Using Terraform I have created Alert, Action group and Logicapp. (Code-1 show below)
Action to trigger when an alert is triggered, where one of Action type is Logic app, which was as expected. Alert got triggered when condition is true further it trigger Logic app action.
Later, I got requirement to adjust alert’s threshold and frequency and made changes to Terraform code, while doing plan/apply noticed only changes in Alert Frequency and threshold value and these are expected. (Code-2 show below)
After this change(update) of Alert properties action as stopped functioning. when alert is triggered, Action is not triggered.
Test 1: Checking weather alert itself truly triggering
• Just to test the functionality of alert whether itself getting triggered, I subscribed Notification type to send mail to my Inbox. Which worked and I got mail regarding the alert but the alert unable to trigger action.
Test 1.2: Changes from Portal
• I removed testing-logicapp (Logic app action) under Action type from Azure Portal.
• And Added testing-logicapp (Logic app action) under Action type from Azure Portal. (As show in below JPG-3)
• This resulted Action to trigger when an alert is triggered.
So, my doubt is, how should I handle this scenario in terraform way.
Code-1 :
resource "azurerm_monitor_scheduled_query_rules_alert_v2" "myvm_task_alert_v2" {
name = "myvm-auto-deletion-alert"
resource_group_name = azurerm_resource_group.myvm_task_resource_group.name
evaluation_frequency = "PT1H"
window_duration = "PT1H"
scopes = [data.azurerm_log_analytics_workspace.azurerm_log_analytics_workspace.id]
severity = 4
criteria {
query = <<-QUERY
Perf
| where TimeGenerated > ago(1h)
| where CounterName == "% Processor Time" and InstanceName == "_Total"
| project TimeGenerated, Computer, CounterValue, _ResourceId
| summarize AggregatedValue = avg(CounterValue) by bin(TimeGenerated, 1h), Computer, _ResourceId
QUERY
time_aggregation_method = "Maximum"
threshold = 30.0
operator = "LessThan"
metric_measure_column = "AggregatedValue"
}
display_name = "myvm-auto-deletion-alert"
enabled = true
action {
action_groups = [azurerm_monitor_action_group.delete_myvm_action_group.id]
}
}
resource "azurerm_monitor_action_group" "delete_myvm_action_group" {
name = "myvm-auto-deletion-action-group"
resource_group_name = azurerm_resource_group.myvm_task_resource_group.name
short_name = "myvm-autodel"
tags = module.metadata.tags
logic_app_receiver {
name = "myvm-auto-deletion-logicapp"
resource_id = azurerm_logic_app_workflow.myvm_task_logicapp.id
callback_url = azurerm_logic_app_workflow.myvm_task_logicapp.access_endpoint
use_common_alert_schema = true
}
email_receiver {
name = "sendtoPraveen"
email_address = "praveen#goog.gov.net"
use_common_alert_schema = true
}
}
resource "azurerm_logic_app_workflow" "myvm_task_logicapp" {
name = "myvm-auto-deletion-logicapp"
location = "us east"
resource_group_name = azurerm_resource_group.myvm_task_resource_group.name
}
Code-2 :
resource "azurerm_monitor_scheduled_query_rules_alert_v2" "myvm_task_alert_v2" {
name = "myvm-auto-deletion-alert"
resource_group_name = azurerm_resource_group.myvm_task_resource_group.name
evaluation_frequency = "PT1H"
window_duration = "PT10H" ####################-------------------->change1
scopes = [data.azurerm_log_analytics_workspace.azurerm_log_analytics_workspace.id]
severity = 4
criteria {
query = <<-QUERY
Perf
| where TimeGenerated > ago(1h)
| where CounterName == "% Processor Time" and InstanceName == "_Total"
| project TimeGenerated, Computer, CounterValue, _ResourceId
| summarize AggregatedValue = avg(CounterValue) by bin(TimeGenerated, 1h), Computer, _ResourceId
QUERY
time_aggregation_method = "Maximum"
threshold = 50.0 ####################-------------------->change2
operator = "LessThan"
metric_measure_column = "AggregatedValue"
}
display_name = "myvm-auto-deletion-alert"
enabled = true
action {
action_groups = [azurerm_monitor_action_group.delete_myvm_action_group.id]
}
}
JPG-1
Found the issue with the help of MIcrosoft support team.
