cfn_monitor 0.1.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +7 -0
- data/.gitignore +10 -0
- data/.rspec +1 -0
- data/.travis.yml +18 -0
- data/Dockerfile +7 -0
- data/Gemfile +6 -0
- data/LICENSE.txt +21 -0
- data/README.md +424 -0
- data/Rakefile +9 -0
- data/cfn_monitor.gemspec +39 -0
- data/exe/cfn_monitor +4 -0
- data/lib/cfn_monitor/deploy.rb +47 -0
- data/lib/cfn_monitor/generate.rb +186 -0
- data/lib/cfn_monitor/query.rb +135 -0
- data/lib/cfn_monitor/utils.rb +42 -0
- data/lib/cfn_monitor/version.rb +3 -0
- data/lib/cfn_monitor.rb +66 -0
- data/lib/config/config.yml +14 -0
- data/lib/config/templates.yml +428 -0
- data/lib/ext/alarms.rb +33 -0
- data/lib/lambda/getEnvironmentName.py +39 -0
- data/lib/lambda/getPhysicalId.py +67 -0
- data/lib/templates/alarms.rb +178 -0
- data/lib/templates/endpoints.rb +66 -0
- data/lib/templates/hosts.rb +126 -0
- data/lib/templates/master.rb +213 -0
- data/lib/templates/resources.rb +82 -0
- data/lib/templates/services.rb +138 -0
- metadata +250 -0
@@ -0,0 +1,138 @@
|
|
1
|
+
require 'cfndsl'
|
2
|
+
|
3
|
+
CloudFormation do
|
4
|
+
Description("CloudWatch Services")
|
5
|
+
|
6
|
+
Parameter("EnvironmentName"){
|
7
|
+
Type 'String'
|
8
|
+
}
|
9
|
+
|
10
|
+
Resource("ServicesCheckLambdaExecutionRole") do
|
11
|
+
Type 'AWS::IAM::Role'
|
12
|
+
Property('AssumeRolePolicyDocument', {
|
13
|
+
Version: '2012-10-17',
|
14
|
+
Statement: [{
|
15
|
+
Effect: 'Allow',
|
16
|
+
Principal: { Service: [ 'lambda.amazonaws.com' ] },
|
17
|
+
Action: [ 'sts:AssumeRole' ]
|
18
|
+
}]
|
19
|
+
})
|
20
|
+
Property('Path','/')
|
21
|
+
Property('Policies', [
|
22
|
+
PolicyName: 'ServicesCheck',
|
23
|
+
PolicyDocument: {
|
24
|
+
Version: '2012-10-17',
|
25
|
+
Statement: [{
|
26
|
+
Effect: 'Allow',
|
27
|
+
Action: [ 'logs:CreateLogGroup', 'logs:CreateLogStream', 'logs:PutLogEvents' ],
|
28
|
+
Resource: 'arn:aws:logs:*:*:*'
|
29
|
+
},
|
30
|
+
{
|
31
|
+
Effect: 'Allow',
|
32
|
+
Action: [ 'cloudwatch:PutMetricData' ],
|
33
|
+
Resource: '*'
|
34
|
+
},
|
35
|
+
{
|
36
|
+
Effect: 'Allow',
|
37
|
+
Action: [ 'ssm:SendCommand', 'ssm:ListCommandInvocations', 'ssm:DescribeInstanceInformation' ],
|
38
|
+
Resource: '*'
|
39
|
+
},
|
40
|
+
{
|
41
|
+
Effect: 'Allow',
|
42
|
+
Action: [ 'autoscaling:SetInstanceHealth', 'autoscaling:DescribeAutoScalingInstances', 'ec2:DescribeInstances' ],
|
43
|
+
Resource: '*'
|
44
|
+
}]
|
45
|
+
}
|
46
|
+
])
|
47
|
+
end
|
48
|
+
|
49
|
+
Resource("ServicesCheckFunction") do
|
50
|
+
Type 'AWS::Lambda::Function'
|
51
|
+
Property('Code', { S3Bucket: FnJoin('.',['base2.lambda',Ref('AWS::Region')]), S3Key: 'check-service.zip' })
|
52
|
+
Property('Handler', 'handler.check_service')
|
53
|
+
Property('MemorySize', 128)
|
54
|
+
