Following this guide:

https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/UsingAlarmActions.html

I have alarms created to alert me on StatusCheckFailed_System events. It is possible through the UI to set up EC2 Actions to do something with the instance once it is in an alarm state. In this case, I'd like to reboot the system if I get an alarm on StatusCheckFailed_System. Is this possible in Terraform? I have a snippet of my TF code for reference: I have a fleet of Windows Server 2016/2019 instances and I'm using Terraform 4.x

locals {
  all_ec2s = toset(data.aws_instances.all_ec2.ids)
  all_ebs  = toset(data.aws_ebs_volumes.all_volumes.ids)
}

# EC2 System failures
resource "aws_cloudwatch_metric_alarm" "system_failure" {
  for_each                  = local.all_ec2s
  alarm_name                = "${data.aws_instance.each_ec2[each.key].tags["Name"]} - EC2 System failures"
  alarm_description         = "Systems that have failed the EC2 Status check."
  comparison_operator       = "GreaterThanOrEqualToThreshold"
  threshold                 = var.cloudwatch_ec2_system_failure_evaluation_threshold
  period                    = var.cloudwatch_ec2_system_failure_alarm_period
  evaluation_periods        = var.cloudwatch_ec2_system_failure_evaluation_periods
  metric_name               = "StatusCheckFailed_System"
  namespace                 = "AWS/EC2"
  statistic                 = "Maximum"
  alarm_actions             = [aws_sns_topic.cloudwatch_alerts_topic.arn]
  insufficient_data_actions = [aws_sns_topic.cloudwatch_alerts_topic.arn]
  ok_actions                = [aws_sns_topic.cloudwatch_alerts_topic.arn]
  dimensions                = { InstanceId = each.key }
}
 

CodePudding user response：

Yes it's possible, it's just not well documented. You simply need to pass a specific ARN as one of the alarm actions, like so:

   alarm_actions = [
      aws_sns_topic.cloudwatch_alerts_topic.arn,
      "arn:aws:automate:${data.aws_region.current.name}:ec2:reboot"
   ]