From 16c6f735e4bb5ac70585fddd654462768066df0d Mon Sep 17 00:00:00 2001 From: Sarkis Varozian <42673+sarkis@users.noreply.github.com> Date: Mon, 2 Jul 2018 18:17:48 -0700 Subject: [PATCH] Remove SNS Topic creation functionality (#3) * Remove create sns topic functionality --- README.md | 11 +------ alarms.tf | 8 ++--- docs/terraform.md | 11 +------ main.tf | 78 +---------------------------------------------- outputs.tf | 8 ----- variables.tf | 17 ++--------- 6 files changed, 9 insertions(+), 124 deletions(-) diff --git a/README.md b/README.md index 7fc1097..c464b0e 100644 --- a/README.md +++ b/README.md @@ -41,31 +41,22 @@ module "ecs_service_alarms" { | Name | Description | Type | Default | Required | |------|-------------|:----:|:-----:|:-----:| -| additional_notify_arns | Optional list of additional ARNs to notify on alarm and ok actions. | list | `` | no | | alarm_description | The string to format and use as the alarm description. | string | `Average service %v utilization over last %d minute(s) too high over %v period(s)` | no | | attributes | List of attributes to add to label. | list | `` | no | | cluster_name | The name of the ECS cluster to monitor. | string | - | yes | | cpu_utilization_threshold | The maximum percentage of CPU utilization average. | string | `80` | no | -| create_sns_topic | Determines if a new sns topic will be generated. If set to false, the existing sns_topic_name variable must be set. | string | `true` | no | | delimiter | The delimiter to be used in labels. | string | `-` | no | | enabled | Whether to create all resources | string | `true` | no | | evaluation_periods | Number of periods to evaluate for the alarm. | string | `1` | no | | memory_utilization_threshold | The maximum percentage of Memory utilization average. | string | `80` | no | | name | Name (unique identifier for app or service) | string | - | yes | | namespace | Namespace (e.g. `cp` or `cloudposse`) | string | - | yes | +| notify_arns | A list of ARNs (i.e. SNS Topic ARN) to notify on alarm and ok actions. | list | - | yes | | period | Duration in seconds to evaluate for the alarm. | string | `300` | no | | service_name | The name of the ECS Service in the ECS cluster to monitor. | string | `` | no | -| sns_topic_name | Name of existing SNS topic to use for alarm and ok actions, instead of generating a new one. | string | `` | no | | stage | Stage (e.g. `prod`, `dev`, `staging`) | string | - | yes | | tags | Map of key-value pairs to use for tags. | map | `` | no | -## Outputs - -| Name | Description | -|------|-------------| -| sns_topic_arn | The ARN of the SNS topic | -| sns_topic_name | The name of the SNS topic | - diff --git a/alarms.tf b/alarms.tf index 1bcb0b2..4e68fc2 100644 --- a/alarms.tf +++ b/alarms.tf @@ -43,8 +43,8 @@ resource "aws_cloudwatch_metric_alarm" "cpu_utilization_too_high" { statistic = "Average" threshold = "${local.thresholds["CPUUtilizationThreshold"]}" alarm_description = "${format(var.alarm_description, "CPU", var.period/60, var.evaluation_periods)}" - alarm_actions = ["${local.sns_topic_arn}", "${var.additional_notify_arns}"] - ok_actions = ["${local.sns_topic_arn}", "${var.additional_notify_arns}"] + alarm_actions = ["${var.notify_arns}"] + ok_actions = ["${var.notify_arns}"] dimensions = "${local.dimensions_map[var.service_name == "" ? "cluster" : "service"]}" } @@ -60,8 +60,8 @@ resource "aws_cloudwatch_metric_alarm" "memory_utilization_too_high" { statistic = "Average" threshold = "${local.thresholds["MemoryUtilizationThreshold"]}" alarm_description = "${format(var.alarm_description, "Memory", var.period/60, var.evaluation_periods)}" - alarm_actions = ["${local.sns_topic_arn}", "${var.additional_notify_arns}"] - ok_actions = ["${local.sns_topic_arn}", "${var.additional_notify_arns}"] + alarm_actions = ["${var.notify_arns}"] + ok_actions = ["${var.notify_arns}"] dimensions = "${local.dimensions_map[var.service_name == "" ? "cluster" : "service"]}" } diff --git a/docs/terraform.md b/docs/terraform.md index adf812d..1a6db69 100644 --- a/docs/terraform.md +++ b/docs/terraform.md @@ -3,28 +3,19 @@ | Name | Description | Type | Default | Required | |------|-------------|:----:|:-----:|:-----:| -| additional_notify_arns | Optional list of additional ARNs to notify on alarm and ok actions. | list | `` | no | | alarm_description | The string to format and use as the alarm description. | string | `Average service %v utilization over last %d minute(s) too high over %v period(s)` | no | | attributes | List of attributes to add to label. | list | `` | no | | cluster_name | The name of the ECS cluster to monitor. | string | - | yes | | cpu_utilization_threshold | The maximum percentage of CPU