From 75331038bee06d0cf8d0f0f6f8afc5ec6cfae92c Mon Sep 17 00:00:00 2001 From: cfln123 Date: Mon, 16 Sep 2024 18:35:52 -0300 Subject: [PATCH] Add support for insight metrics --- lib/cfnguardian/compile.rb | 8 +++++--- lib/cfnguardian/display_formatter.rb | 2 ++ lib/cfnguardian/models/alarm.rb | 2 ++ lib/cfnguardian/resources/base.rb | 2 +- lib/cfnguardian/stacks/resources.rb | 9 +++++---- 5 files changed, 15 insertions(+), 8 deletions(-) diff --git a/lib/cfnguardian/compile.rb b/lib/cfnguardian/compile.rb index c6c3a02..a6b2e85 100644 --- a/lib/cfnguardian/compile.rb +++ b/lib/cfnguardian/compile.rb @@ -190,9 +190,11 @@ def validate_resources() @resources.each do |resource| case resource.type when 'Alarm' - %w(metric_name namespace).each do |property| - if resource.send(property).nil? - @errors << "CfnGuardian::AlarmPropertyError - alarm #{resource.name} for resource #{resource.resource_id} has nil value for property #{property.to_camelcase}. This could be due to incorrect spelling of a default alarm name or missing property #{property.to_camelcase} on a new alarm." + if resource.metrics.nil? + %w(metric_name namespace).each do |property| + if resource.send(property).nil? + @errors << "CfnGuardian::AlarmPropertyError - alarm #{resource.name} for resource #{resource.resource_id} has nil value for property #{property.to_camelcase}. This could be due to incorrect spelling of a default alarm name or missing property #{property.to_camelcase} on a new alarm." + end end end when 'Check' diff --git a/lib/cfnguardian/display_formatter.rb b/lib/cfnguardian/display_formatter.rb index 7672a5d..e10c58e 100644 --- a/lib/cfnguardian/display_formatter.rb +++ b/lib/cfnguardian/display_formatter.rb @@ -20,6 +20,7 @@ def alarms() ['ResourceName', alarm.resource_name], ['Enabled', alarm.enabled], ['MetricName', alarm.metric_name], + ['Metrics', alarm.metrics], ['Dimensions', alarm.dimensions], ['Threshold', alarm.threshold], ['Period', alarm.period], @@ -60,6 +61,7 @@ def compare_alarms(metric_alarms) ['ResourceName', alarm.resource_name, alarm.resource_name], ['Enabled', alarm.enabled, true], ['MetricName', alarm.metric_name, metric_alarm.metric_name], + ['Metrics', alarm.metrics], ['Dimensions', alarm.dimensions, dimensions], ['Threshold', alarm.threshold.to_f, metric_alarm.threshold], ['Period', alarm.period, metric_alarm.period], diff --git a/lib/cfnguardian/models/alarm.rb b/lib/cfnguardian/models/alarm.rb index 6c6a12f..710c8ae 100644 --- a/lib/cfnguardian/models/alarm.rb +++ b/lib/cfnguardian/models/alarm.rb @@ -13,6 +13,7 @@ class BaseAlarm :metric_name, :namespace, :dimensions, + :metrics, :threshold, :period, :evaluation_periods, @@ -39,6 +40,7 @@ def initialize(resource) @metric_name = nil @namespace = nil @dimensions = nil + @metrics = nil @threshold = 0 @period = 60 @evaluation_periods = 1 diff --git a/lib/cfnguardian/resources/base.rb b/lib/cfnguardian/resources/base.rb index 5f440cc..c6d6505 100644 --- a/lib/cfnguardian/resources/base.rb +++ b/lib/cfnguardian/resources/base.rb @@ -112,7 +112,7 @@ def get_alarms(group,overides={}) # String interpolation for alarm dimensions @alarms.each do |alarm| - next if alarm.dimensions.nil? + next if alarm.dimensions.nil? || ! alarm.metrics.nil? alarm.dimensions.each do |k,v| if v.is_a?(String) && v.match?(/^\${Resource::.*[A-Za-z]}$/) resource_key = v.tr('${}', '').split('Resource::').last diff --git a/lib/cfnguardian/stacks/resources.rb b/lib/cfnguardian/stacks/resources.rb index 70462d8..eb4c2eb 100644 --- a/lib/cfnguardian/stacks/resources.rb +++ b/lib/cfnguardian/stacks/resources.rb @@ -40,13 +40,14 @@ def add_alarm(alarm) AlarmDescription "Guardian alarm #{alarm.name} for the resource #{alarm.resource_id} in alarm group #{alarm.group}" AlarmName CfnGuardian::CloudWatch.get_alarm_name(alarm) ComparisonOperator alarm.comparison_operator + Metrics alarm.metrics unless alarm.metrics.nil? Dimensions alarm.dimensions.map {|k,v| {Name: k, Value: v}} unless alarm.dimensions.nil? EvaluationPeriods alarm.evaluation_periods - Statistic alarm.statistic if alarm.extended_statistic.nil? - Period alarm.period + Statistic alarm.statistic if alarm.extended_statistic.nil? && alarm.metrics.nil? + Period alarm.period if alarm.metrics.nil? Threshold alarm.threshold - MetricName alarm.metric_name - Namespace alarm.namespace + MetricName alarm.metric_name if alarm.metrics.nil? + Namespace alarm.namespace if alarm.metrics.nil? AlarmActions actions OKActions actions TreatMissingData alarm.treat_missing_data unless alarm.treat_missing_data.nil?