From ec1bf3807fc04ba6d2bfd329c7e92e905da90fb9 Mon Sep 17 00:00:00 2001 From: W Date: Mon, 27 Nov 2023 17:02:15 +0000 Subject: [PATCH 1/3] monitoring oasys monitoring oasys --- terraform/environments/oasys/locals.tf | 52 +++++++++++++++++-- .../environments/oasys/locals_development.tf | 21 ++++++++ .../oasys/locals_preproduction.tf | 21 ++++++++ .../environments/oasys/locals_production.tf | 21 ++++++++ terraform/environments/oasys/locals_test.tf | 21 ++++++++ terraform/environments/oasys/main.tf | 16 +++++- 6 files changed, 147 insertions(+), 5 deletions(-) diff --git a/terraform/environments/oasys/locals.tf b/terraform/environments/oasys/locals.tf index 5e0d6dd4798..03f4d5d315a 100644 --- a/terraform/environments/oasys/locals.tf +++ b/terraform/environments/oasys/locals.tf @@ -27,9 +27,14 @@ locals { region = "eu-west-2" availability_zone = "eu-west-2a" - ### + ###### ### env independent webserver vars + ###### + ### + # web + ### + webserver_a = { config = merge(module.baseline_presets.ec2_instance.config.default, { ami_name = "oasys_webserver_release_2023-07-02*" @@ -41,7 +46,11 @@ locals { monitoring = true vpc_security_group_ids = ["private_web"] }) - cloudwatch_metric_alarms = {} + cloudwatch_metric_alarms = merge( + module.baseline_presets.cloudwatch_metric_alarms.ec2, + module.baseline_presets.cloudwatch_metric_alarms.ec2_cwagent_linux, + module.baseline_presets.cloudwatch_metric_alarms.ec2_instance_cwagent_collectd_service_status, + ) user_data_cloud_init = module.baseline_presets.ec2_instance.user_data_cloud_init.ssm_agent_ansible_no_tags autoscaling_schedules = { "scale_up" = { @@ -98,6 +107,10 @@ locals { } } + ### + # db + ### + database_a = { config = merge(module.baseline_presets.ec2_instance.config.db, { ami_name = "oasys_oracle_db_release_2023-06-26T10-16-03.670Z" @@ -113,6 +126,24 @@ locals { backup-plan = "daily-and-weekly" } }) + cloudwatch_metric_alarms = merge( + module.baseline_presets.cloudwatch_metric_alarms.ec2, + module.baseline_presets.cloudwatch_metric_alarms.ec2_cwagent_linux, + module.baseline_presets.cloudwatch_metric_alarms.ec2_instance_cwagent_collectd_service_status, + { + cpu-utilization-high = { + comparison_operator = "GreaterThanOrEqualToThreshold" + evaluation_periods = "120" + datapoints_to_alarm = "120" + metric_name = "CPUUtilization" + namespace = "AWS/EC2" + period = "60" + statistic = "Maximum" + threshold = "95" + alarm_description = "Triggers if the average cpu remains at 95% utilization or above for 2 hours on an oasys-db instance" + alarm_actions = ["dso_pagerduty"] + } + }) autoscaling_schedules = {} autoscaling_group = module.baseline_presets.ec2_autoscaling_group.default user_data_cloud_init = module.baseline_presets.ec2_instance.user_data_cloud_init.ssm_agent_ansible_no_tags @@ -208,6 +239,9 @@ locals { }) }) + ### + # bip + ### bip_a = { config = merge(module.baseline_presets.ec2_instance.config.default, { @@ -223,7 +257,11 @@ locals { backup-plan = "daily-and-weekly" } }) - cloudwatch_metric_alarms = {} + cloudwatch_metric_alarms = merge( + module.baseline_presets.cloudwatch_metric_alarms.ec2, + module.baseline_presets.cloudwatch_metric_alarms.ec2_cwagent_linux, + module.baseline_presets.cloudwatch_metric_alarms.ec2_instance_cwagent_collectd_service_status, + ) user_data_cloud_init = module.baseline_presets.ec2_instance.user_data_cloud_init.ssm_agent_ansible_no_tags autoscaling_schedules = module.baseline_presets.ec2_autoscaling_schedules.working_hours autoscaling_group = merge(module.baseline_presets.ec2_autoscaling_group.default, { @@ -252,7 +290,13 @@ locals { }) }) + ### + # other + ### + baseline_secretsmanager_secrets = {} + baseline_cloudwatch_log_groups = {} + public_key_data = jsondecode(file("./files/bastion_linux.json")) -} \ No newline at end of file +} diff --git a/terraform/environments/oasys/locals_development.tf b/terraform/environments/oasys/locals_development.tf index d6ea5c766ac..88da32b8cf1 100644 --- a/terraform/environments/oasys/locals_development.tf +++ b/terraform/environments/oasys/locals_development.tf @@ -163,5 +163,26 @@ locals { # ] # } } + + baseline_cloudwatch_log_groups = merge( + session-manager-logs = { + retention_in_days = 1 + } + cwagent-var-log-messages = { + retention_in_days = 1 + } + cwagent-var-log-secure = { + retention_in_days = 1 + } + cwagent-windows-system = { + retention_in_days = 1 + } + cwagent-oasys-autologoff = { + retention_in_days = 1 + } + cwagent-web-logs = { + retention_in_days = 1 + } + ) } } diff --git a/terraform/environments/oasys/locals_preproduction.tf b/terraform/environments/oasys/locals_preproduction.tf index b2ac3c150a3..bf6688dfa4c 100644 --- a/terraform/environments/oasys/locals_preproduction.tf +++ b/terraform/environments/oasys/locals_preproduction.tf @@ -125,6 +125,27 @@ locals { # } } + baseline_cloudwatch_log_groups = merge( + session-manager-logs = { + retention_in_days = 14 + } + cwagent-var-log-messages = { + retention_in_days = 14 + } + cwagent-var-log-secure = { + retention_in_days = 14 + } + cwagent-windows-system = { + retention_in_days = 14 + } + cwagent-oasys-autologoff = { + retention_in_days = 14 + } + cwagent-web-logs = { + retention_in_days = 14 + } + ) + } } diff --git a/terraform/environments/oasys/locals_production.tf b/terraform/environments/oasys/locals_production.tf index ea255c51e71..8ad651d1052 100644 --- a/terraform/environments/oasys/locals_production.tf +++ b/terraform/environments/oasys/locals_production.tf @@ -74,5 +74,26 @@ locals { # ] # } } + + baseline_cloudwatch_log_groups = merge( + session-manager-logs = { + retention_in_days = 400 + } + cwagent-var-log-messages = { + retention_in_days = 90 + } + cwagent-var-log-secure = { + retention_in_days = 400 + } + cwagent-windows-system = { + retention_in_days = 90 + } + cwagent-oasys-autologoff = { + retention_in_days = 400 + } + cwagent-web-logs = { + retention_in_days = 90 + } + ) } } diff --git a/terraform/environments/oasys/locals_test.tf b/terraform/environments/oasys/locals_test.tf index 314c11ea73c..8d4b52900cf 100644 --- a/terraform/environments/oasys/locals_test.tf +++ b/terraform/environments/oasys/locals_test.tf @@ -554,5 +554,26 @@ locals { ] } } + + baseline_cloudwatch_log_groups = merge( + session-manager-logs = { + retention_in_days = 7 + } + cwagent-var-log-messages = { + retention_in_days = 7 + } + cwagent-var-log-secure = { + retention_in_days = 7 + } + cwagent-windows-system = { + retention_in_days = 7 + } + cwagent-oasys-autologoff = { + retention_in_days = 7 + } + cwagent-web-logs = { + retention_in_days = 7 + } + ) } } diff --git a/terraform/environments/oasys/main.tf b/terraform/environments/oasys/main.tf index 28a781ee982..9ad7971a144 100644 --- a/terraform/environments/oasys/main.tf +++ b/terraform/environments/oasys/main.tf @@ -68,7 +68,21 @@ module "baseline" { lookup(local.environment_config, "baseline_acm_certificates", {}) ) - cloudwatch_log_groups = module.baseline_presets.cloudwatch_log_groups + cloudwatch_metric_alarms = merge( + local.baseline_cloudwatch_metric_alarms, + lookup(local.baseline_environment_config, "baseline_cloudwatch_metric_alarms", {}) + ) + + cloudwatch_log_metric_filters = merge( + local.baseline_cloudwatch_log_metric_filters, + lookup(local.baseline_environment_config, "baseline_cloudwatch_log_metric_filters", {}) + ) + + cloudwatch_log_groups = merge( + module.baseline_presets.cloudwatch_log_groups, + local.baseline_cloudwatch_log_groups, + lookup(local.baseline_environment_config, "baseline_cloudwatch_log_groups", {}) + ) ec2_autoscaling_groups = lookup(local.environment_config, "baseline_ec2_autoscaling_groups", {}) ec2_instances = lookup(local.environment_config, "baseline_ec2_instances", {}) environment = module.environment From 32d87956e90fff6875a34b46f13f56f5fd6aff4a Mon Sep 17 00:00:00 2001 From: W Date: Mon, 27 Nov 2023 17:06:06 +0000 Subject: [PATCH 2/3] .. --- terraform/environments/oasys/locals_development.tf | 4 ++-- terraform/environments/oasys/locals_preproduction.tf | 4 ++-- terraform/environments/oasys/locals_production.tf | 4 ++-- terraform/environments/oasys/locals_test.tf | 4 ++-- 4 