Property('Runtime', 'python3.6')
|
55
|
+
Property('Timeout', 300)
|
56
|
+
Property('Role', FnGetAtt("ServicesCheckLambdaExecutionRole",'Arn'))
|
57
|
+
end
|
58
|
+
|
59
|
+
Resource("ServicesCheckPermissions") do
|
60
|
+
Type 'AWS::Lambda::Permission'
|
61
|
+
Property('FunctionName', Ref("ServicesCheckFunction"))
|
62
|
+
Property('Action', 'lambda:InvokeFunction')
|
63
|
+
Property('Principal', 'events.amazonaws.com')
|
64
|
+
end
|
65
|
+
|
66
|
+
SSM_Document('ServiceCheck') do
|
67
|
+
Content ({
|
68
|
+
schemaVersion: "2.2",
|
69
|
+
description: "Check status of a running services using the service command",
|
70
|
+
parameters: {
|
71
|
+
Process: {
|
72
|
+
type: "String",
|
73
|
+
description: "process name to check",
|
74
|
+
default: ""
|
75
|
+
}
|
76
|
+
},
|
77
|
+
mainSteps: [ {
|
78
|
+
action: "aws:runShellScript",
|
79
|
+
name: "checkProcess",
|
80
|
+
inputs: {
|
81
|
+
runCommand: [ "service {{Process}} status" ]
|
82
|
+
}
|
83
|
+
} ]
|
84
|
+
})
|
85
|
+
DocumentType 'Command'
|
86
|
+
end
|
87
|
+
|
88
|
+
alarms.each do |alarm|
|
89
|
+
if alarm[:type] == 'service'
|
90
|
+
servicesHash = Digest::MD5.hexdigest alarm[:resource]
|
91
|
+
|
92
|
+
# Conditionally create shedule based on environments attribute
|
93
|
+
if alarm[:environments] != ['all']
|
94
|
+
conditions = []
|
95
|
+
alarm[:environments].each do | env |
|
96
|
+
conditions << FnEquals(Ref("EnvironmentName"),env)
|
97
|
+
end
|
98
|
+
if conditions.length > 1
|
99
|
+
Condition("Condition#{servicesHash}", FnOr(conditions))
|
100
|
+
else
|
101
|
+
Condition("Condition#{servicesHash}", conditions[0])
|
102
|
+
end
|
103
|
+
end
|
104
|
+
|
105
|
+
# Set defaults
|
106
|
+
services = alarm[:parameters]
|
107
|
+
services['scheduleExpression'] ||= "* * * * ? *"
|
108
|
+
|
109
|
+
# Create payload
|
110
|
+
payload = {}
|
111
|
+
payload['SERVICE'] = alarm[:resource]
|
112
|
+
payload['ENVIRONMENT'] = "${env}"
|
113
|
+
payload['REGION'] = "${region}"
|
114
|
+
payload['REPORT_FAILED_SSM_AGENT'] = services['ReportFailedSSMAgent'] ||= false
|
115
|
+
payload['TERMINATE_ON_FAILURE'] = services['TerminateOnFailure'] ||= false
|
116
|
+
payload['SSM_DOCUMENT'] = Ref('ServiceCheck')
|
117
|
+
# TODO: auto discovery of autoscaling groups based on cf logical resource id
|
118
|
+
# payload['AUTOSCALING_GROUP'] = []
|
119
|
+
|
120
|
+
Resource("ServicesCheckSchedule#{servicesHash}") do
|
121
|
+
Condition "Condition#{servicesHash}" if alarm[:environments] != ['all']
|
122
|
+
Type 'AWS::Events::Rule'
|
123
|
+
Property('Description', FnSub( "${env}-Service-Check-#{alarm[:resource]}", env: Ref('EnvironmentName') ) )
|
124
|
+
Property('ScheduleExpression', "cron(#{services['scheduleExpression']})")
|
125
|
+
Property('State', 'ENABLED')
|