Created new azurerm_logic_app_trigger_http_request flow.
resource "azurerm_logic_app_trigger_http_request" "logic_app_httptrigger_code" {
name = "alertv2httPayload"
logic_app_id = azurerm_logic_app_workflow.myvm_task_logicapp.id
schema = data.local_file.httptrigger_code.content
}
You'll need to use callbackurl of azurerm_logic_app_trigger_http_request in Logic_app_receiver under actiongroup :
azurerm_logic_app_trigger_http_request.logic_app_httptrigger_code.callback_url
instead of
azurerm_logic_app_workflow.myvm_task_logicapp.access_endpoint
Ref : Action groups not triggering Logic Apps #6056
Actions are not triggering when alerts are triggered:
I tried it in my environment by using this terraform template for scheduled alerts and making a few modifications as required. It was successfully deployed, and an action was triggered with appropriate information to the specified user's email address.
terraform {
required_providers {
azurerm = {
source = "hashicorp/azurerm"
version = "3.37.0"
}
}
}
provider "azurerm" {
features{}
}
resource "azurerm_resource_group" "example" {
name = "xxxxexample-resources"
location = "xxxxxx"
}
resource "azurerm_application_insights" "example" {
name = "xxxxexample-ai"
location = azurerm_resource_group.example.location
resource_group_name = azurerm_resource_group.example.name
application_type = "web"
}
resource "azurerm_logic_app_workflow" "example" {
name = "xxxxdeletion-logicapp"
location = "eastUS"
resource_group_name = azurerm_resource_group.example.name
}
resource "azurerm_monitor_action_group" "example" {
name = "xxxxx-mag"
resource_group_name = azurerm_resource_group.example.name
short_name = "xxxxxtest"
logic_app_receiver {
name = "xxxxxdeletion-logicapp"
resource_id = azurerm_logic_app_workflow.example.id
callback_url = azurerm_logic_app_workflow.example.access_endpoint
use_common_alert_schema = true
}
email_receiver {
name = "sendtouser"
email_address = "xxxxx#gmail.com"
use_common_alert_schema = true
}
}
resource "azurerm_monitor_scheduled_query_rules_alert_v2" "example" {
name = "xxxx-msqrv2"
resource_group_name = azurerm_resource_group.example.name
location = azurerm_resource_group.example.location
evaluation_frequency = "PT10M"
window_duration = "PT10M"
scopes = [azurerm_application_insights.example.id]
severity = 4
criteria {
query = <<-QUERY
requests
| summarize CountByCountry=count() by client_CountryOrRegion #Give query condition as per your requirements
QUERY
time_aggregation_method = "Maximum"
threshold = 30.0
operator = "LessThan"
metric_measure_column = "CountByCountry"
resource_id_column = "client_CountryOrRegion"
dimension {
name = "client_CountryOrRegion"
operator = "Exclude"
values = ["123"]
}
failing_periods {
minimum_failing_periods_to_trigger_alert = 1
number_of_evaluation_periods = 1
}
}
auto_mitigation_enabled = true
workspace_alerts_storage_enabled = false
description = "example sqr"
display_name = "example-sqr"
enabled = true
query_time_range_override = "PT1H"
skip_query_validation = true
action {
action_groups = [azurerm_monitor_action_group.example.id]
custom_properties = {
key1 = "xxx"
key2 = "xxx"
}
}
tags = {
key1 = "xxxx"
}
}
terraform init:
terraform plan:
terraform apply:
Deployed in Portal & added an action group:
Triggered alert mail successfully:
Related
I need enable auto scale for an spring app hosted by spring app services.I am used below terraform code.
