diff --git a/deploy/api-gateway.tf b/deploy/api-gateway.tf
index 3fcf08b4b39b3039833592c07785adbb94a9e286..91282bd347286a8d5acf8003a2a4a2e7bf6fc672 100644
--- a/deploy/api-gateway.tf
+++ b/deploy/api-gateway.tf
@@ -88,28 +88,10 @@ resource "aws_api_gateway_stage" "main" {
tags = local.common_tags
}
-resource "aws_api_gateway_account" "apigw" {
- cloudwatch_role_arn = aws_iam_role.cloudwatch.arn
-}
-
-resource "aws_iam_role" "cloudwatch" {
- name = "${local.prefix}-api_gateway_cloudwatch_global"
-
- assume_role_policy = file("./templates/api-gateway/assume-role-policy.json")
-}
-
-resource "aws_iam_role_policy" "cloudwatch" {
- name = "${local.prefix}-default"
- role = aws_iam_role.cloudwatch.id
-
- policy = file("./templates/api-gateway/cloud-watch-policy.json")
-}
-
resource "aws_api_gateway_method_settings" "general_settings" {
rest_api_id = aws_api_gateway_rest_api.main.id
stage_name = aws_api_gateway_stage.main.stage_name
method_path = "*/*"
- depends_on = [aws_api_gateway_account.apigw]
settings {
# Enable CloudWatch logging and metrics
diff --git a/deploy/cloudwatch_alarms.tf b/deploy/cloudwatch_alarms.tf
new file mode 100644
index 0000000000000000000000000000000000000000..31f47aeb03b6cfce2c598bcfcc694fdee27f587d
--- /dev/null
+++ b/deploy/cloudwatch_alarms.tf
@@ -0,0 +1,46 @@
+data "aws_sns_topic" "cloudmon" {
+ name = "edebrye-cloudmon"
+}
+
+resource "aws_cloudwatch_metric_alarm" "lambda_throttles_alarm" {
+ for_each = local.lambdas
+
+ alarm_name = "${local.prefix}-${each.key}-throttle-alarm"
+ alarm_description = "Alert staff when throttles occurs on cloud-monitor project's lambdas."
+ comparison_operator = "GreaterThanOrEqualToThreshold"
+ evaluation_periods = 1
+ period = 300
+ threshold = 1
+ namespace = "AWS/Lambda"
+ statistic = "Sum"
+ alarm_actions = [data.aws_sns_topic.cloudmon.arn]
+ ok_actions = [data.aws_sns_topic.cloudmon.arn]
+ metric_name = "Throttles"
+
+ dimensions = {
+ FunctionName = aws_lambda_function.crud[each.key].function_name
+ }
+ tags = local.common_tags
+}
+
+
+resource "aws_cloudwatch_metric_alarm" "lambda_error_alarm" {
+ for_each = local.lambdas
+
+ alarm_name = "${local.prefix}-${each.key}-error-alarm"
+ alarm_description = "Alert staff when errors occurs on cloud-monitor project's lambdas."
+ comparison_operator = "GreaterThanOrEqualToThreshold"
+ evaluation_periods = 1
+ period = 300
+ threshold = 1
+ namespace = "AWS/Lambda"
+ statistic = "Sum"
+ alarm_actions = [data.aws_sns_topic.cloudmon.arn]
+ ok_actions = [data.aws_sns_topic.cloudmon.arn]
+ metric_name = "Errors"
+
+ dimensions = {
+ FunctionName = aws_lambda_function.crud[each.key].function_name
+ }
+ tags = local.common_tags
+}
\ No newline at end of file
diff --git a/deploy/templates/api-gateway/assume-role-policy.json b/deploy/templates/api-gateway/assume-role-policy.json
deleted file mode 100644
index 317b2bfeed4dc55f2b821c09855f8f16ee10ae4e..0000000000000000000000000000000000000000
--- a/deploy/templates/api-gateway/assume-role-policy.json
+++ /dev/null
@@ -1,13 +0,0 @@
-{
- "Version": "2012-10-17",
- "Statement": [
- {
- "Sid": "",
- "Effect": "Allow",
- "Principal": {
- "Service": "apigateway.amazonaws.com"
- },
- "Action": "sts:AssumeRole"
- }
- ]
- }
\ No newline at end of file
diff --git a/deploy/templates/api-gateway/cloud-watch-policy.json b/deploy/templates/api-gateway/cloud-watch-policy.json
deleted file mode 100644
index d93eb7890a3fd5e9c1a169e6bfb857086c9c3a40..0000000000000000000000000000000000000000
--- a/deploy/templates/api-gateway/cloud-watch-policy.json
+++ /dev/null
@@ -1,18 +0,0 @@
-{
- "Version": "2012-10-17",
- "Statement": [
- {
- "Effect": "Allow",
- "Action": [
- "logs:CreateLogGroup",
- "logs:CreateLogStream",
- "logs:DescribeLogGroups",
- "logs:DescribeLogStreams",
- "logs:PutLogEvents",
- "logs:GetLogEvents",
- "logs:FilterLogEvents"
- ],
- "Resource": "*"
- }
- ]
-}
\ No newline at end of file