Trying to create Azure Alerts

theangrytech · April 10, 2024, 3:38pm

I’m trying to create some alerts in Terraform for App Gateways, so I can re-use them across several tenants/subs as/when I want to set them up. My idea is once created, is to create alerts for different types of resource and then put them on GitHub for anyone else to re-use.

At the moment - my criteria for the alerts looks something like this:

I’m trying to create this using modules (Because I’ve never done it before properly, so why not give it a try) but I’m having issues with the Criteria block. My idea is that I add each alert criteria into the terraform.tfvars file, and specify what alert group is notified in the main.tf (ie some alerts just need adding into the ITSM/Project Mailbox, others just an On-Call team, some maybe to all 3).

My files looks like this:

Main.tf
provider “azurerm” {
features {}
subscription_id = var.tfvars.subscription_id
tenant_id = var.tfvars.tenant_id
skip_provider_registration = true
}

module “action_groups” {
source = “./modules/action-groups”
for_each = var.region.action_groups
action_groups = each.value
resource_group_name = var.region.resource_group_name
}
module “monitor_activity_log_alerts” {
source = “./modules/azurerm-monitor-activity-log-alert”
for_each = var.region.monitor_activity_log_alerts_prd
monitor_activity_log_alerts = each.value
action_group_ids = module.action_groups.action_group_id
}

Terraform.tfvars:
tfvars = {

init

subscription_id = “<Subscription_ID>” #Add in new Sub Names/ID’s in tenant as time goes on
tenant_id = “<Tenant_ID>”
}

region = {

resource_group_name = “appgw”

resource_group_names = “monitoring”

location = “uksouth”

action_groups = {
“1” = {
name = “Action-Group-ITSM-Alerts”,
short_name = “AG-ITSM”,
email_receiver = {
1 = {
email_address = “ITSMEmail@company.com”
name = “ITSM-Support-Alerts”
use_common_alert_schema = false
},
2 = {
email_address = “ProjectMailbox@company.com”
name = “projmailbox_-EmailAction-”
use_common_alert_schema = false
}
}
arm_role_receiver = {}
},
“2” = {
name = “Action-Group-OnCall-Aware”,
short_name = “AG-OnCall”,
email_receiver = {
1 = {
email_address = “OnCallTeam@company.com”
name = “OnCall Alerts”
use_common_alert_schema = false
}
}
arm_role_receiver = {}
},
}

Variables.tf:
variable “tfvars” {
default = “”
}

variable “region” {
default = “”
}

Module - Action_Group:
Main.tf:
resource “azurerm_monitor_action_group” “action_groups” {
name = var.action_groups.name
resource_group_name = var.resource_group_name
short_name = var.action_groups.short_name
dynamic “email_receiver” {
for_each = var.action_groups.email_receiver
content {
name = email_receiver.value.name
email_address = email_receiver.value.email_address
use_common_alert_schema = email_receiver.value.use_common_alert_schema #boolean
}
}

dynamic “arm_role_receiver” {
for_each = var.action_groups.arm_role_receiver
content {
name = arm_role_receiver.value.name
role_id = arm_role_receiver.value.role_id
use_common_alert_schema = arm_role_receiver.value.use_common_alert_schema
}
}
lifecycle {
ignore_changes = [
tags
]
}
}

output “action_group_id” {
value = azurerm_monitor_action_group.action_groups.id
}

Variables.tf:
variable “action_groups” {}
variable “resource_group_name” {}

Module - azurerm-monitor-activity-log-alert:
Main.tf:
resource “azurerm_monitor_activity_log_alert” “monitor_activity_log_alert” {
for_each = var.monitor_activity_log_alerts
name = each.value.name
resource_group_name = each.value.resource_group_name
scopes = each.value.scopes
description = each.value.description

dynamic “criteria” {
for_each = each.value.criteria
content {
operation_name = criteria.value.operation_name
category = criteria.value.category
dynamic “resource_health” {
for_each = each.value.resource_health
content {
current = resource_health.value.current
previous = resource_health.value.previous
reason = resource_health.value.reason
}
}
dynamic “service_health” {
for_each = each.value.service_health
content {
events = service_health.value.events
locations = service_health.value.locations
services = service_health.value.services
}
}
}
}

action {
action_group_id = var.action_group_ids
}

lifecycle {
ignore_changes = [
tags
]
}
}

Variables.tf
variable “monitor_activity_log_alerts” {}
variable “action_group_ids” {}

When I try run a terraform plan, I get the following error messages:

Error: Insufficient criteria blocks

on modules\azurerm-monitor-activity-log-alert\main.tf line 1, in resource “azurerm_monitor_activity_log_alert” “monitor_activity_log_alert”:
1: resource “azurerm_monitor_activity_log_alert” “monitor_activity_log_alert” {

At least 1 “criteria” blocks are required.

