Improved cloud-watch alarm naming via suffix #18
Comments
|
This still relevant? how were you thinking of doing it? |
|
Hey guys, how about something like this https://github.com/binbashar/terraform-aws-guardduty-monitor/blob/master/modules/monitor/src/index.js#L39 which adds 2 optional fields to the notification? In this case it could be just one extra field: Account Id, which is already present in the CloudWatch event. Just an idea though. |
|
@dotCipher Thanks for reviewing this feature request issue. We've actually added a suffix to the variable "alarm_suffix" {
default = ""
description = "Suffix to add to alarm name, used for separating different AWS account."
type = string
}resource "aws_cloudwatch_metric_alarm" "default" {
count = length(local.filter_pattern)
alarm_name = "${local.metric_name[count.index]}-alarm-${var.alarm_suffix}"
...
}But @diego-ojeda-binbash OJ solutions looks probably better. |
|
@exequielrafaela I could see the use of the alarm_suffix as you've outlined it since these names fall outside of the terraform-null-label pattern. Ya'll should put up a PR and we'll check it out in more detail. |
|
@Gowiem Thanks for your quick response and feedback here, we appreciate it. We'll work this out along with @diego-ojeda-binbash in order to put a related PR (probably during next week). We've done some other updates to this module, which are pretty useful for our use cases, we'll probably add them too in order to get your review. |
|
Thanks! Looking forward to it! |
|
@dotCipher We'll finally move forward with this issue. @lgallard from our team will be contributing in this case. |
|
@Gowiem @dotCipher I'm proceeding to close this issue based on the discussion and PR (#35) we've had with @nitrocode and @lgallard. Basically we could implement it and get the same results using the latest module version without any changes. Thanks for collaboration and time. |
Enhancement:
Having the possibility to optionally add a suffix to the cloudwatch alarm names eg:
AWS CloudWatch notification - ConsoleSignInWithoutMfaCount-alarmby using a variable would be very useful in order to identify from which AWS Account we're receiving the alarm.Every AWS Organization Account Alarm (different sources): AWS Account A, AWS Account B, ..., Account N result in the exact same alarm in our Slack Channel
Possible Solution:
We've address the same issue in a similar module that will show some more info:
trussworks/terraform-aws-root-login-notifications#5
Not sure if I'm missing something here. Hope you find this enhancement to be functional for a Multi-Account AWS Organization configuration as we do.
Thanks in advance!
CC: @diego-ojeda-binbash @mpagnucco @AlfredoPardo @gdmlnx
The text was updated successfully, but these errors were encountered: