Uh oh!
There was an error while loading.Please reload this page.
- Notifications
You must be signed in to change notification settings - Fork205
Terraform module to create AWS Cloudwatch resources 🇺🇦
License
NotificationsYou must be signed in to change notification settings
terraform-aws-modules/terraform-aws-cloudwatch
Folders and files
| Name | Name | Last commit message | Last commit date | |
|---|---|---|---|---|
Repository files navigation
Terraform module which creates Cloudwatch resources on AWS.
module"log_metric_filter" {source="terraform-aws-modules/cloudwatch/aws//modules/log-metric-filter"version="~> 3.0"log_group_name="my-application-logs"name="error-metric"pattern="ERROR"metric_transformation_namespace="MyApplication"metric_transformation_name="ErrorCount"}
ReadFilter and Pattern Syntax for explanation ofpattern.
module"log_group" {source="terraform-aws-modules/cloudwatch/aws//modules/log-group"version="~> 3.0"name="my-app"retention_in_days=120}
module"log_stream" {source="terraform-aws-modules/cloudwatch/aws//modules/log-stream"version="~> 3.0"name="stream1"log_group_name="my-app"}
module"metric_alarm" {source="terraform-aws-modules/cloudwatch/aws//modules/metric-alarm"version="~> 3.0"alarm_name="my-application-logs-errors"alarm_description="Bad errors in my-application-logs"comparison_operator="GreaterThanOrEqualToThreshold"evaluation_periods=1threshold=10period=60unit="Count"namespace="MyApplication"metric_name="ErrorCount"statistic="Maximum"alarm_actions=["arn:aws:sns:eu-west-1:835367859852:my-sns-queue"]}
This submodule is useful when you need to create very similar alarms where only dimensions are different (eg, multiple AWS Lambda functions), but the rest of arguments are the same.
module"metric_alarms" {source="terraform-aws-modules/cloudwatch/aws//modules/metric-alarms-by-multiple-dimensions"version="~> 3.0"alarm_name="lambda-duration-"alarm_description="Lambda duration is too high"comparison_operator="GreaterThanOrEqualToThreshold"evaluation_periods=1threshold=10period=60unit="Milliseconds"namespace="AWS/Lambda"metric_name="Duration"statistic="Maximum"dimensions={"lambda1"= { FunctionName="index" },"lambda2"= { FunctionName="signup" }, }alarm_actions=["arn:aws:sns:eu-west-1:835367859852:my-sns-queue"]}
Check outlist of all AWS services that publish CloudWatch metrics for detailed information about each supported service.
module"cis_alarms" {source="terraform-aws-modules/cloudwatch/aws//modules/cis-alarms"version="~> 3.0"log_group_name="my-cloudtrail-logs"alarm_actions=["arn:aws:sns:eu-west-1:835367859852:my-sns-queue"]}
AWS CloudTrail normally publishes logs into AWS CloudWatch Logs. This module creates log metric filters together with metric alarms according toCIS AWS Foundations Benchmark v1.4.0 (05-28-2021). Read more aboutCIS AWS Foundations Controls.
module"log_group_data_protection" {source="terraform-aws-modules/cloudwatch/aws//modules/log-data-protection-policy"version="~> 4.0"log_group_name="my-log-group"create_log_data_protection_policy=truelog_data_protection_policy_name="RedactAddress"data_identifiers=["arn:aws:dataprotection::aws:data-identifier/Address"]findings_destination_cloudwatch_log_group="audit-log-group"}
module"log_subscription_filter" {source="terraform-aws-modules/cloudwatch/aws//modules/log-subscription-filter"name="my-filter"destination_arn="arn:aws:firehose:eu-west-1:835367859852:deliverystream/cw-logs"filter_pattern="%test%"log_group_name="my-log-group"role_arn="arn:aws:iam::835367859852:role/cw-logs-to-firehose"}
module"metric_stream" {name="metric-stream"firehose_arn="arn:aws:firehose:eu-west-1:835367859852:deliverystream/metric-stream-example"output_format="json"role_arn="arn:aws:iam::835367859852:role/metric-stream-to-firehose-20240113005123755300000002"# conflicts with exclude_filterinclude_filter={ ec2= { namespace="AWS/EC2" metric_names= ["CPUUtilization","NetworkIn"] } }statistics_configuration=[ { additional_statistics= ["p99"] include_metric= [ { namespace="AWS/EC2" metric_name="CPUUtilization" }, { namespace="AWS/EC2" metric_name="NetworkIn" } ] }, { additional_statistics= ["p90","TM(10%:90%)"] include_metric= [ { namespace="AWS/EC2" metric_name="CPUUtilization" } ] } ]}
module"query_definition" {source="terraform-aws-modules/cloudwatch/aws//modules/query-definition"version="~> 4.0"name="my-query-definition"log_group_names=["my-log-group-name"]query_string=<<EOFfields @timestamp, @message| sort @timestamp desc| limit 25EOF}
module"composite_alarm" {source="terraform-aws-modules/cloudwatch/aws//modules/composite-alarm"version="~> 4.0"alarm_name="composite-alarm"alarm_description="Example of a composite alarm"alarm_actions=["arn:aws:sns:eu-west-1:835367859852:my-sns-topic"]ok_actions=["arn:aws:sns:eu-west-1:835367859852:my-sns-topic"]alarm_rule=join(" AND",tolist(["ALARM(metric-alarm-1)","ALARM(metric-alarm-2)" ]))actions_suppressor={ alarm="suppressor" extension_period=20 wait_period=10 }}
module"log_account_policy" {source="terraform-aws-modules/cloudwatch/aws//modules/log-account-policy"version="~> 4.0"log_account_policy_name="account-data-protection"log_account_policy_type="DATA_PROTECTION_POLICY"create_log_data_protection_policy=truelog_data_protection_policy_name="redact-addresses"data_identifiers=["arn:aws:dataprotection::aws:data-identifier/Address"]findings_destination_cloudwatch_log_group="my-cloudwatch-audit-log-group"}
module"log_anomaly_detector" {source="terraform-aws-modules/cloudwatch/aws//modules/log-anomaly-detector"version="~> 4.0"detector_name="anomaly-detector"log_group_arns=["arn:aws:logs:eu-west-1:835367859852:log-group:my-log-group"]anomaly_visibility_time=7enabled=trueevaluation_frequency="FIVE_MIN"filter_pattern="%test%"kms_key_id="arn:aws:kms:eu-west-1:835367859852:key/9051f3e7-17b8-4543-8070-50e22599966"}
- Complete Cloudwatch log metric filter and alarm
- Cloudwatch log group with log stream
- Cloudwatch metric alarms for AWS Lambda
- Cloudwatch metric alarms for AWS Lambda with multiple dimensions
- CIS AWS Foundations Controls: Metrics + Alarms
- Cloudwatch query definition
- Cloudwatch Metric Stream
- Cloudwatch Composite Alarm
- Cloudwatch log subscription filter
- Cloudwatch log data protection policy
- Cloudwatch Log Account Policy
- Cloudwatch Log Anomaly Detector
Module is maintained byAnton Babenko with help fromthese awesome contributors.
Apache 2 Licensed. SeeLICENSE for full details.
About
Terraform module to create AWS Cloudwatch resources 🇺🇦
Topics
Resources
License
Code of conduct
Contributing
Security policy
Uh oh!
There was an error while loading.Please reload this page.
Stars
Watchers
Forks
Sponsor this project
Uh oh!
There was an error while loading.Please reload this page.
Packages0
No packages published
Uh oh!
There was an error while loading.Please reload this page.