Search code examples
amazon-web-servicesterraformcloudwatch-alarms

Lookup two lists in one resource

I am trying to create cloudwatch alerts for a NLB in aws for UnHealthyHostCountmetric

I have the NLBs defined as so:

variable "lb" {
  type    = list
  default = [
"net/lb01/bb087",
"net/lb01/bb088"
]
}

I have the target groups defined as so:

variable "lb_tg" {
  type    = list
  default = [
    "targetgroup/newtargetlkinjk/3dac",
    "targetgroup/newtargetlkinjk/3d0d"
  ]
}

I then use datasource on them as so:

data "aws_lb_target_group" "my_lb_target_group" {

  for_each = toset(var.lb_tg)

  tags = {
    name = each.key
  }
}

data "aws_lb" "my_lbs" {

  for_each = toset(var.lb)

  tags = {
    name = each.key
  }
}

I am then trying to use both in an alarm as such

resource "aws_cloudwatch_metric_alarm" "nlb-target-unhealthy-warning" {

  for_each = data.aws_lb_target_group.my_lb_target_group

  alarm_name          = "nlb-target-unhealthy-warning-for-${each.key}"
  comparison_operator = "GreaterThanThreshold"
  evaluation_periods  = "3"
  metric_name         = "UnHealthyHostCount"
  namespace           = "AWS/NetworkELB"
  dimensions = {
    TargetGroup  = each.key
    LoadBalancer = ???
  }
  period                    = "60"
  statistic                 = "Average"
  threshold                 = "0"
  alarm_description         = "This warning metric monitors unhealthy hosts behind the NLB for ${each.key}"
  actions_enabled           = true
  alarm_actions             = [data.aws_sns_topic.my_sns.arn]
  insufficient_data_actions = []
  treat_missing_data        = "notBreaching"
}

Since the alarm is already using for_each = data.aws_lb_target_group.my_lb_target_group , how do i provide it the values in data.aws_lb.my_lbs at the same time, which is needed by dimentions-LoadBalancer

Solution

  • I'm not convinced that your data sources work, as they don't seem to be correct as you can't search LBs nor TGs by tag from what I can tell.

    But anyway, I tried to replicate the issue, and I assumed that each NLB has one target group and your variables lb and lb_tg are matched in pairs, i.e., nlb1 - tg1, nlb2 - tg2.

    In this case your alarms could be created using count:

    resource "aws_cloudwatch_metric_alarm" "nlb-target-unhealthy-warning" {

  count               =  length(var.lb)

  alarm_name          = "nlb-target-unhealthy-warning-for-${var.lb_tg[count.index]}"
  comparison_operator = "GreaterThanThreshold"
  evaluation_periods  = "3"
  metric_name         = "UnHealthyHostCount"
  namespace           = "AWS/NetworkELB"  
   
  dimensions = {
    TargetGroup  = data.aws_lb_target_group.my_lb_target_group[var.lb_tg[count.index]].arn_suffix
    LoadBalancer = data.aws_lb.my_lbs[var.lb[count.index]].arn_suffix
  }  
  
  period                    = "60"
  statistic                 = "Average"
  threshold                 = "0"
  alarm_description         = "This warning metric monitors unhealthy hosts behind the NLB for ${var.lb_tg[count.index]}"
  actions_enabled           = true
  alarm_actions             = [data.aws_sns_topic.my_sns.arn]
  insufficient_data_actions = []
  treat_missing_data        = "notBreaching"
}