each = var.email_receiver != null ? var.email_receiver : {}
+    content {
+      name                    = email_receiver.value.name
+      email_address           = email_receiver.value.email_address
+      use_common_alert_schema = email_receiver.value.use_common_alert_schema
+    }
+  }
+
+  dynamic "event_hub_receiver" {
+    for_each = var.event_hub_receiver != null ? var.event_hub_receiver : {}
+    content {
+      name                    = event_hub_receiver.value.name
+      event_hub_namespace     = event_hub_receiver.value.event_hub_namespace
+      event_hub_name          = event_hub_receiver.value.event_hub_name
+      subscription_id         = event_hub_receiver.value.subscription_id
+      use_common_alert_schema = event_hub_receiver.value.use_common_alert_schema
+    }
+  }
+
+  dynamic "sms_receiver" {
+    for_each = var.sms_receiver != null ? var.sms_receiver : {}
+    content {
+      name         = sms_receiver.value.name
+      country_code = sms_receiver.value.country_code
+      phone_number = sms_receiver.value.phone_number
+    }
+  }
+
+  dynamic "voice_receiver" {
+    for_each = var.voice_receiver != null ? var.voice_receiver : {}
+    content {
+      name         = voice_receiver.value.name
+      country_code = voice_receiver.value.country_code
+      phone_number = voice_receiver.value.phone_number
+    }
+  }
+
+  dynamic "webhook_receiver" {
+    for_each = var.webhook_receiver != null ? var.webhook_receiver : {}
+    content {
+      name                    = webhook_receiver.value.name
+      service_uri             = webhook_receiver.value.service_uri
+      use_common_alert_schema = webhook_receiver.value.use_common_alert_schema
+    }
+  }
+
+}

infrastructure/modules/monitor-action-group/variables.tf

@@ -0,0 +1,81 @@
+variable "name" {
+  type        = string
+  description = "value of the name of the diagnostic setting"
+}
+
+variable "resource_group_name" {
+  description = "The name of the resource group in which to create the monitor action group."
+  type        = string
+}
+
+variable "short_name" {
+  description = "The short name of the action group. This will be used in SMS messages."
+  type        = string
+}
+
+variable "email_receiver" {
+  description = "Email receiver properties."
+  type = map(object({
+    name                    = string
+    email_address           = string
+    use_common_alert_schema = optional(bool, false)
+  }))
+  default = null
+}
+
+variable "event_hub_receiver" {
+  description = "event hub receiver properties."
+  type = map(object({
+    name                    = string
+    event_hub_namespace     = string
+    event_hub_name          = string
+    subscription_id         = string
+    use_common_alert_schema = bool
+  }))
+  default = null
+}
+
+variable "sms_receiver" {
+  description = "sms receiver properties."
+  type = map(object({
+    name         = string
+    country_code = string
+    phone_number = string
+  }))
+  default = null
+}
+
+variable "voice_receiver" {
+  description = "voice receiver properties."
+  type = map(object({
+    name         = string
+    country_code = string
+    phone_number = string
+  }))
+  default = null
+}
+
+variable "webhook_receiver" {
+  description = "webhook receiver properties."
+  type = map(object({
+    name                    = string
+    service_uri             = string
+    use_common_alert_schema = bool
+  }))
+  default = null
+}
+
+variable "location" {
+  description = "The location/region where the Event Hub namespace is created."
+  type        = string
+  validation {
+    condition     = contains(["uksouth", "ukwest"], var.location)
+    error_message = "The location must be either uksouth or ukwest."
+  }
+}
+
+variable "tags" {
+  description = "A mapping of tags to assign to the resource."
+  type        = map(string)
+  default     = {}
+}

infrastructure/modules/shared-config/output.tf

@@ -121,6 +121,7 @@ locals {
     logic-app                           = lower("LA-${var.env}-${var.location_map[var.location]}-${var.application}")
     managed-devops-pool                 = lower("private-pool-${var.env}-${var.location_map[var.location]}")
     managed-identity                    = lower("MI-${var.env}-${var.location_map[var.location]}-${var.application}")
+    monitor-action-group                = lower("AG-${var.env}-${var.location_map[var.location]}-${var.application}")
     network-interface                   = upper("${var.env}-${var.location_map[var.location]}-${var.application}")
     network-security-group              = upper("NSG-${var.env}-${var.location_map[var.location]}-${var.application}")
     postgres-sql-server                 = lower("postgres-${var.application}-${var.env}-${var.location_map[var.location]}")