126
|
+
Property('Targets', [
|
127
|
+
{
|
128
|
+
Arn: FnGetAtt("ServicesCheckFunction",'Arn'),
|
129
|
+
Id: servicesHash,
|
130
|
+
Input: FnSub( payload.to_json, env: Ref('EnvironmentName'), region: Ref("AWS::Region") )
|
131
|
+
}
|
132
|
+
])
|
133
|
+
end
|
134
|
+
|
135
|
+
end
|
136
|
+
end
|
137
|
+
|
138
|
+
end
|
metadata
ADDED
@@ -0,0 +1,250 @@
|
|
1
|
+
--- !ruby/object:Gem::Specification
|
2
|
+
name: cfn_monitor
|
3
|
+
version: !ruby/object:Gem::Version
|
4
|
+
version: 0.1.0
|
5
|
+
platform: ruby
|
6
|
+
authors:
|
7
|
+
- Base2Services
|
8
|
+
- Jared Brook
|
9
|
+
- Angus Vine
|
10
|
+
autorequire:
|
11
|
+
bindir: exe
|
12
|
+
cert_chain: []
|
13
|
+
date: 2018-10-25 00:00:00.000000000 Z
|
14
|
+
dependencies:
|
15
|
+
- !ruby/object:Gem::Dependency
|
16
|
+
name: thor
|
17
|
+
requirement: !ruby/object:Gem::Requirement
|
18
|
+
requirements:
|
19
|
+
- - "~>"
|
20
|
+
- !ruby/object:Gem::Version
|
21
|
+
version: '0.19'
|
22
|
+
type: :runtime
|
23
|
+
prerelease: false
|
24
|
+
version_requirements: !ruby/object:Gem::Requirement
|
25
|
+
requirements:
|
26
|
+
- - "~>"
|
27
|
+
- !ruby/object:Gem::Version
|
28
|
+
version: '0.19'
|
29
|
+
- !ruby/object:Gem::Dependency
|
30
|
+
name: cfndsl
|
31
|
+
requirement: !ruby/object:Gem::Requirement
|
32
|
+
requirements:
|
33
|
+
- - "~>"
|
34
|
+
- !ruby/object:Gem::Version
|
35
|
+
version: '0.16'
|
36
|
+
type: :runtime
|
37
|
+
prerelease: false
|
38
|
+
version_requirements: !ruby/object:Gem::Requirement
|
39
|
+
requirements:
|
40
|
+
- - "~>"
|
41
|
+
- !ruby/object:Gem::Version
|
42
|
+
version: '0.16'
|
43
|
+
- !ruby/object:Gem::Dependency
|
44
|
+
name: aws-sdk-cloudformation
|
45
|
+
requirement: !ruby/object:Gem::Requirement
|
46
|
+
requirements:
|
47
|
+
- - "~>"
|
48
|
+
- !ruby/object:Gem::Version
|
49
|
+
version: '1'
|
50
|
+
- - "<"
|
51
|
+
- !ruby/object:Gem::Version
|
52
|
+
version: '2'
|
53
|
+
type: :runtime
|
54
|
+
prerelease: false
|
55
|
+
version_requirements: !ruby/object:Gem::Requirement
|
56
|
+
requirements:
|
57
|
+
- - "~>"
|
58
|
+
- !ruby/object:Gem::Version
|
59
|
+
version: '1'
|
60
|
+
- - "<"
|
61
|
+
- !ruby/object:Gem::Version
|
62
|
+
version: '2'
|
63
|
+
- !ruby/object:Gem::Dependency
|
64
|
+
name: aws-sdk-s3
|
65
|
+
requirement: !ruby/object:Gem::Requirement
|
66
|
+
requirements:
|
67
|
+
- - "~>"
|
68
|
+
- !ruby/object:Gem::Version
|
69
|
+
version: '1'
|
70
|
+
- - "<"
|
71
|
+
- !ruby/object:Gem::Version
|
72
|
+
version: '2'
|
73
|
+
type: :runtime
|
74
|
+
prerelease: false
|
75
|
+
version_requirements: !ruby/object:Gem::Requirement
|
76
|
+
requirements:
|
77
|
+
- - "~>"
|
78
|
+
- !ruby/object:Gem::Version
|
79
|
+
version: '1'
|
80
|
+
- - "<"
|
81
|
+
- !ruby/object:Gem::Version
|
82
|
