Reputation: 286
Terraform GCP - HA VPN Alerting policy
I'm trying to set up alerting on our HA VPN gateways, so that if any of the tunnels are down we get an alert raised.
I can get it so that it is applied as a single alerting policy, for all gateways within a project, however ideally I want the policy to be configured per gateway, as each gateway can have a different number of VPN's terminating on it, and I can then see which environments are affected by their failure.
Within the GCP console, you can select the gateway_name, to apply the filter to - this is what I need to achieve in terraform.
In my terraform, I can set a filter on the project easily enough using
filter = "metric.type=\"vpn.googleapis.com/tunnel_established\" resource.type=\"vpn_gateway\" resource.label.\"project_id\"=\"${local.project}\""
However, trying the same thing using the gateway_name resource fails
filter = "metric.type=\"vpn.googleapis.com/tunnel_established\" resource.type=\"vpn_gateway\" AND resource.label.\"gateway_name\"=\"${module.vpn_ha_gateway[0].ha-gateway-prod1-name}\""
Error creating AlertPolicy: googleapi: Error 400: The supplied filter does not specify a valid combination of metric and monitored resource descriptors. The query will not return any time series.
│
│ with module.ha_vpn_prod_alert_policy[0].google_monitoring_alert_policy.alert_policy,
│ on modules/terraform-gcp-alerting-policy/main.tf line 1, in resource "google_monitoring_alert_policy" "alert_policy":
│ 1: resource "google_monitoring_alert_policy" "alert_policy" {
│
How do I filter correctly to a single gateway_name? (Note that gateway_id which is the other filter option in the google console, isn't exposed to terraform).
The working query, in MQL is
fetch vpn_gateway
| metric 'vpn.googleapis.com/tunnel_established'
| filter (metric.gateway_name == 'tbtst-prod1-ha-vpn-gateway-1')
| group_by 5m, [value_tunnel_established_mean: mean(value.tunnel_established)]
| every 5m
| condition val() < 3 '1'
As taken directly from the console, however this needs editing before it's added to the terraform and this is where I'm failing.
Upvotes: 1
Views: 981
Answers (1)
Reputation: 286
Well I finally figured it out. the issue was I needed to metric.label. instead of just metric.
filter = "metric.type=\"vpn.googleapis.com/tunnel_established\" resource.type=\"vpn_gateway\" metric.label.\"gateway_name\"=\"${module.vpn_ha_gateway[0].ha-gateway-prod2-name}\""
Upvotes: 2
Related Questions
- Create GCP alerting policy for uptime check using terraform
- How to set up a GCP Monitoring log-based alert in Terraform?
- Monitoring GCP Projects with Terraform
- Terraform Google provider, create log-based alerting policy
- Add environment based Multiple Notification Channel to GCP Alert Policy with Terraform Lookup
- How to create an alert policy for unknown custom metric in GCP
- GCP Monitoring Alert policy
- How to configure Terraform to trigger alerts based on log errors for GCP?
- Not able to add multiple conditions in google_monitoring_alert_policy for GCP alerting policy using Terraform
- How do I configure GCP monitoring policy documentation in Terraform?