Error: Insufficient criteria blocks

on modules\azurerm-monitor-activity-log-alert\main.tf line 1, in resource “azurerm_monitor_activity_log_alert” “monitor_activity_log_alert”:
1: resource “azurerm_monitor_activity_log_alert” “monitor_activity_log_alert” {

At least 1 “criteria” blocks are required.

Error: Insufficient criteria blocks

on modules\azurerm-monitor-activity-log-alert\main.tf line 1, in resource “azurerm_monitor_activity_log_alert” “monitor_activity_log_alert”:
1: resource “azurerm_monitor_activity_log_alert” “monitor_activity_log_alert” {

At least 1 “criteria” blocks are required.

Error: Insufficient criteria blocks

on modules\azurerm-monitor-activity-log-alert\main.tf line 1, in resource “azurerm_monitor_activity_log_alert” “monitor_activity_log_alert”:
1: resource “azurerm_monitor_activity_log_alert” “monitor_activity_log_alert” {

At least 1 “criteria” blocks are required.

Error: Insufficient criteria blocks

on modules\azurerm-monitor-activity-log-alert\main.tf line 1, in resource “azurerm_monitor_activity_log_alert” “monitor_activity_log_alert”:
1: resource “azurerm_monitor_activity_log_alert” “monitor_activity_log_alert” {

At least 1 “criteria” blocks are required.

Error: Insufficient criteria blocks

on modules\azurerm-monitor-activity-log-alert\main.tf line 1, in resource “azurerm_monitor_activity_log_alert” “monitor_activity_log_alert”:
1: resource “azurerm_monitor_activity_log_alert” “monitor_activity_log_alert” {

At least 1 “criteria” blocks are required.

Error: Insufficient criteria blocks

on modules\azurerm-monitor-activity-log-alert\main.tf line 1, in resource “azurerm_monitor_activity_log_alert” “monitor_activity_log_alert”:
1: resource “azurerm_monitor_activity_log_alert” “monitor_activity_log_alert” {

At least 1 “criteria” blocks are required.

Error: Unsupported attribute

on modules\azurerm-monitor-activity-log-alert\main.tf line 3, in resource “azurerm_monitor_activity_log_alert” “monitor_activity_log_alert”:
3: name = each.value.name
├────────────────
│ each.value is “ApplicationGatewayTotalTime”

Can’t access attributes on a primitive-typed value (string).

Error: Unsupported attribute

on modules\azurerm-monitor-activity-log-alert\main.tf line 3, in resource “azurerm_monitor_activity_log_alert” “monitor_activity_log_alert”:
3: name = each.value.name
├────────────────
│ each.value is tuple with 1 element

This value does not have any attributes.

Error: Unsupported attribute

on modules\azurerm-monitor-activity-log-alert\main.tf line 3, in resource “azurerm_monitor_activity_log_alert” “monitor_activity_log_alert”:
3: name = each.value.name
├────────────────
│ each.value is object with no attributes

This object does not have an attribute named “name”.

Error: Unsupported attribute

on modules\azurerm-monitor-activity-log-alert\main.tf line 3, in resource “azurerm_monitor_activity_log_alert” “monitor_activity_log_alert”:
3: name = each.value.name
├────────────────
│ each.value is “appgw”

Can’t access attributes on a primitive-typed value (string).

Error: Unsupported attribute

on modules\azurerm-monitor-activity-log-alert\main.tf line 3, in resource “azurerm_monitor_activity_log_alert” “monitor_activity_log_alert”:
3: name = each.value.name
├────────────────
│ each.value is object with 1 attribute “1”

This object does not have an attribute named “name”.

Error: Unsupported attribute

on modules\azurerm-monitor-activity-log-alert\main.tf line 3, in resource “azurerm_monitor_activity_log_alert” “monitor_activity_log_alert”:
3: name = each.value.name
├────────────────
│ each.value is object with no attributes

This object does not have an attribute named “name”.

Error: Unsupported attribute

on modules\azurerm-monitor-activity-log-alert\main.tf line 3, in resource “azurerm_monitor_activity_log_alert” “monitor_activity_log_alert”:
3: name = each.value.name
├────────────────
│ each.value is “appag-totaltime-alert”

Can’t access attributes on a primitive-typed value (string).

Error: Unsupported attribute

on modules\azurerm-monitor-activity-log-alert\main.tf line 4, in resource “azurerm_monitor_activity_log_alert” “monitor_activity_log_alert”:
4: resource_group_name = each.value.resource_group_name
├────────────────
│ each.value is “ApplicationGatewayTotalTime”

Can’t access attributes on a primitive-typed value (string).