resource "azurerm_monitor_autoscale_setting" "spring_apps_app_carrier_events" {
name = "default_auto_scale"
enabled = true
resource_group_name = module.rg.resource_group_name
location = module.rg.resource_group_location
target_resource_id = module.spring_apps_app_carrier_events.app_identities[0].principal_id
profile {
name = "defaultProfile"
capacity {
default = 1
minimum = 1
maximum = 2
}
It return errors:
Error: Can not parse "target_resource_id" as a resource id: Cannot parse Azure ID: parse "290dc6bd-1895-4e52-bac2-a34e63a138a9": invalid URI for request
It seems it need a uri. May u know how can I get the uri of a spring app?
Thanks in advance
I tried to reproduce the same in my environment.
Received the same error:
│ Error: Can not parse "target_resource_id" as a resource id: Cannot parse Azure ID: parse "xxxxx": invalid URI for request
│ with azurerm_monitor_autoscale_setting.spring_apps_app_carrier_events,
The target_resource_id should not be in just number id form,
It has to be something like /subscriptions/xxxxxc/resourceGroups/<myrg>/providers/Microsoft.xxx/xx/sxx
In your case,
target_resource_id = module.spring_apps_app_carrier_events.app_identities[0].principal_id
gives the principal Id which is in “23434354544466” format which is not correct.
I tried below code with targetid being, resourceId : /subscriptions/xxx/resourceGroups/ <myrg>/providers/Microsoft.AppPlatform/spring/springcloudappkavya/apps/kaexamplspringcloudapp/deployments/kavyadeploy1
Code:
resource "azurerm_spring_cloud_service" "example" {
name = "springcloudappkavya"
location =data.azurerm_resource_group.example.location
resource_group_name = data.azurerm_resource_group.example.name
sku_name = "S0"
config_server_git_setting {
uri = "https://github.com/Azure-Samples/piggymetrics"
label = "config"
search_paths = ["dir1", "dir2"]
}
trace {
connection_string = azurerm_application_insights.example.connection_string
sample_rate = 10.0
}
tags = {
Env = "staging"
}
}
resource "azurerm_spring_cloud_app" "example" {
name = "kaexamplspringcloudapp"
resource_group_name = data.azurerm_resource_group.example.name
service_name = azurerm_spring_cloud_service.example.name
identity {
type = "SystemAssigned"
}
}
resource "azurerm_spring_cloud_java_deployment" "test" {
name = "kavyadeploy1"
spring_cloud_app_id = azurerm_spring_cloud_app.example.id
instance_count = 2
jvm_options = "-XX:+PrintGC"
quota {
cpu = "2"
memory = "4Gi"
}
runtime_version = "Java_11"
environment_variables = {
"Foo" : "Bar"
"Env" : "Staging"
}
}
resource "azurerm_monitor_autoscale_setting" "spring_apps_app_carrier_events" {
name = "default_auto_scale"
enabled = true
resource_group_name = data.azurerm_resource_group.example.name
location = data.azurerm_resource_group.example.location
target_resource_id = azurerm_spring_cloud_java_deployment.test.id
// target_resource_id = .spring_apps_app_carrier_events.app_identities[0].principal_id
// target_resource_id = "18xxxxxe2"
profile {
name = "metricRules"
capacity {
default = 1
minimum = 1
maximum = 2
}
rule {
metric_trigger {
dimensions {
name = "AppName"
operator = "Equals"
values = [azurerm_spring_cloud_app.example.name]
}
dimensions {
name = "Deployment"
operator = "Equals"
values = [azurerm_spring_cloud_java_deployment.test.name]
}
metric_name = "AppCpuUsage"
metric_namespace = "microsoft.appplatform/spring"
metric_resource_id = azurerm_spring_cloud_service.example.id
time_grain = "PT1M"
statistic = "Average"
time_window = "PT5M"
time_aggregation = "Average"
operator = "GreaterThan"
threshold = 75
}
scale_action {
direction = "Increase"
type = "ChangeCount"
value = 1
cooldown = "PT1M"
}
}
}
}
Could execute without errors.
