DTOSS-8458: Create a Terraform module for Azure Action Group

Author: mrlockstar

infrastructure/modules/monitor-action-group/examples/main.tf

@@ -1,16 +1,34 @@
 module "monitor_action_group" {
-  source = "./modules/monitor-action-group"
+  for_each = local.monitor_action_group_map
 
-  name                = "example-monitor-action-group"
-  resource_group_name = azurerm_resource_group.core[each.key].name
-  location            = each.key
-  short_name          = "testing123"
+  source = "../monitor-action-group"
 
-  email_receiver = [
-    {
-      name                    = "testing"
-      email_address           = "testing@testing.com"
-      use_common_alert_schema = false
-    }
-  ]
+  name                = "${module.regions_config[each.value.region].names.monitor-action-group}-${lower(each.value.short_name)}"
+  resource_group_name = azurerm_resource_group.core[each.value.region].name
+  location            = each.value.region
+  short_name          = each.value.short_name
+  email_receiver      = each.value.email_receiver
+  event_hub_receiver  = each.value.event_hub_receiver
+  sms_receiver        = each.value.sms_receiver
+  voice_receiver      = each.value.voice_receiver
+  webhook_receiver    = each.value.webhook_receiver
+}
+
+locals {
+  monitor_action_group_object_list = flatten([
+    for region in keys(var.regions) : [
+      for action_group_key, action_group_details in var.monitor_action_group : merge(
+        {
+          region           = region
+          action_group_key = action_group_key
+        },
+        action_group_details
+      )
+    ]
+  ])
+
+  # ...then project the list of objects into a map with unique keys (combining the iterators), for consumption by a for_each meta argument
+  monitor_action_group_map = {
+    for object in local.monitor_action_group_object_list : "${object.action_group_key}-${object.region}" => object
+  }
 }

infrastructure/modules/monitor-action-group/examples/variables.tf

@@ -0,0 +1,35 @@
+
+variable "monitor_action_group" {
+  description = "Default configuration for the monitor action groups."
+  type = map(object({
+    short_name = string
+    email_receiver = optional(map(object({
+      name                    = string
+      email_address           = string
+      use_common_alert_schema = optional(bool, false)
+    })))
+    event_hub_receiver = optional(map(object({
+      name                    = string
+      event_hub_namespace     = string
+      event_hub_name          = string
+      subscription_id         = string
+      use_common_alert_schema = optional(bool, false)
+    })))
+    sms_receiver = optional(map(object({
+      name         = string
+      country_code = string
+      phone_number = string
+    })))
+    voice_receiver = optional(map(object({
+      name         = string
+      country_code = string
+      phone_number = string
+    })))
+    webhook_receiver = optional(map(object({
+      name                    = string
+      service_uri             = string
+      use_common_alert_schema = optional(bool, false)
+    })))
+
+  }))
+}

infrastructure/modules/monitor-action-group/main.tf

@@ -1,100 +1,48 @@
-# resource "azurerm_log_analytics_workspace" "this" {
-#   name                = "workspace-01"
-#   location            = azurerm_resource_group.example.location
-#   resource_group_name = azurerm_resource_group.example.name
-# }
-
 resource "azurerm_monitor_action_group" "this" {
   name                = var.name
   resource_group_name = var.resource_group_name
   short_name          = var.short_name
 
-  # arm_role_receiver {
-  #   name                    = "armroleaction"
-  #   role_id                 = "de139f84-1756-47ae-9be6-808fbbe84772"
-  #   use_common_alert_schema = true
-  # }
-
-  # automation_runbook_receiver {
-  #   name                    = "action_name_1"
-  #   automation_account_id   = "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/rg-runbooks/providers/Microsoft.Automation/automationAccounts/aaa001"
-  #   runbook_name            = "my runbook"
-  #   webhook_resource_id     = "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/rg-runbooks/providers/Microsoft.Automation/automationAccounts/aaa001/webHooks/webhook_alert"
-  #   is_global_runbook       = true
-  #   service_uri             = "https://s13events.azure-automation.net/webhooks?token=randomtoken"
-  #   use_common_alert_schema = true
-  # }
-
-  # azure_app_push_receiver {
-  #   name          = "pushtoadmin"
-  #   email_address = "admin@contoso.com"
-  # }
-
-  # azure_function_receiver {
-  #   name                     = "funcaction"
-  #   function_app_resource_id = "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/rg-funcapp/providers/Microsoft.Web/sites/funcapp"
-  #   function_name            = "myfunc"
-  #   http_trigger_url         = "https://example.com/trigger"
-  #   use_common_alert_schema  = true
-  # }
-
   dynamic "email_receiver" {
-    for_each = toset(var.email_receiver)
+    for_each = var.email_receiver != null ? var.email_receiver : {}
     content {
       name                    = email_receiver.value.name
       email_address           = email_receiver.value.email_address
       use_common_alert_schema = email_receiver.value.use_common_alert_schema
     }
   }
 