Error: Unsupported attribute

on modules\azurerm-monitor-activity-log-alert\main.tf line 4, in resource “azurerm_monitor_activity_log_alert” “monitor_activity_log_alert”:
4: resource_group_name = each.value.resource_group_name
├────────────────
│ each.value is tuple with 1 element

This value does not have any attributes.

Error: Unsupported attribute

on modules\azurerm-monitor-activity-log-alert\main.tf line 4, in resource “azurerm_monitor_activity_log_alert” “monitor_activity_log_alert”:
4: resource_group_name = each.value.resource_group_name
├────────────────
│ each.value is object with no attributes

This object does not have an attribute named “resource_group_name”.

Error: Unsupported attribute

on modules\azurerm-monitor-activity-log-alert\main.tf line 4, in resource “azurerm_monitor_activity_log_alert” “monitor_activity_log_alert”:
4: resource_group_name = each.value.resource_group_name
├────────────────
│ each.value is “appgw”

Can’t access attributes on a primitive-typed value (string).

Error: Unsupported attribute

on modules\azurerm-monitor-activity-log-alert\main.tf line 4, in resource “azurerm_monitor_activity_log_alert” “monitor_activity_log_alert”:
4: resource_group_name = each.value.resource_group_name
├────────────────
│ each.value is object with 1 attribute “1”

This object does not have an attribute named “resource_group_name”.

Error: Unsupported attribute

on modules\azurerm-monitor-activity-log-alert\main.tf line 4, in resource “azurerm_monitor_activity_log_alert” “monitor_activity_log_alert”:
4: resource_group_name = each.value.resource_group_name
├────────────────
│ each.value is object with no attributes

This object does not have an attribute named “resource_group_name”.

Error: Unsupported attribute

on modules\azurerm-monitor-activity-log-alert\main.tf line 4, in resource “azurerm_monitor_activity_log_alert” “monitor_activity_log_alert”:
4: resource_group_name = each.value.resource_group_name
├────────────────
│ each.value is “appag-totaltime-alert”

Can’t access attributes on a primitive-typed value (string).

Error: Unsupported attribute

on modules\azurerm-monitor-activity-log-alert\main.tf line 5, in resource “azurerm_monitor_activity_log_alert” “monitor_activity_log_alert”:
5: scopes = each.value.scopes
├────────────────
│ each.value is “ApplicationGatewayTotalTime”

Can’t access attributes on a primitive-typed value (string).

Error: Unsupported attribute

on modules\azurerm-monitor-activity-log-alert\main.tf line 5, in resource “azurerm_monitor_activity_log_alert” “monitor_activity_log_alert”:
5: scopes = each.value.scopes
├────────────────
│ each.value is tuple with 1 element

This value does not have any attributes.

Error: Unsupported attribute

on modules\azurerm-monitor-activity-log-alert\main.tf line 5, in resource “azurerm_monitor_activity_log_alert” “monitor_activity_log_alert”:
5: scopes = each.value.scopes
├────────────────
│ each.value is object with no attributes

This object does not have an attribute named “scopes”.

Error: Unsupported attribute

on modules\azurerm-monitor-activity-log-alert\main.tf line 5, in resource “azurerm_monitor_activity_log_alert” “monitor_activity_log_alert”:
5: scopes = each.value.scopes
├────────────────
│ each.value is “appgw”

Can’t access attributes on a primitive-typed value (string).

Error: Unsupported attribute

on modules\azurerm-monitor-activity-log-alert\main.tf line 5, in resource “azurerm_monitor_activity_log_alert” “monitor_activity_log_alert”:
5: scopes = each.value.scopes
├────────────────
│ each.value is object with 1 attribute “1”

This object does not have an attribute named “scopes”.

Error: Unsupported attribute

on modules\azurerm-monitor-activity-log-alert\main.tf line 5, in resource “azurerm_monitor_activity_log_alert” “monitor_activity_log_alert”:
5: scopes = each.value.scopes
├────────────────
│ each.value is object with no attributes

This object does not have an attribute named “scopes”.

Error: Unsupported attribute

on modules\azurerm-monitor-activity-log-alert\main.tf line 5, in resource “azurerm_monitor_activity_log_alert” “monitor_activity_log_alert”:
5: scopes = each.value.scopes
├────────────────
│ each.value is “appag-totaltime-alert”

Can’t access attributes on a primitive-typed value (string).