Portal view of Autoscale settings for spring apps.
Reference : An Azure Spring Cloud Update: Managed Virtual Network and Autoscale are now generally available in Azure Spring Cloud
I can't seem to find any examples and I am running into different errors depending on what I'm doing.
I'm trying to get this to work and it's just not happening... any thoughts?
resource "azurerm_monitor_metric_alert" "example" {
name = "example-metricalert"
resource_group_name = azurerm_resource_group.example.name
scopes = [azurerm_mssql_database.test.server_id]
description = "Action will be triggered when cpu is greater than 80%."
criteria {
metric_namespace = "Microsoft.Sql/servers/databases"
metric_name = "CPU_percentage"
aggregation = "Average"
operator = "GreaterThan"
threshold = 80
}
}
You can use the below code to create an metrics alert for SQL DB. I have tested it for an existing SQL DB, so used data blocks.
Main.tf
provider "azurerm" {
features {}
}
data "azurerm_mssql_server" "example" {
name = "ztestansumanserver"
resource_group_name = "yourresourcegroup"
}
data "azurerm_mssql_database" "dbtomonitor" {
name = "testansumandb"
server_id = data.azurerm_mssql_server.example.id
}
resource "azurerm_monitor_action_group" "example" {
name = "CriticalAlertsAction"
resource_group_name = data.azurerm_mssql_server.example.resource_group_name
short_name = "p0action"
email_receiver {
name = "sendtoadmin"
email_address = "youremailid"
use_common_alert_schema = true
}
}
resource "azurerm_monitor_metric_alert" "example" {
name = "example-metricalert"
resource_group_name = data.azurerm_mssql_server.example.resource_group_name
scopes = [data.azurerm_mssql_database.dbtomonitor.id]
description = "Action will be triggered when cpu percent is greater than 80."
criteria {
metric_namespace = "Microsoft.Sql/servers/databases"
metric_name = "cpu_percent"
aggregation = "Average"
operator = "GreaterThan"
threshold = 80
}
action {
action_group_id = azurerm_monitor_action_group.example.id
}
}
output:
Note: As per the above script alert is created successfully and it will also trigger a mail to you when the cpu_percent > 80 .
Reference:
Azure Monitor supported metrics by resource type - Azure Monitor | Microsoft Docs
I am working on to create the alerts in azure with Terraform scripts. I am trying to create different metric type alerts for different resources. (For example: functionapp01, functionapp02, logicapp01 and logicapp02 etc.)
This is the script:
terraform {
required_version = ">=0.12"
}
resource "azurerm_monitor_metric_alert" "metric_alert" {
name = var.metric_alert_name
resource_group_name = var.rg_name
scopes = [var.resource_id_01,var.resource_id_02]
description = var.metric_alert_description
tags = var.tags
frequency = var.frequency
severity = var.severity
window_size = var.window_size
enabled = var.is_enabled
criteria {
metric_namespace = var.metric_namespace
metric_name = var.metric_name
aggregation = var.aggregation
operator = var.operator
threshold = var.threshold
}
action {
action_group_id = var.action_group_id
}
}
Whenever I run the above script, then I am getting the below error:
Service returned an error. Status=400 Code="BadRequest" Message="Alerts are currently not supported with multi resource level for microsoft.web/sites
Reference Links:
azurerm_monitor_metric_alert
Metrics and Dimensions Supported
So, can anyone suggest me on this issue?
As the error show, the microsoft.web/sites resource type does not support Multi-resource alerts, refer to https://learn.microsoft.com/en-us/azure/azure-monitor/platform/alerts-metric-near-real-time#metrics-and-dimensions-supported
In this case, you have to create each monitor_metric_alert on each resource level.
