alarms to terraform

Author: devksingh4

cloudformation/alerting.yml

@@ -1,22 +1,8 @@
 AWSTemplateFormatVersion: '2010-09-09'
 Description: Stack Log Groups
 Transform: AWS::Serverless-2016-10-31
-Parameters:
-  LambdaFunctionName:
-    Type: String
-    AllowedPattern: ^[a-zA-Z0-9]+[a-zA-Z0-9-]+[a-zA-Z0-9]+$
-  LogRetentionDays:
-    Type: Number
+
 Resources:
-  AppApiLambdaLogGroup:
-    Type: AWS::Logs::LogGroup
-    DeletionPolicy: Retain
-    UpdateReplacePolicy: Retain
-    Properties:
-      LogGroupName:
-        Fn::Sub: /aws/lambda/${LambdaFunctionName}
-      RetentionInDays:
-        Ref: LogRetentionDays
   AppAuditLog:
     Type: "AWS::DynamoDB::Table"
     DeletionPolicy: "Retain"

cloudformation/logs.yml

@@ -6,14 +6,6 @@ Parameters:
   RunEnvironment:
     Type: String
     AllowedValues: ["dev", "prod"]
-  AlertSNSArn:
-    Description: SNS Queue to send general alarm alerts to (prod only)
-    Type: String
-    Default: arn:aws:sns:us-east-1:298118738376:infra-monitor-alerts
-  PriorityAlertSNSArn:
-    Description: SNS Queue to send priority alarm alerts to (prod only)
-    Type: String
-    Default: arn:aws:sns:us-east-1:298118738376:infra-core-api-priority-alerts
   ApplicationPrefix:
     Type: String
     Description: Application prefix, no ending dash
@@ -46,10 +38,8 @@ Conditions:
 Mappings:
   General:
     dev:
-      LogRetentionDays: 7
       SesDomain: "aws.qa.acmuiuc.org"
     prod:
-      LogRetentionDays: 90
       SesDomain: "acm.illinois.edu"
   ApiGwConfig:
     dev:
@@ -103,10 +93,6 @@ Resources:
     Type: AWS::Serverless::Application
     Properties:
       Location: ./logs.yml
-      Parameters:
-        LambdaFunctionName: !Sub ${ApplicationPrefix}-lambda
-        LogRetentionDays:
-          !FindInMap [General, !Ref RunEnvironment, LogRetentionDays]
 
   AppSQSQueues:
     Type: AWS::Serverless::Application
@@ -116,18 +102,6 @@ Resources:
         QueueName: !Sub ${ApplicationPrefix}-sqs
         MessageTimeout: !Ref SqsMessageTimeout
 
-  AppAlarms:
-    Condition: IsProd
-    Type: AWS::Serverless::Application
-    Properties:
-      Location: ./alerting.yml
-      Parameters:
-        AlertSNSArn: !Ref AlertSNSArn
-        PriorityAlertSNSArn: !Ref PriorityAlertSNSArn
-        ApplicationPrefix: !Ref ApplicationPrefix
-        ApplicationFriendlyName: !Ref ApplicationFriendlyName
-        MainCloudfrontDistributionId: !GetAtt AppFrontendCloudfrontDistribution.Id
-
   LinkryRecordSetv4:
     Condition: IsDev
     Type: AWS::Route53::RecordSet

cloudformation/main.yml

@@ -18,11 +18,15 @@ provider "aws" {
   }
 }
 
-import {
-  to = aws_cloudwatch_log_group.main_app_logs
-  id = "/aws/lambda/${var.ProjectId}-lambda"
-}
 resource "aws_cloudwatch_log_group" "main_app_logs" {
   name              = "/aws/lambda/${var.ProjectId}-lambda"
   retention_in_days = var.LogRetentionDays
 }
+
+module "app_alarms" {
+  source                          = "../../modules/alarms"
+  main_cloudfront_distribution_id = var.main_cloudfront_distribution_id
+  resource_prefix                 = var.ProjectId
+  priority_sns_arn                = var.GeneralSNSAlertArn
+  standard_sns_arn                = var.PrioritySNSAlertArn
+}

terraform/envs/prod/main.tf

@@ -8,3 +8,17 @@ variable "ProjectId" {
   default = "infra-core-api"
 }
 
+variable "main_cloudfront_distribution_id" {
+  type        = string
+  description = "(temporary) ID for the cloudfront distribution that serves the main application"
+}
+
+variable "GeneralSNSAlertArn" {
+  type    = string
+  default = "arn:aws:sns:us-east-1:298118738376:infra-monitor-alerts"
+}
+
+variable "PrioritySNSAlertArn" {
+  type    = string
+  default = "arn:aws:sns:us-east-1:298118738376:infra-core-api-priority-alerts"
+}

