我有以下 Terraform 配置文件 (alerts.tf),该文件旨在在我们的每个环境上设置 Azure 监控警报和操作组。在本例中,我将环境数量限制为仅 3 个,即沙盒、开发和测试。
通过使用
for_eachalerts.tf整个解决方案是通过 Azure DevOps (ADO) 管道实施的,每个环境都设置为 ADO 管道“阶段”,这就是我们面临的问题。
如果在没有任何其他管道配置的情况下触发管道,它将迭代alerts.tf配置并成功在所有3个环境上配置资源。 但是,例如,如果我选择仅部署到 DEV 环境,管道将失败并显示类似于以下内容的错误消息:
Error: Invalid index
local.monitor_alerts is object with one attribute "SANDBOX"
environment is "DEV"
The given key does not identify an element in this collection value.
关于如何解决此错误有什么想法或建议吗?
[[警报.tf]]
locals {
alerts_resource_group = "rg-resources"
}
locals {
monitor_alert_webhook_service_name = "apply"
monitor_alerts = {
SANDBOX = {
apply_sys_failure = {
alert_type = "metric"
name = "service-alert-failure"
resource_group_name = var.rg-monitor-alerts
location = var.location
description = "Sandbox - One or more API calls to the backend service have failed"
scopes = [data.azurerm_application_insights.service_app_insights.id]
auto_mitigation_enabled = false
enabled = true
evaluation_frequency = "PT1M"
window_duration = "PT5M"
severity = 1
target_resource_type = "Microsoft.Insights/components"
skip_query_validation = "false"
criteria = [
{
metric_namespace = "Azure.ApplicationInsights"
metric_name = "SubmitOrder Failures"
aggregation = "Count"
operator = "GreaterThan"
threshold = 0
skip_metric_validation = false
}
]
action = [
{
action_group_id = try(module.azurerm_monitor_action_group["rg_engineers"].action_group.id, "")
webhook_properties = {
service = local.monitor_alert_webhook_service_name
}
}
]
}
}
DEV = {
apply_sys_failure = {
alert_type = "metric"
name = "service-alert-failure"
resource_group_name = var.rg-monitor-alerts
location = var.location
description = "Dev - One or more API calls to the backend service have failed"
scopes = [data.azurerm_application_insights.service_app_insights.id]
auto_mitigation_enabled = false
enabled = true
evaluation_frequency = "PT1M"
window_duration = "PT5M"
severity = 1
target_resource_type = "Microsoft.Insights/components"
skip_query_validation = "false"
criteria = [
{
metric_namespace = "Azure.ApplicationInsights"
metric_name = "SubmitOrder Failures"
aggregation = "Count"
operator = "GreaterThan"
threshold = 0
skip_metric_validation = false
}
]
action = [
{
action_group_id = try(module.azurerm_monitor_action_group["rg_engineers"].action_group.id, "")
webhook_properties = {
service = local.monitor_alert_webhook_service_name
}
}
]
}
}
TEST = {
apply_sys_failure = {
alert_type = "metric"
name = "service-alert-failure"
resource_group_name = var.rg-monitor-alerts
location = var.location
description = "TEST - One or more API calls to the backend service have failed"
scopes = [data.azurerm_application_insights.service_app_insights.id]
auto_mitigation_enabled = false
enabled = true
evaluation_frequency = "PT1M"
window_duration = "PT5M"
severity = 1
target_resource_type = "Microsoft.Insights/components"
skip_query_validation = "false"
criteria = [
{
metric_namespace = "Azure.ApplicationInsights"
metric_name = "SubmitOrder Failures"
aggregation = "Count"
operator = "GreaterThan"
threshold = 0
skip_metric_validation = false
}
]
action = [
{
action_group_id = try(module.azurerm_monitor_action_group["rg_engineers"].action_group.id, "")
webhook_properties = {
service = local.monitor_alert_webhook_service_name
}
}
]
}
}
}
monitor_action_groups = {
SANDBOX = {
rg_engineers = {
name = "acg-rg-engineers"
resource_group_name = local.alerts_resource_group
short_name = "RgEng"
enabled = true
email_receiver = [
{
name = "Incidents Mailbox"
email_address = "[email protected]"
}
]
}
}
DEV = {
rg_engineers = {
name = "acg-rg-engineers"
resource_group_name = local.alerts_resource_group
short_name = "RgEng"
enabled = true
email_receiver = [
{
name = "Incidents Mailbox"
email_address = "[email protected]"
}
]
}
}
TEST = {
rg_engineers = {
name = "acg-rg-engineers"
resource_group_name = local.alerts_resource_group
short_name = "RgEng"
enabled = true
email_receiver = [
{
name = "Incidents Mailbox"
email_address = "[email protected]"
}
]
}
}
}
[[ main.tf ]]
# Create Alerts
module "azurerm_monitor_alert" {
source = "git::https://[ADO-URL]/_git/module-tf-azurerm-monitor-alert"
for_each = local.monitor_alerts
alert = each.value
resource_group_name = each.value.resource_group_name
tags = var.tags
depends_on = [
local.alerts_resource_group
]
}
# Create Action Groups
module "azurerm_monitor_action_group" {
source = "git::https://[ADO-URL]/_git/module-tf-azurerm-monitor-alert"
for_each = local.monitor_alerts
action_group = each.value
resource_group_name = each.value.resource_group_name
tags = var.tags
depends_on = [
local.alerts_resource_group
]
}
}
非常感谢并非常感谢所有及时的反馈。幸运的是,事实证明整个 Terraform 配置实际上是正确的......好吧,几乎全部正确!
发生的事情是,在
locals.monitor_alerts}monitor_alerts删除右大括号解决了问题,因此现在我可以通过选择任何单个阶段作为目标环境来触发管道,并仅按预期部署到该环境。如果我还希望顺序部署到多个或所有其他环境,这也是可以实现的。