我正在尝试使用terraform提醒KMS密钥删除。我有一个基于日志的度量、一个策略和一个到PagerDuty的通知通道。然而,这一切都有效,在警报触发后,它很快就会清除,我似乎无法阻止这种情况。这是我的代码:
resource "google_logging_metric" "logging_metric" {
name = "kms-key-pending-deletion"
description = "Logging metric used to alert on scheduled deletions of KMS keys"
filter = "resource.type=cloudkms_cryptokeyversion AND protoPayload.methodName=DestroyCryptoKeyVersion"
metric_descriptor {
metric_kind = "DELTA"
value_type = "INT64"
unit = "1"
display_name = "kms-key-pending-deletion-metric-descriptor"
}
}
resource "google_monitoring_notification_channel" "pagerduty_alerts" {
display_name = "pagerduty-notification-channel"
type = "pagerduty"
sensitive_labels {
service_key = var.token
}
}
resource "google_monitoring_alert_policy" "kms_key_deletion_alert_policy" {
display_name = "kms-key-deletion-alert-policy"
combiner = "OR"
notification_channels = [google_monitoring_notification_channel.pagerduty_alerts.name]
conditions {
display_name = "kms-key-deletion-alert-policy-conditions"
condition_threshold {
comparison = "COMPARISON_GT"
duration = "300s"
filter = "metric.type="logging.googleapis.com/user/kms-key-pending-deletion" AND resource.type="global""
threshold_value = "0"
}
}
documentation {
content = "Runbook: https://blah"
}
}
在GCP GUI中;事件结束时通知";它会停止清除警报。但是我不能通过地形来设置。我已经尝试将alert_strategy.auto_close设置为null和0s,但这不起作用:
alert_strategy {
auto_close = "0s"
# auto_close = null
}
在地形中构建策略时,如何保持警报活动并阻止其清除?我使用的资源类型正确吗?-我应该使用cloudkms.cryptoKey.state吗;DESTROY_SCHEDULED";不知怎么的?
对于其他想要找到答案的人:
API中缺少保持警报打开并且不允许其自动关闭的需要。此处跟踪问题:https://issuetracker.google.com/issues/151052441?pli=1