For example, if you have created two functions, functionapp01, functionapp02. You can do it like this.
variable "function_apps" {
default = ["functionapp01","functionapp02"]
}
data "azurerm_function_app" "example" {
for_each = toset(var.function_apps)
name = each.value
resource_group_name = "funtions_rg"
}
resource "azurerm_monitor_metric_alert" "metric_alert" {
for_each = toset(var.function_apps)
name = "${each.value}-example-metricalert"
resource_group_name = var.rg_name
scopes = [data.azurerm_function_app.example[each.value].id]
description = var.metric_alert_description
tags = var.tags
frequency = var.frequency
severity = var.severity
window_size = var.window_size
enabled = var.is_enabled
criteria {
metric_namespace = var.metric_namespace
metric_name = var.metric_name
aggregation = var.aggregation
operator = var.operator
threshold = var.threshold
}
action {
action_group_id = var.action_group_id
}
}
Update
If you have function app resources is being created with Terraform, you can use them like this:
variable "function_apps" {
default = ["functionapp01","functionapp02"]
}
resource "azurerm_function_app" "example" {
for_each = toset(var.function_apps)
name = "${each.value}-example-funapp"
location = azurerm_resource_group.example.location
resource_group_name = azurerm_resource_group.example.name
app_service_plan_id = azurerm_app_service_plan.example.id
storage_account_name = azurerm_storage_account.example.name
storage_account_access_key = azurerm_storage_account.example.primary_access_key
app_settings = { }
version = "~3"
}
resource "azurerm_monitor_metric_alert" "test" {
for_each = toset(var.function_apps)
name = "${each.value}-example-metricalert"
resource_group_name = azurerm_resource_group.example.name
scopes = [azurerm_function_app.example[each.value].id]
description = var.metric_alert_description
severity = var.severity
window_size = var.window_size
enabled = var.is_enabled
criteria {
metric_namespace = var.metric_namespace
metric_name = var.metric_name
aggregation = var.aggregation
operator = var.operator
threshold = var.threshold
}
action {
action_group_id = var.action_group_id
}
}
I have created postgresql with custome alert for cpu percentage using Terraform azure and its showing error metric name is not found
Please check the following code.
provider "azurerm" {
features {}
subscription_id = "***************"//add subscription ID
}
resource "azurerm_resource_group" "example" {
name = "example-resources"
location = "West Europe"
}
resource "azurerm_postgresql_server" "example" {
name = "example-psqlserver"
location = azurerm_resource_group.example.location
resource_group_name = azurerm_resource_group.example.name
administrator_login = "psqladminun"
administrator_login_password = "H#Sh1CoR3!"
sku_name = "GP_Gen5_4"
version = "9.6"
storage_mb = 640000
backup_retention_days = 7
geo_redundant_backup_enabled = true
auto_grow_enabled = true
public_network_access_enabled = false
ssl_enforcement_enabled = true
ssl_minimal_tls_version_enforced = "TLS1_2"
}
resource "azurerm_monitor_action_group" "actiongrp" {
name = "Postgresql-AlertsActions1"
resource_group_name = azurerm_resource_group.example.name
short_name = "Postgresql1"
email_receiver {
name = "sendtoadmin"
email_address = "testing#gmail.com"
}
}
////This alert is Trigger once the CPU usage is goes more than 70
resource "azurerm_monitor_metric_alert" "alert0" {
name = "testing"
resource_group_name = azurerm_resource_group.example.name
scopes = [azurerm_postgresql_server.example.id]
description = "Action will be triggered when CPU Utilization count is greater than 70."
criteria {
metric_namespace = "Microsoft.DBforPostgreSQL/servers"#"Microsoft.DBforPostgreSQL/servers"
metric_name = "CPU percent"
aggregation = "Average"
operator = "GreaterThan"
threshold = 70
}
action {
action_group_id = azurerm_monitor_action_group.actiongrp.id
}
}
Error Screenshot
Below Microsoft DOC link is refer for alert specification-
https://learn.microsoft.com/en-us/azure/azure-monitor/platform/metrics-supported
You just need to change the metric_name value in the criteria block from CPU percent into cpu_percent. It should be the name of the Metric, not the Metric Display Name.