utilization average. | string | `80` | no | -| create_sns_topic | Determines if a new sns topic will be generated. If set to false, the existing sns_topic_name variable must be set. | string | `true` | no | | delimiter | The delimiter to be used in labels. | string | `-` | no | | enabled | Whether to create all resources | string | `true` | no | | evaluation_periods | Number of periods to evaluate for the alarm. | string | `1` | no | | memory_utilization_threshold | The maximum percentage of Memory utilization average. | string | `80` | no | | name | Name (unique identifier for app or service) | string | - | yes | | namespace | Namespace (e.g. `cp` or `cloudposse`) | string | - | yes | +| notify_arns | A list of ARNs (i.e. SNS Topic ARN) to notify on alarm and ok actions. | list | - | yes | | period | Duration in seconds to evaluate for the alarm. | string | `300` | no | | service_name | The name of the ECS Service in the ECS cluster to monitor. | string | `` | no | -| sns_topic_name | Name of existing SNS topic to use for alarm and ok actions, instead of generating a new one. | string | `` | no | | stage | Stage (e.g. `prod`, `dev`, `staging`) | string | - | yes | | tags | Map of key-value pairs to use for tags. | map | `` | no | -## Outputs - -| Name | Description | -|------|-------------| -| sns_topic_arn | The ARN of the SNS topic | -| sns_topic_name | The name of the SNS topic | - diff --git a/main.tf b/main.tf index 3bdae9e..7f8d372 100644 --- a/main.tf +++ b/main.tf @@ -1,81 +1,5 @@ data "aws_caller_identity" "default" {} -module "sns_topic_label" { - source = "git::https://github.com/cloudposse/terraform-terraform-label.git?ref=tags/0.1.3" - name = "${var.name}" - namespace = "${var.namespace}" - stage = "${var.stage}" - attributes = "${compact(concat(var.attributes, list("alarms")))}" -} - -locals { - enabled = "${var.enabled == "true" ? 1 : 0}" - create_sns_topic = "${var.create_sns_topic == "true" ? 1 : 0}" -} - -data "aws_sns_topic" "default" { - count = "${(1 - local.create_sns_topic) * local.enabled}" - name = "${var.sns_topic_name}" -} - -# Create an SNS topic if one is not passed -resource "aws_sns_topic" "default" { - count = "${local.enabled * local.create_sns_topic}" - name_prefix = "${module.sns_topic_label.id}" -} - locals { - sns_topic_arn = "${element(compact(concat(aws_sns_topic.default.*.arn, data.aws_sns_topic.default.*.arn, list(""))), 0)}" -} - -resource "aws_sns_topic_policy" "default" { - count = "${local.enabled * local.create_sns_topic}" - arn = "${local.sns_topic_arn}" - policy = "${data.aws_iam_policy_document.sns_topic_policy.json}" -} - -data "aws_iam_policy_document" "sns_topic_policy" { - count = "${local.enabled * local.create_sns_topic}" - - statement { - actions = [ - "SNS:Subscribe", - "SNS:SetTopicAttributes", - "SNS:RemovePermission", - "SNS:Receive", - "SNS:Publish", - "SNS:ListSubscriptionsByTopic", - "SNS:GetTopicAttributes", - "SNS:DeleteTopic", - "SNS:AddPermission", - ] - - effect = "Allow" - resources = ["${local.sns_topic_arn}"] - - principals { - type = "AWS" - identifiers = ["*"] - } - - condition { - test = "StringEquals" - variable = "AWS:SourceOwner" - - values = [ - "${data.aws_caller_identity.default.account_id}", - ] - } - } - - statement { - sid = "Allow CloudwatchEvents" - actions = ["sns:Publish"] - resources = ["${local.sns_topic_arn}"] - - principals { - type = "Service" - identifiers = ["events.amazonaws.com"] - } - } + enabled = "${var.enabled == "true" ? 1 : 0}" } diff --git a/outputs.tf b/outputs.tf index 928d36c..8b13789 100644 --- a/outputs.tf +++ b/outputs.tf @@ -1,9 +1 @@ -output "sns_topic_arn" { - description = "The ARN of the SNS topic" - value = "${join("", aws_sns_topic.default.*.arn)}" -} -output "sns_topic_name" { - description = "The name of the SNS topic" - value = "${join("", aws_sns_topic.default.*.name)}" -} diff --git a/variables.tf b/variables.tf index a264355..4b3401c 100644 --- a/variables.tf +++ b/variables.tf @@ -37,22 +37,9 @@ variable "enabled" { default = "true" } -variable "create_sns_topic" { - type = "string" - description = "Determines if a new sns topic will be generated. If set to false, the existing sns_topic_name variable must be set." - default = "true" -} - -variable "sns_topic_name" { - type = "string" - description = "Name of existing SNS topic to use for alarm and ok actions, instead of generating a new one." - default = "" -} - -variable "additional_notify_arns" { +variable "notify_arns" { type = "list" - description = "Optional list of additional ARNs to notify on alarm and ok actions." - default = [] + description = "A list of ARNs (i.e. SNS Topic ARN) to notify on alarm and ok actions." } variable "cluster_name" {