有没有办法在 Terraform 中使用 CloudWatch 警报执行 EC2 操作?
Is there a way to execute an EC2 Action with a CloudWatch Alarm in Terraform?
遵循本指南:
https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/UsingAlarmActions.html
我创建了警报以提醒我 StatusCheckFailed_System 事件。 可以通过 UI 设置 EC2 操作,以便在实例处于警报状态时对其执行某些操作。在这种情况下,如果我在 StatusCheckFailed_System 上收到警报,我想重新启动系统。这在 Terraform 中可能吗?我有一段我的 TF 代码供参考:我有一组 Windows Server 2016/2019 实例,我正在使用 Terraform 4.x
locals {
all_ec2s = toset(data.aws_instances.all_ec2.ids)
all_ebs = toset(data.aws_ebs_volumes.all_volumes.ids)
}
# EC2 System failures
resource "aws_cloudwatch_metric_alarm" "system_failure" {
for_each = local.all_ec2s
alarm_name = "${data.aws_instance.each_ec2[each.key].tags["Name"]} - EC2 System failures"
alarm_description = "Systems that have failed the EC2 Status check."
comparison_operator = "GreaterThanOrEqualToThreshold"
threshold = var.cloudwatch_ec2_system_failure_evaluation_threshold
period = var.cloudwatch_ec2_system_failure_alarm_period
evaluation_periods = var.cloudwatch_ec2_system_failure_evaluation_periods
metric_name = "StatusCheckFailed_System"
namespace = "AWS/EC2"
statistic = "Maximum"
alarm_actions = [aws_sns_topic.cloudwatch_alerts_topic.arn]
insufficient_data_actions = [aws_sns_topic.cloudwatch_alerts_topic.arn]
ok_actions = [aws_sns_topic.cloudwatch_alerts_topic.arn]
dimensions = { InstanceId = each.key }
}
是的,这是可能的,只是没有很好的记录。您只需传递一个特定的 ARN 作为警报操作之一,如下所示:
alarm_actions = [
aws_sns_topic.cloudwatch_alerts_topic.arn,
"arn:aws:automate:${data.aws_region.current.name}:ec2:reboot"
]
遵循本指南:
https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/UsingAlarmActions.html
我创建了警报以提醒我 StatusCheckFailed_System 事件。 可以通过 UI 设置 EC2 操作,以便在实例处于警报状态时对其执行某些操作。在这种情况下,如果我在 StatusCheckFailed_System 上收到警报,我想重新启动系统。这在 Terraform 中可能吗?我有一段我的 TF 代码供参考:我有一组 Windows Server 2016/2019 实例,我正在使用 Terraform 4.x
locals {
all_ec2s = toset(data.aws_instances.all_ec2.ids)
all_ebs = toset(data.aws_ebs_volumes.all_volumes.ids)
}
# EC2 System failures
resource "aws_cloudwatch_metric_alarm" "system_failure" {
for_each = local.all_ec2s
alarm_name = "${data.aws_instance.each_ec2[each.key].tags["Name"]} - EC2 System failures"
alarm_description = "Systems that have failed the EC2 Status check."
comparison_operator = "GreaterThanOrEqualToThreshold"
threshold = var.cloudwatch_ec2_system_failure_evaluation_threshold
period = var.cloudwatch_ec2_system_failure_alarm_period
evaluation_periods = var.cloudwatch_ec2_system_failure_evaluation_periods
metric_name = "StatusCheckFailed_System"
namespace = "AWS/EC2"
statistic = "Maximum"
alarm_actions = [aws_sns_topic.cloudwatch_alerts_topic.arn]
insufficient_data_actions = [aws_sns_topic.cloudwatch_alerts_topic.arn]
ok_actions = [aws_sns_topic.cloudwatch_alerts_topic.arn]
dimensions = { InstanceId = each.key }
}
是的,这是可能的,只是没有很好的记录。您只需传递一个特定的 ARN 作为警报操作之一,如下所示:
alarm_actions = [
aws_sns_topic.cloudwatch_alerts_topic.arn,
"arn:aws:automate:${data.aws_region.current.name}:ec2:reboot"
]