files changed, 8 insertions(+), 8 deletions(-) diff --git a/terraform/environments/oasys/locals_development.tf b/terraform/environments/oasys/locals_development.tf index 88da32b8cf1..c550cb5dc01 100644 --- a/terraform/environments/oasys/locals_development.tf +++ b/terraform/environments/oasys/locals_development.tf @@ -164,7 +164,7 @@ locals { # } } - baseline_cloudwatch_log_groups = merge( + baseline_cloudwatch_log_groups = { session-manager-logs = { retention_in_days = 1 } @@ -183,6 +183,6 @@ locals { cwagent-web-logs = { retention_in_days = 1 } - ) + } } } diff --git a/terraform/environments/oasys/locals_preproduction.tf b/terraform/environments/oasys/locals_preproduction.tf index bf6688dfa4c..53f254ae290 100644 --- a/terraform/environments/oasys/locals_preproduction.tf +++ b/terraform/environments/oasys/locals_preproduction.tf @@ -125,7 +125,7 @@ locals { # } } - baseline_cloudwatch_log_groups = merge( + baseline_cloudwatch_log_groups = { session-manager-logs = { retention_in_days = 14 } @@ -144,7 +144,7 @@ locals { cwagent-web-logs = { retention_in_days = 14 } - ) + } } } diff --git a/terraform/environments/oasys/locals_production.tf b/terraform/environments/oasys/locals_production.tf index 8ad651d1052..0df11f39fd6 100644 --- a/terraform/environments/oasys/locals_production.tf +++ b/terraform/environments/oasys/locals_production.tf @@ -75,7 +75,7 @@ locals { # } } - baseline_cloudwatch_log_groups = merge( + baseline_cloudwatch_log_groups = { session-manager-logs = { retention_in_days = 400 } @@ -94,6 +94,6 @@ locals { cwagent-web-logs = { retention_in_days = 90 } - ) + } } } diff --git a/terraform/environments/oasys/locals_test.tf b/terraform/environments/oasys/locals_test.tf index 8d4b52900cf..a976fd2a714 100644 --- a/terraform/environments/oasys/locals_test.tf +++ b/terraform/environments/oasys/locals_test.tf @@ -555,7 +555,7 @@ locals { } } - baseline_cloudwatch_log_groups = merge( + baseline_cloudwatch_log_groups = { session-manager-logs = { retention_in_days = 7 } @@ -574,6 +574,6 @@ locals { cwagent-web-logs = { retention_in_days = 7 } - ) + } } } From 534f4f1a6d36b4c6ec9c78b69838c76d6cfe634d Mon Sep 17 00:00:00 2001 From: W Date: Mon, 27 Nov 2023 17:10:58 +0000 Subject: [PATCH 3/3] .. --- terraform/environments/oasys/locals.tf | 2 ++ terraform/environments/oasys/main.tf | 6 +++--- 2 files changed, 5 insertions(+), 3 deletions(-) diff --git a/terraform/environments/oasys/locals.tf b/terraform/environments/oasys/locals.tf index 03f4d5d315a..bdfaf7a0686 100644 --- a/terraform/environments/oasys/locals.tf +++ b/terraform/environments/oasys/locals.tf @@ -297,6 +297,8 @@ locals { baseline_secretsmanager_secrets = {} baseline_cloudwatch_log_groups = {} + baseline_cloudwatch_metric_alarms = {} + baseline_cloudwatch_log_metric_filters = {} public_key_data = jsondecode(file("./files/bastion_linux.json")) } diff --git a/terraform/environments/oasys/main.tf b/terraform/environments/oasys/main.tf index 9ad7971a144..38af5725188 100644 --- a/terraform/environments/oasys/main.tf +++ b/terraform/environments/oasys/main.tf @@ -70,18 +70,18 @@ module "baseline" { cloudwatch_metric_alarms = merge( local.baseline_cloudwatch_metric_alarms, - lookup(local.baseline_environment_config, "baseline_cloudwatch_metric_alarms", {}) + lookup(local.environment_config, "baseline_cloudwatch_metric_alarms", {}) ) cloudwatch_log_metric_filters = merge( local.baseline_cloudwatch_log_metric_filters, - lookup(local.baseline_environment_config, "baseline_cloudwatch_log_metric_filters", {}) + lookup(local.environment_config, "baseline_cloudwatch_log_metric_filters", {}) ) cloudwatch_log_groups = merge( module.baseline_presets.cloudwatch_log_groups, local.baseline_cloudwatch_log_groups, - lookup(local.baseline_environment_config, "baseline_cloudwatch_log_groups", {}) + lookup(local.environment_config, "baseline_cloudwatch_log_groups", {}) ) ec2_autoscaling_groups = lookup(local.environment_config, "baseline_ec2_autoscaling_groups", {}) ec2_instances = lookup(local.environment_config, "baseline_ec2_instances", {})