+
version: '2'
|
83
|
+
- !ruby/object:Gem::Dependency
|
84
|
+
name: aws-sdk-elasticloadbalancingv2
|
85
|
+
requirement: !ruby/object:Gem::Requirement
|
86
|
+
requirements:
|
87
|
+
- - "~>"
|
88
|
+
- !ruby/object:Gem::Version
|
89
|
+
version: '1'
|
90
|
+
- - "<"
|
91
|
+
- !ruby/object:Gem::Version
|
92
|
+
version: '2'
|
93
|
+
type: :runtime
|
94
|
+
prerelease: false
|
95
|
+
version_requirements: !ruby/object:Gem::Requirement
|
96
|
+
requirements:
|
97
|
+
- - "~>"
|
98
|
+
- !ruby/object:Gem::Version
|
99
|
+
version: '1'
|
100
|
+
- - "<"
|
101
|
+
- !ruby/object:Gem::Version
|
102
|
+
version: '2'
|
103
|
+
- !ruby/object:Gem::Dependency
|
104
|
+
name: bundler
|
105
|
+
requirement: !ruby/object:Gem::Requirement
|
106
|
+
requirements:
|
107
|
+
- - "~>"
|
108
|
+
- !ruby/object:Gem::Version
|
109
|
+
version: '1.16'
|
110
|
+
type: :development
|
111
|
+
prerelease: false
|
112
|
+
version_requirements: !ruby/object:Gem::Requirement
|
113
|
+
requirements:
|
114
|
+
- - "~>"
|
115
|
+
- !ruby/object:Gem::Version
|
116
|
+
version: '1.16'
|
117
|
+
- !ruby/object:Gem::Dependency
|
118
|
+
name: rake
|
119
|
+
requirement: !ruby/object:Gem::Requirement
|
120
|
+
requirements:
|
121
|
+
- - "~>"
|
122
|
+
- !ruby/object:Gem::Version
|
123
|
+
version: '10.0'
|
124
|
+
type: :development
|
125
|
+
prerelease: false
|
126
|
+
version_requirements: !ruby/object:Gem::Requirement
|
127
|
+
requirements:
|
128
|
+
- - "~>"
|
129
|
+
- !ruby/object:Gem::Version
|
130
|
+
version: '10.0'
|
131
|
+
- !ruby/object:Gem::Dependency
|
132
|
+
name: rspec
|
133
|
+
requirement: !ruby/object:Gem::Requirement
|
134
|
+
requirements:
|
135
|
+
- - "~>"
|
136
|
+
- !ruby/object:Gem::Version
|
137
|
+
version: '0.9'
|
138
|
+
type: :development
|
139
|
+
prerelease: false
|
140
|
+
version_requirements: !ruby/object:Gem::Requirement
|
141
|
+
requirements:
|
142
|
+
- - "~>"
|
143
|
+
- !ruby/object:Gem::Version
|
144
|
+
version: '0.9'
|
145
|
+
- !ruby/object:Gem::Dependency
|
146
|
+
name: rspec-core
|
147
|
+
requirement: !ruby/object:Gem::Requirement
|
148
|
+
requirements:
|
149
|
+
- - "~>"
|
150
|
+
- !ruby/object:Gem::Version
|
151
|
+
version: '3.8'
|
152
|
+
type: :development
|
153
|
+
prerelease: false
|
154
|
+
version_requirements: !ruby/object:Gem::Requirement
|
155
|
+
requirements:
|
156
|
+
- - "~>"
|
157
|
+
- !ruby/object:Gem::Version
|
158
|
+
version: '3.8'
|
159
|
+
- !ruby/object:Gem::Dependency
|
160
|
+
name: rspec-expectations
|
161
|
+
requirement: !ruby/object:Gem::Requirement
|
162
|
+
requirements:
|
163
|
+
- - "~>"
|
164
|
+
- !ruby/object:Gem::Version
|
165
|
+
version: '3.8'
|
166
|
+
type: :development
|
167
|
+
prerelease: false
|
168
|
+
version_requirements: !ruby/object:Gem::Requirement
