CCM-10257: Implement Eventpub in Core

Author: jamesthompson26-nhs

infrastructure/modules/eventpub/README.md

@@ -11,12 +11,12 @@
 
 | Name | Description | Type | Default | Required |
 |------|-------------|------|---------|:--------:|
+| <a name="input_alarm_prefixes"></a> [alarm\_prefixes](#input\_alarm\_prefixes) | Object containing prefixes for alarm descriptions, e.g. 'RELIABILITY:', 'SECURITY:', 'PERFORMANCE:' | <pre>object({<br/>    dlq          = string<br/>    sns_delivery = string<br/>    lambda       = string<br/>  })</pre> | <pre>{<br/>  "dlq": null,<br/>  "lambda": null,<br/>  "sns_delivery": null<br/>}</pre> | no |
 | <a name="input_aws_account_id"></a> [aws\_account\_id](#input\_aws\_account\_id) | The AWS Account ID (numeric) | `string` | n/a | yes |
 | <a name="input_component"></a> [component](#input\_component) | The name of the terraformscaffold component calling this module | `string` | n/a | yes |
 | <a name="input_control_plane_bus_arn"></a> [control\_plane\_bus\_arn](#input\_control\_plane\_bus\_arn) | Data plane event bus arn | `string` | n/a | yes |
 | <a name="input_data_plane_bus_arn"></a> [data\_plane\_bus\_arn](#input\_data\_plane\_bus\_arn) | Data plane event bus arn | `string` | n/a | yes |
 | <a name="input_default_tags"></a> [default\_tags](#input\_default\_tags) | Default tag map for application to all taggable resources in the module | `map(string)` | `{}` | no |
-| <a name="input_dlq_alarm_prefix"></a> [dlq\_alarm\_prefix](#input\_dlq\_alarm\_prefix) | Prefix for dlq alarm description - used in Core to trigger Teams Alarms, e.g 'RELIABILITY: ' or 'SECURITY: ' | `string` | `null` | no |
 | <a name="input_enable_event_cache"></a> [enable\_event\_cache](#input\_enable\_event\_cache) | Enable caching of events to an S3 bucket | `bool` | `false` | no |
 | <a name="input_enable_sns_delivery_logging"></a> [enable\_sns\_delivery\_logging](#input\_enable\_sns\_delivery\_logging) | Enable SNS Delivery Failure Notifications | `bool` | `false` | no |
 | <a name="input_environment"></a> [environment](#input\_environment) | The name of the terraformscaffold environment the module is called for | `string` | n/a | yes |
@@ -30,7 +30,6 @@
 | <a name="input_name"></a> [name](#input\_name) | A unique name to distinguish this module invocation from others within the same CSI scope | `string` | n/a | yes |
 | <a name="input_project"></a> [project](#input\_project) | The name of the terraformscaffold project calling the module | `string` | n/a | yes |
 | <a name="input_region"></a> [region](#input\_region) | The AWS Region | `string` | n/a | yes |
-| <a name="input_sns_delivery_alarm_prefix"></a> [sns\_delivery\_alarm\_prefix](#input\_sns\_delivery\_alarm\_prefix) | Prefix for SNS Delivery alarm description - used in Core to trigger Teams Alarms, e.g 'RELIABILITY: ' or 'SECURITY: ' | `string` | `null` | no |
 | <a name="input_sns_success_logging_sample_percent"></a> [sns\_success\_logging\_sample\_percent](#input\_sns\_success\_logging\_sample\_percent) | Enable SNS Delivery Successful Sample Percentage | `number` | `0` | no |
 ## Modules
 

infrastructure/modules/eventpub/cloudwatch_metric_alarm_dlq_alarm.tf

@@ -1,6 +1,6 @@
 resource "aws_cloudwatch_metric_alarm" "dlq_alarm" {
   alarm_name          = "${local.csi}-dlq-messages-alarm"
-  alarm_description   = "${var.dlq_alarm_prefix} Alarm for messages in the DLQ"
+  alarm_description   = "${var.alarm_prefixes.dlq} Alarm for messages in the DLQ"
   comparison_operator = "GreaterThanThreshold"
   evaluation_periods  = 1
   metric_name         = "ApproximateNumberOfMessagesVisible"

infrastructure/modules/eventpub/cloudwatch_metric_alarm_lambda_errors.tf

@@ -0,0 +1,17 @@
+resource "aws_cloudwatch_metric_alarm" "lambda_errors" {
+  alarm_name          = "${local.csi}-lambda-errors-alarm"
+  alarm_description   = "${var.alarm_prefixes.lambda} Alarm for Lambda function errors"
+  comparison_operator = "GreaterThanOrEqualToThreshold"
+  evaluation_periods  = 1
+  metric_name         = "Errors"
+  namespace           = "AWS/Lambda"
+  period              = 300
+  statistic           = "Sum"
+  threshold           = 1
+  actions_enabled     = true
+  treat_missing_data  = "notBreaching"
+
+  dimensions = {
+    FunctionName = aws_lambda_function.main.function_name
+  }
+}

infrastructure/modules/eventpub/cloudwatch_metric_alarm_sns_delivery_failures.tf

@@ -1,6 +1,6 @@
 resource "aws_cloudwatch_metric_alarm" "sns_delivery_failures" {
   alarm_name          = "${local.csi}-sns-delivery-failures"
-  alarm_description   = "${var.sns_delivery_alarm_prefix} Alarm when SNS topic ${aws_sns_topic.main.name} has delivery failures"
+  alarm_description   = "${var.alarm_prefixes.sns_delivery} Alarm when SNS topic ${aws_sns_topic.main.name} has delivery failures"
   comparison_operator = "GreaterThanThreshold"
   evaluation_periods  = 1
   metric_name         = "NumberOfNotificationsFailed"

infrastructure/modules/eventpub/variables.tf

@@ -115,14 +115,16 @@ variable "iam_permissions_boundary_arn" {
   default     = null
 }
 
-variable "dlq_alarm_prefix" {
-  type        = string
-  description = "Prefix for dlq alarm description - used in Core to trigger Teams Alarms, e.g 'RELIABILITY: ' or 'SECURITY: '"
-  default     = null
-}
-
-variable "sns_delivery_alarm_prefix" {
-  type        = string
-  description = "Prefix for SNS Delivery alarm description - used in Core to trigger Teams Alarms, e.g 'RELIABILITY: ' or 'SECURITY: '"
-  default     = null
+variable "alarm_prefixes" {
+  type = object({
+    dlq          = string
+    sns_delivery = string
+    lambda       = string
+  })
+  description = "Object containing prefixes for alarm descriptions, e.g. 'RELIABILITY:', 'SECURITY:', 'PERFORMANCE:'"
+  default = {
+    dlq          = null
+    sns_delivery = null
+    lambda       = null
+  }
 }