Error: Unsupported attribute

on modules\azurerm-monitor-activity-log-alert\main.tf line 6, in resource “azurerm_monitor_activity_log_alert” “monitor_activity_log_alert”:
6: description = each.value.description
├────────────────
│ each.value is “ApplicationGatewayTotalTime”

Can’t access attributes on a primitive-typed value (string).

Error: Unsupported attribute

on modules\azurerm-monitor-activity-log-alert\main.tf line 6, in resource “azurerm_monitor_activity_log_alert” “monitor_activity_log_alert”:
6: description = each.value.description
├────────────────
│ each.value is tuple with 1 element

This value does not have any attributes.

Error: Unsupported attribute

on modules\azurerm-monitor-activity-log-alert\main.tf line 6, in resource “azurerm_monitor_activity_log_alert” “monitor_activity_log_alert”:
6: description = each.value.description
├────────────────
│ each.value is object with no attributes

This object does not have an attribute named “description”.

Error: Unsupported attribute

on modules\azurerm-monitor-activity-log-alert\main.tf line 6, in resource “azurerm_monitor_activity_log_alert” “monitor_activity_log_alert”:
6: description = each.value.description
├────────────────
│ each.value is “appgw”

Can’t access attributes on a primitive-typed value (string).

Error: Unsupported attribute

on modules\azurerm-monitor-activity-log-alert\main.tf line 6, in resource “azurerm_monitor_activity_log_alert” “monitor_activity_log_alert”:
6: description = each.value.description
├────────────────
│ each.value is object with 1 attribute “1”

This object does not have an attribute named “description”.

Error: Unsupported attribute

on modules\azurerm-monitor-activity-log-alert\main.tf line 6, in resource “azurerm_monitor_activity_log_alert” “monitor_activity_log_alert”:
6: description = each.value.description
├────────────────
│ each.value is object with no attributes

This object does not have an attribute named “description”.

Error: Unsupported attribute

on modules\azurerm-monitor-activity-log-alert\main.tf line 6, in resource “azurerm_monitor_activity_log_alert” “monitor_activity_log_alert”:
6: description = each.value.description
├────────────────
│ each.value is “appag-totaltime-alert”

Can’t access attributes on a primitive-typed value (string).

Error: Unsupported attribute

on modules\azurerm-monitor-activity-log-alert\main.tf line 9, in resource “azurerm_monitor_activity_log_alert” “monitor_activity_log_alert”:
9: for_each = each.value.criteria
├────────────────
│ each.value is “ApplicationGatewayTotalTime”

Can’t access attributes on a primitive-typed value (string).

Error: Unsupported attribute

on modules\azurerm-monitor-activity-log-alert\main.tf line 9, in resource “azurerm_monitor_activity_log_alert” “monitor_activity_log_alert”:
9: for_each = each.value.criteria
├────────────────
│ each.value is tuple with 1 element

This value does not have any attributes.

Error: Unsupported attribute

on modules\azurerm-monitor-activity-log-alert\main.tf line 9, in resource “azurerm_monitor_activity_log_alert” “monitor_activity_log_alert”:
9: for_each = each.value.criteria
├────────────────
│ each.value is object with no attributes

This object does not have an attribute named “criteria”.

Error: Unsupported attribute

on modules\azurerm-monitor-activity-log-alert\main.tf line 9, in resource “azurerm_monitor_activity_log_alert” “monitor_activity_log_alert”:
9: for_each = each.value.criteria
├────────────────
│ each.value is “appgw”

Can’t access attributes on a primitive-typed value (string).

Error: Unsupported attribute

on modules\azurerm-monitor-activity-log-alert\main.tf line 9, in resource “azurerm_monitor_activity_log_alert” “monitor_activity_log_alert”:
9: for_each = each.value.criteria
├────────────────
│ each.value is object with 1 attribute “1”

This object does not have an attribute named “criteria”.

Error: Unsupported attribute

on modules\azurerm-monitor-activity-log-alert\main.tf line 9, in resource “azurerm_monitor_activity_log_alert” “monitor_activity_log_alert”:
9: for_each = each.value.criteria
├────────────────
│ each.value is object with no attributes

This object does not have an attribute named “criteria”.

Error: Unsupported attribute

on modules\azurerm-monitor-activity-log-alert\main.tf line 9, in resource “azurerm_monitor_activity_log_alert” “monitor_activity_log_alert”:
9: for_each = each.value.criteria
├────────────────
│ each.value is “appag-totaltime-alert”

Can’t access attributes on a primitive-typed value (string).

I’ve taken a look at the module.main.tf file and the criteria block is there, and the main.tf says to create them from the module, and the main terraform.tf contains what I think is all the fields for the criteria block - but I’m not any further along in getting past the errors (Or I just can’t see where).

Any advice or pointers would be grateful!