I'm developing a terraform template to automatically enroll a new built Azure VM to Azure recovery service vault. All the resources I can found in Azurerm provider are
azurerm_recovery_services_protection_policy_vm
azurerm_recovery_services_protected_vm
azurerm_recovery_services_vault
Seems none of them can enroll a VM to recovery service vault. Does Terraform have this feature?
You can see the azurerm_recovery_services_protected_vm in Terraform, and the argument source_vm_id shows:
Specifies the ID of the VM to backup
It can refer to the VM which you want to back up in the recovery service vault. Create the policy with azurerm_recovery_services_protection_policy_vm and the recovery service vault with azurerm_recovery_services_vault.
Update
You can back up the VM with Recovery vault with azurerm_recovery_services_protected_vm through Terraform. The code like this:
data "azurerm_virtual_machine" "azurevm" {
name = "vm_name"
resource_group_name = "group_name"
}
resource "azurerm_resource_group" "rg" {
name = "recovery_group_name"
location = "eastus"
}
resource "azurerm_recovery_services_vault" "vault" {
name = "azurerecoveryvaulti1"
location = "${azurerm_resource_group.rg.location}"
resource_group_name = "${azurerm_resource_group.rg.name}"
sku = "Standard"
}
resource "azurerm_recovery_services_protection_policy_vm" "test" {
name = "azurerecoveryvaultpolicy1"
resource_group_name = "${azurerm_resource_group.rg.name}"
recovery_vault_name = "${azurerm_recovery_services_vault.vault.name}"
backup = {
frequency = "Daily"
time = "23:00"
}
retention_daily = {
count = 1
}
}
resource "azurerm_recovery_services_protected_vm" "example" {
resource_group_name = "${azurerm_resource_group.rg.name}"
recovery_vault_name = "${azurerm_recovery_services_vault.vault.name}"
source_vm_id = "${data.azurerm_virtual_machine.azurevm.id}"
backup_policy_id = "${azurerm_recovery_services_protection_policy_vm.test.id}"
}
For the test, I create the new Recovery Vault. You can use the existing with data azurerm_recovery_services_vault. Create a new policy then create the back up the vm with azurerm_recovery_services_protected_vm like above.
The resource type azurerm_recovery_services_protected_vm is no more supported hashicorp/azurerm provider
You can use azurerm_backup_protected_vm instead of azurerm_recovery_services_protected_vm,
resource "azurerm_backup_policy_vm" "vm_backup_policy" {
count = var.vm_backup_policy_name != "" ? 1 : 0
name = var.vm_backup_policy_name
resource_group_name = var.resource_group_name
recovery_vault_name = azurerm_recovery_services_vault.vault.name
timezone = var.vm_backup_policy_timezone
backup {
frequency = var.vm_backup_policy_frequency
time = var.vm_backup_policy_time
}
retention_daily {
count = var.vm_backup_daily_policy_retention
}
dynamic "retention_weekly" {
for_each = var.vm_backup_weekly != {} ? [var.vm_backup_weekly] : []
content {
count = lookup(retention_weekly.value, "count")
weekdays = lookup(retention_weekly.value, "weekdays")
}
}
dynamic "retention_monthly" {
for_each = var.vm_backup_monthly != {} ? [var.vm_backup_monthly] : []
content {
count = lookup(retention_monthly.value, "count")
weekdays = lookup(retention_monthly.value, "weekdays")
weeks = lookup(retention_monthly.value, "weeks")
}
}
dynamic "retention_yearly" {
for_each = var.vm_backup_yearly != {} ? [var.vm_backup_yearly] : []
content {
count = lookup(retention_yearly.value, "count")
weekdays = lookup(retention_yearly.value, "weekdays")
weeks = lookup(retention_yearly.value, "weeks")
months = lookup(retention_yearly.value, "months")
}
}
}
resource "azurerm_backup_protected_vm" "vm" {
resource_group_name = var.resource_group_name
recovery_vault_name = var.recovery_vault_custom_name
source_vm_id = var.source_vm_id
backup_policy_id = azurerm_backup_policy_vm.vm_backup_policy.id
}