|
169
|
+
requirements:
|
170
|
+
- - "~>"
|
171
|
+
- !ruby/object:Gem::Version
|
172
|
+
version: '3.8'
|
173
|
+
- !ruby/object:Gem::Dependency
|
174
|
+
name: rspec-mocks
|
175
|
+
requirement: !ruby/object:Gem::Requirement
|
176
|
+
requirements:
|
177
|
+
- - "~>"
|
178
|
+
- !ruby/object:Gem::Version
|
179
|
+
version: '3.8'
|
180
|
+
type: :development
|
181
|
+
prerelease: false
|
182
|
+
version_requirements: !ruby/object:Gem::Requirement
|
183
|
+
requirements:
|
184
|
+
- - "~>"
|
185
|
+
- !ruby/object:Gem::Version
|
186
|
+
version: '3.8'
|
187
|
+
description: |-
|
188
|
+
CloudWatch monitoring tool can query a cloudformation stack and return
|
189
|
+
monitorable resources that can be placed into a config file. This config
|
190
|
+
can then be used to generate a cloudformation stack to create and manage
|
191
|
+
cloudwatch alarms.
|
192
|
+
email:
|
193
|
+
- itsupport@base2services.com
|
194
|
+
executables:
|
195
|
+
- cfn_monitor
|
196
|
+
extensions: []
|
197
|
+
extra_rdoc_files: []
|
198
|
+
files:
|
199
|
+
- ".gitignore"
|
200
|
+
- ".rspec"
|
201
|
+
- ".travis.yml"
|
202
|
+
- Dockerfile
|
203
|
+
- Gemfile
|
204
|
+
- LICENSE.txt
|
205
|
+
- README.md
|
206
|
+
- Rakefile
|
207
|
+
- cfn_monitor.gemspec
|
208
|
+
- exe/cfn_monitor
|
209
|
+
- lib/cfn_monitor.rb
|
210
|
+
- lib/cfn_monitor/deploy.rb
|
211
|
+
- lib/cfn_monitor/generate.rb
|
212
|
+
- lib/cfn_monitor/query.rb
|
213
|
+
- lib/cfn_monitor/utils.rb
|
214
|
+
- lib/cfn_monitor/version.rb
|
215
|
+
- lib/config/config.yml
|
216
|
+
- lib/config/templates.yml
|
217
|
+
- lib/ext/alarms.rb
|
218
|
+
- lib/lambda/getEnvironmentName.py
|
219
|
+
- lib/lambda/getPhysicalId.py
|
220
|
+
- lib/templates/alarms.rb
|
221
|
+
- lib/templates/endpoints.rb
|
222
|
+
- lib/templates/hosts.rb
|
223
|
+
- lib/templates/master.rb
|
224
|
+
- lib/templates/resources.rb
|
225
|
+
- lib/templates/services.rb
|
226
|
+
homepage: https://github.com/base2Services/cfn-monitor/blob/master/README.md
|
227
|
+
licenses:
|
228
|
+
- MIT
|
229
|
+
metadata: {}
|
230
|
+
post_install_message:
|
231
|
+
rdoc_options: []
|
232
|
+
require_paths:
|
233
|
+
- lib
|
234
|
+
required_ruby_version: !ruby/object:Gem::Requirement
|
235
|
+
requirements:
|
236
|
+
- - ">="
|
237
|
+
- !ruby/object:Gem::Version
|
238
|
+
version: '0'
|
239
|
+
required_rubygems_version: !ruby/object:Gem::Requirement
|
240
|
+
requirements:
|
241
|
+
- - ">="
|
242
|
+
- !ruby/object:Gem::Version
|
243
|
+
version: '0'
|
244
|
+
requirements: []
|
245
|
+
rubyforge_project:
|
246
|
+
rubygems_version: 2.7.7
|
247
|
+
signing_key:
|
248
|
+
specification_version: 4
|
249
|
+
summary: Configure and generate a cloudwatch monitoring cloudformation stack
|
250
|
+
test_files: []
|