-  # email_receiver {
-  #   name          = "sendtoadmin"
-  #   email_address = "admin@contoso.com"
-  # }
-
-  # email_receiver {
-  #   name                    = "sendtodevops"
-  #   email_address           = "devops@contoso.com"
-  #   use_common_alert_schema = true
-  # }
-
-  # event_hub_receiver {
-  #   name                    = "sendtoeventhub"
-  #   event_hub_namespace     = "eventhubnamespace"
-  #   event_hub_name          = "eventhub1"
-  #   subscription_id         = "00000000-0000-0000-0000-000000000000"
-  #   use_common_alert_schema = false
-  # }
-
-  # itsm_receiver {
-  #   name                 = "createorupdateticket"
-  #   workspace_id         = "${data.azurerm_client_config.current.subscription_id}|${azurerm_log_analytics_workspace.example.workspace_id}"
-  #   connection_id        = "53de6956-42b4-41ba-be3c-b154cdf17b13"
-  #   ticket_configuration = "{\"PayloadRevision\":0,\"WorkItemType\":\"Incident\",\"UseTemplate\":false,\"WorkItemData\":\"{}\",\"CreateOneWIPerCI\":false}"
-  #   region               = "southcentralus"
-  # }
-
-  # logic_app_receiver {
-  #   name                    = "logicappaction"
-  #   resource_id             = "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/rg-logicapp/providers/Microsoft.Logic/workflows/logicapp"
-  #   callback_url            = "https://logicapptriggerurl/..."
-  #   use_common_alert_schema = true
-  # }
+  dynamic "event_hub_receiver" {
+    for_each = var.event_hub_receiver != null ? var.event_hub_receiver : {}
+    content {
+      name                    = event_hub_receiver.value.name
+      event_hub_namespace     = event_hub_receiver.value.event_hub_namespace
+      event_hub_name          = event_hub_receiver.value.event_hub_name
+      subscription_id         = event_hub_receiver.value.subscription_id
+      use_common_alert_schema = event_hub_receiver.value.use_common_alert_schema
+    }
+  }
 
-  # sms_receiver {
-  #   name         = "oncallmsg"
-  #   country_code = "1"
-  #   phone_number = "1231231234"
-  # }
+  dynamic "sms_receiver" {
+    for_each = var.sms_receiver != null ? var.sms_receiver : {}
+    content {
+      name         = sms_receiver.value.name
+      country_code = sms_receiver.value.country_code
+      phone_number = sms_receiver.value.phone_number
+    }
+  }
 
-  # voice_receiver {
-  #   name         = "remotesupport"
-  #   country_code = "86"
-  #   phone_number = "13888888888"
-  # }
+  dynamic "voice_receiver" {
+    for_each = var.voice_receiver != null ? var.voice_receiver : {}
+    content {
+      name         = voice_receiver.value.name
+      country_code = voice_receiver.value.country_code
+      phone_number = voice_receiver.value.phone_number
+    }
+  }
 
   dynamic "webhook_receiver" {
-    for_each = toset(var.webhook_receiver)
+    for_each = var.webhook_receiver != null ? var.webhook_receiver : {}
     content {
       name                    = webhook_receiver.value.name
       service_uri             = webhook_receiver.value.service_uri

infrastructure/modules/monitor-action-group/variables.tf

@@ -14,23 +14,55 @@ variable "short_name" {
 }
 
 variable "email_receiver" {
-  description = "email receiver properties."
-  type = list(object({
+  description = "Email receiver properties."
+  type = map(object({
     name                    = string
     email_address           = string
+    use_common_alert_schema = optional(bool, false)
+  }))
+  default = {}
+}
+
+variable "event_hub_receiver" {
+  description = "event hub receiver properties."
+  type = map(object({
+    name                    = string
+    event_hub_namespace     = string
+    event_hub_name          = string
+    subscription_id         = string
     use_common_alert_schema = bool
   }))
-  default = []
+  default = {}
+}
+
+variable "sms_receiver" {
+  description = "sms receiver properties."
+  type = map(object({
+    name         = string
+    country_code = string
+    phone_number = string
+  }))
+  default = {}
+}
+
+variable "voice_receiver" {
+  description = "voice receiver properties."
+  type = map(object({
+    name         = string
+    country_code = string
+    phone_number = string
+  }))
+  default = {}
 }
 
 variable "webhook_receiver" {
   description = "webhook receiver properties."
-  type = list(object({
+  type = map(object({
     name                    = string
     service_uri             = string
     use_common_alert_schema = bool
   }))
-  default = []
+  default = {}
 }
 
 variable "location" {

infrastructure/modules/shared-config/output.tf

@@ -121,7 +121,7 @@ locals {
     logic-app                           = lower("LA-${var.env}-${var.location_map[var.location]}-${var.application}")
     managed-devops-pool                 = lower("private-pool-${var.env}-${var.location_map[var.location]}")
     managed-identity                    = lower("MI-${var.env}-${var.location_map[var.location]}-${var.application}")
-    monitor_action_group_name           = lower("AG-${var.env}-${var.location_map[var.location]}-${var.application}")
+    monitor-action-group                = lower("AG-${var.env}-${var.location_map[var.location]}-${var.application}")
     network-interface                   = upper("${var.env}-${var.location_map[var.location]}-${var.application}")
     network-security-group              = upper("NSG-${var.env}-${var.location_map[var.location]}-${var.application}")
     postgres-sql-server                 = lower("postgres-${var.application}-${var.env}-${var.location_map[var.location]}")