https://github.com/stefanfreitag/terraform-aws-msk-status-monitor
Monitors the status of all MSK cluster in an AWS account and sends out notifications when a cluster is not in the ACTIVE state.
https://github.com/stefanfreitag/terraform-aws-msk-status-monitor
aws monitor msk status terraform
Last synced: 3 months ago
JSON representation
Monitors the status of all MSK cluster in an AWS account and sends out notifications when a cluster is not in the ACTIVE state.
- Host: GitHub
- URL: https://github.com/stefanfreitag/terraform-aws-msk-status-monitor
- Owner: stefanfreitag
- License: apache-2.0
- Created: 2023-10-15T15:02:17.000Z (over 1 year ago)
- Default Branch: main
- Last Pushed: 2024-07-22T13:32:51.000Z (11 months ago)
- Last Synced: 2025-03-10T23:28:23.620Z (3 months ago)
- Topics: aws, monitor, msk, status, terraform
- Language: HCL
- Homepage:
- Size: 45.9 KB
- Stars: 0
- Watchers: 2
- Forks: 0
- Open Issues: 3
-
Metadata Files:
- Readme: README.md
- Contributing: CONTRIBUTING.md
- License: LICENSE
- Code of conduct: CODE_OF_CONDUCT.md
Awesome Lists containing this project
README
# terraform-aws-msk-health
[](https://releases.hashicorp.com/terraform/)
[](https://opensource.org/licenses/Apache-2.0)
This module deploys a Lambda function that checks the health of MSK cluster and sends a notification if a cluster is unhealthy.
If the target for `ok_actions`, `alarm_actions` or `insufficient_data_actions` is an SNS topic using a KMS key, ensure
that CloudWatch Alarms has sufficient permissions to publish messages.
For example:
```shell
statement {
sid = "Allow access for CloudWatch Alarms"
effect = "Allow"
principals {
type = "Service"
identifiers = ["cloudwatch.amazonaws.com"]
}
actions = [
"kms:Decrypt",
"kms:GenerateDataKey"
]
resources = ["*"]
}
```
## Requirements
| Name | Version |
|------|---------|
| [terraform](#requirement\_terraform) | >= 1.0 |
| [archive](#requirement\_archive) | >=2.4.0 |
| [aws](#requirement\_aws) | >= 5.32 |
| [random](#requirement\_random) | >=3.5.1 |
## Providers
| Name | Version |
|------|---------|
| [archive](#provider\_archive) | >=2.4.0 |
| [aws](#provider\_aws) | >= 5.32 |
## Modules
No modules.
## Resources
| Name | Type |
|------|------|
| [aws_cloudwatch_event_rule.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_event_rule) | resource |
| [aws_cloudwatch_event_target.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_event_target) | resource |
| [aws_cloudwatch_log_group.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_log_group) | resource |
| [aws_cloudwatch_metric_alarm.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_metric_alarm) | resource |
| [aws_iam_policy.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_policy) | resource |
| [aws_iam_role.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role) | resource |
| [aws_iam_role_policy_attachment.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy_attachment) | resource |
| [aws_lambda_function.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/lambda_function) | resource |
| [aws_lambda_permission.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/lambda_permission) | resource |
| [aws_sns_topic.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/sns_topic) | resource |
| [aws_sns_topic_subscription.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/sns_topic_subscription) | resource |
| [archive_file.status_checker_code](https://registry.terraform.io/providers/hashicorp/archive/latest/docs/data-sources/file) | data source |
| [aws_caller_identity.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/caller_identity) | data source |
| [aws_region.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/region) | data source |
## Inputs
| Name | Description | Type | Default | Required |
|------|-------------|------|---------|:--------:|
| [alarm\_actions](#input\_alarm\_actions) | The list of actions to execute when this alarm transitions into an ALARM state from any other state. Each action is specified as an Amazon Resource Name (ARN). Default is `null`. | `list(string)` | `null` | no |
| [cloudwatch\_alarms\_treat\_missing\_data](#input\_cloudwatch\_alarms\_treat\_missing\_data) | Sets how the alarms handle missing data points. The following values are supported: `missing`, `ignore`, `breaching` and `notBreaching`. Default is `breaching`. | `string` | `"breaching"` | no |
| [cluster\_arns](#input\_cluster\_arns) | List of MSK cluster ARNs. Default is `[]`. | `list(string)` | `[]` | no |
| [email](#input\_email) | List of e-mail addresses subscribing to the SNS topic. Default is `[]`. | `list(string)` | `[]` | no |
| [enable\_cloudwatch\_alarms](#input\_enable\_cloudwatch\_alarms) | Setup CloudWatch alarms for the MSK clusters state. For each state a separate alarm will be created. Default is `false`. | `bool` | `false` | no |
| [enable\_sns\_notifications](#input\_enable\_sns\_notifications) | Setup SNS notifications for the MSK clusters state. Default is `false`. | `bool` | `false` | no |
| [ignore\_states](#input\_ignore\_states) | Suppress warnings for the listed MSK states. Default: ['MAINTENANCE'] | `list(string)` |
[
"MAINTENANCE"
]
| no |
| [insufficient\_data\_actions](#input\_insufficient\_data\_actions) | The list of actions to execute when this alarm transitions into an INSUFFICIENT\_DATA state from any other state. Each action is specified as an Amazon Resource Name (ARN). Default is `null`. | `list(string)` | `null` | no |
| [log\_retion\_period\_in\_days](#input\_log\_retion\_period\_in\_days) | Number of days logs will be retained. Default is `365`. | `number` | `365` | no |
| [memory\_size](#input\_memory\_size) | Amount of memory in MByte that the Lambda function can use at runtime. Default is `160`. | `number` | `160` | no |
| [name](#input\_name) | Name of the health monitor. Default is `msk_status_monitor`. | `string` | `"msk_status_monitor"` | no |
| [ok\_actions](#input\_ok\_actions) | The list of actions to execute when this alarm transitions into an OK state from any other state. Each action is specified as an Amazon Resource Name (ARN). | `list(string)` | `null` | no |
| [schedule\_expression](#input\_schedule\_expression) | The schedule expression for the CloudWatch event rule. Default is `rate(5 minutes)`. | `string` | `"rate(5 minutes)"` | no |
| [tags](#input\_tags) | A map of tags to add to all resources. Default is `{}`. | `map(string)` | `{}` | no |
## Outputs
| Name | Description |
|------|-------------|
| [cloudwatch\_metric\_alarm\_arns](#output\_cloudwatch\_metric\_alarm\_arns) | A map consisting of MSK cluster names and their CloudWatch metric alarm ARNs. |
| [role\_arn](#output\_role\_arn) | The ARN of the IAM role. |
| [sns\_topic\_arn](#output\_sns\_topic\_arn) | The ARN of the SNS topic. |