Skip to content

Latest commit

 

History

History

cloudwatch-alerts-to-slack

Folders and files

NameName
Last commit message
Last commit date

parent directory

..
README.md
README.md
 
 
main.tf
main.tf
 
 
outputs.tf
outputs.tf
 
 
variables.tf
variables.tf
 
 
versions.tf
versions.tf
 
 

README.md

CloudWatch alerts to Slack

Configuration in this directory creates a VPC, an SNS topic that sends messages to a Slack channel with Slack webhook URL encrypted using KMS and a CloudWatch Alarm that monitors the duration of lambda execution.

KMS keys

There are 3 ways to define KMS key which should be used by Lambda function:

  1. Create aws_kms_key resource and put ARN of it as kms_key_arn argument to this module
  2. Use aws_kms_alias data-source to get an existing KMS key alias and put ARN of it as kms_key_arn argument to this module
  3. Hard-code the ARN of KMS key

Option 1:

resource "aws_kms_key" "this" {
  description = "KMS key for notify-slack test"
}

resource "aws_kms_alias" "this" {
  name          = "alias/kms-test-key"
  target_key_id = aws_kms_key.this.id
}

// kms_key_arn = aws_kms_key.this.arn

Option 2:

data "aws_kms_alias" "this" {
 name = "alias/kms-test-key"
}

// kms_key_arn = data.aws_kms_alias.this.target_key_arn

Option 3:

// kms_key_arn = "arn:aws:kms:eu-west-1:835367859851:key/054b4846-95fe-4537-94f2-1dfd255238cf"

Usage

To run this example you need to execute:

$ terraform init
$ terraform plan
$ terraform apply

Note that in practice, encryption of the Slack webhook URL should happen differently (outside of this module).

Note that this example may create resources which can cost money. Run terraform destroy when you don't need these resources.

Requirements

Name Version
terraform >= 1.0
aws >= 4.8
random >= 2.0

Providers

Name Version
aws >= 4.8
random >= 2.0

Modules

Name Source Version
notify_slack ../../ n/a
vpc terraform-aws-modules/vpc/aws n/a

Resources

Name Type
aws_cloudwatch_metric_alarm.lambda_duration resource
aws_kms_ciphertext.slack_url resource
aws_kms_key.this resource
random_pet.this resource

Inputs

No inputs.

Outputs

Name Description
lambda_iam_role_arn The ARN of the IAM role used by Lambda function
lambda_iam_role_name The name of the IAM role used by Lambda function
notify_slack_lambda_function_arn The ARN of the Lambda function
notify_slack_lambda_function_invoke_arn The ARN to be used for invoking Lambda function from API Gateway
notify_slack_lambda_function_last_modified The date Lambda function was last modified
notify_slack_lambda_function_name The name of the Lambda function
notify_slack_lambda_function_version Latest published version of your Lambda function
sns_topic_arn The ARN of the SNS topic from which messages will be sent to Slack