terraform/envs/prod/variables.tf

@@ -0,0 +1,107 @@
+provider "aws" {
+}
+
+resource "aws_cloudwatch_metric_alarm" "app_dlq_messages_alarm" {
+  alarm_name          = "${var.resource_prefix}-sqs-dlq-present"
+  alarm_description   = "Items are present in the application DLQ, meaning some messages failed to process."
+  namespace           = "AWS/SQS"
+  metric_name         = "ApproximateNumberOfMessagesVisible"
+  statistic           = "Maximum"
+  period              = 60
+  evaluation_periods  = 1
+  comparison_operator = "GreaterThanThreshold"
+  threshold           = 0
+  dimensions = [
+    {
+      Name  = "QueueName"
+      Value = "${var.resource_prefix}-sqs-dlq"
+    }
+  ]
+  alarm_actions = [
+    var.priority_sns_arn
+  ]
+}
+
+resource "aws_cloudwatch_metric_alarm" "app_latency_alarm" {
+  alarm_name          = "${var.resource_prefix}-latency-high"
+  alarm_description   = "Trailing Mean - 95% API gateway latency is > 1.25s for 2 times in 4 minutes."
+  namespace           = "AWS/Lambda"
+  metric_name         = "UrlRequestLatency"
+  extended_statistic  = "tm95"
+  period              = "120"
+  evaluation_periods  = "2"
+  comparison_operator = "GreaterThanThreshold"
+  threshold           = "1250"
+  alarm_actions = [
+    var.standard_sns_arn
+  ]
+  dimensions = [
+    {
+      Name  = "FunctionName"
+      Value = "${var.resource_prefix}-lambda"
+    }
+  ]
+}
+
+resource "aws_cloudwatch_metric_alarm" "app_no_requests_alarm" {
+  alarm_name          = "${var.resource_prefix}-no-requests"
+  alarm_description   = "No requests have been received in the past 5 minutes."
+  namespace           = "AWS/Lambda"
+  metric_name         = "UrlRequestCount"
+  statistic           = "Sum"
+  period              = "300"
+  evaluation_periods  = "1"
+  comparison_operator = "LessThanThreshold"
+  threshold           = "1"
+  alarm_actions = [
+    var.priority_sns_arn
+  ]
+  dimensions = [
+    {
+      Name  = "FunctionName"
+      Value = "${var.resource_prefix}-lambda"
+    }
+  ]
+}
+
+resource "aws_cloudwatch_metric_alarm" "app_invocation_error_alarm" {
+  alarm_name          = "${var.resource_prefix}-error-invocation"
+  alarm_description   = "Lambda threw an error, meaning the init of the application itself has encountered an error"
+  namespace           = "AWS/Lambda"
+  metric_name         = "Errors"
+  statistic           = "Sum"
+  period              = "300"
+  evaluation_periods  = "1"
+  comparison_operator = "GreaterThanThreshold"
+  threshold           = "1"
+  alarm_actions = [
+    var.priority_sns_arn
+  ]
+  dimensions = [
+    {
+      Name  = "FunctionName"
+      Value = "${var.resource_prefix}-lambda"
+    }
+  ]
+}
+
+resource "aws_cloudwatch_metric_alarm" "app5xx_error_alarm" {
+  alarm_name          = "${var.resource_prefix}-cloudfront-5xx-error"
+  alarm_description   = "Main application responses are more than 1% 5xx errors (from Cloudfront)"
+  namespace           = "AWS/CloudFront"
+  metric_name         = "5xxErrorRate"
+  statistic           = "Average"
+  period              = "300"
+  evaluation_periods  = "1"
+  comparison_operator = "GreaterThanThreshold"
+  threshold           = "1"
+  alarm_actions = [
+    var.priority_sns_arn
+  ]
+  dimensions = [
+    {
+      Name  = "DistributionId"
+      Value = var.main_cloudfront_distribution_id
+    }
+  ]
+}

terraform/modules/alarms/main.tf

@@ -0,0 +1,19 @@
+variable "resource_prefix" {
+  type        = string
+  description = "Prefix before each resource"
+}
+
+variable "priority_sns_arn" {
+  type        = string
+  description = "Priority SNS alerts ARN"
+}
+
+variable "standard_sns_arn" {
+  type        = string
+  description = "Standard SNS alerts ARN"
+}
+
+variable "main_cloudfront_distribution_id" {
+  type        = string
+  description = "ID for the cloudfront distribution that serves the main application"
+}