diff --git a/.devcontainer/devcontainer.json b/.devcontainer/devcontainer.json
new file mode 100644
index 0000000..51d3a88
--- /dev/null
+++ b/.devcontainer/devcontainer.json
@@ -0,0 +1,30 @@
+// For format details, see https://aka.ms/devcontainer.json. For config options, see the
+// README at: https://github.com/devcontainers/templates/tree/main/src/alpine
+{
+ "name": "devcontainer",
+ "image": "mcr.microsoft.com/vscode/devcontainers/base:ubuntu-22.04",
+ // Features to add to the dev container. More info: https://containers.dev/features.
+ "features": {
+ "ghcr.io/devcontainers/features/aws-cli:1": {
+ "version": "latest"
+ },
+ "ghcr.io/devcontainers-contrib/features/checkov:1": {
+ "version": "latest"
+ },
+ "ghcr.io/devcontainers/features/terraform:1": {
+ "version": "1.5.0",
+ "tflint": "0.47.0",
+ "installTFsec": "true",
+ "installTerraformDocs": "true"
+ },
+ "ghcr.io/devcontainers-contrib/features/pre-commit:2": {
+ "version": "latest"
+ },
+ "ghcr.io/devcontainers-contrib/features/terrascan:1": {
+ "version": "latest"
+ }
+ },
+ "shutdownAction": "stopContainer",
+ "postCreateCommand": {
+ "one": "tflint --init"
+ }}
diff --git a/.editorconfig b/.editorconfig
new file mode 100644
index 0000000..fb1586c
--- /dev/null
+++ b/.editorconfig
@@ -0,0 +1,26 @@
+# EditorConfig helps developers define and maintain consistent coding styles between different editors and IDEs
+# For more information about the EditorConfig project, see http://editorconfig.org/
+
+# top-most EditorConfig file
+root = true
+
+# Unix-style newlines with a newline ending every file
+[*]
+end_of_line = lf
+insert_final_newline = true
+max_line_length = 80
+trim_trailing_whitespace = true
+
+# Indentation and spacing
+[*.tf]
+indent_style = space
+indent_size = 2
+
+[*.md]
+trim_trailing_whitespace = false
+
+# Ignore files generated by Terraform
+[*.tfstate]
+[*.tfstate.*]
+[*.tfvars]
+[*.tfvars.*]
diff --git a/.github/workflows/pr-checks.yml b/.github/workflows/pr-checks.yml
new file mode 100644
index 0000000..1ec9c60
--- /dev/null
+++ b/.github/workflows/pr-checks.yml
@@ -0,0 +1,19 @@
+name: pr-checks
+on:
+ - pull_request
+
+permissions:
+ contents: read
+ issues: read
+ pull-requests: read
+ checks: read
+
+jobs:
+ check_pull_request_type:
+ name: Check for pull request type label
+ runs-on: ubuntu-latest
+ steps:
+ - uses: docker://agilepathway/pull-request-label-checker:latest
+ with:
+ one_of: bug,enhancement,documentation,security
+ repo_token: ${{ secrets.GITHUB_TOKEN }}
diff --git a/.github/workflows/tf-module-actions.yml b/.github/workflows/tf-module-actions.yml
new file mode 100644
index 0000000..12e6ca4
--- /dev/null
+++ b/.github/workflows/tf-module-actions.yml
@@ -0,0 +1,22 @@
+name: tf-module-actions
+on:
+ - pull_request
+permissions:
+ contents: write
+ pull-requests: write
+ issues: write
+ checks: write
+jobs:
+ checks:
+ runs-on: ubuntu-latest
+ steps:
+ - uses: actions/checkout@v3
+ with:
+ ref: ${{ github.event.pull_request.head.ref }}
+ - name: Render terraform docs inside the README.md and push changes back to PR branch
+ uses: terraform-docs/gh-actions@v1.0.0
+ with:
+ working-dir: .,examples/01_default_configuration
+ output-file: README.md
+ output-method: inject
+ git-push: "true"
diff --git a/.github/workflows/tf-module-release.yml b/.github/workflows/tf-module-release.yml
new file mode 100644
index 0000000..f54cc1f
--- /dev/null
+++ b/.github/workflows/tf-module-release.yml
@@ -0,0 +1,28 @@
+name: Release
+
+on:
+ workflow_dispatch:
+ push:
+ branches:
+ - main
+jobs:
+ release:
+ name: Release
+ runs-on: ubuntu-latest
+ steps:
+ - name: Checkout
+ uses: actions/checkout@v3
+ with:
+ persist-credentials: false
+ fetch-depth: 0
+
+ - name: Release
+ uses: cycjimmy/semantic-release-action@v3
+ with:
+ semantic_version: 18.0.0
+ extra_plugins: |
+ @semantic-release/changelog@6.0.0
+ @semantic-release/git@10.0.0
+ conventional-changelog-conventionalcommits@4.6.3
+ env:
+ GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..f63ef01
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,28 @@
+# Local .terraform directories
+**/.terraform/*
+
+# .tfstate files
+*.tfstate
+*.tfstate.*
+
+# Terraform lock files
+*.lock.hcl
+
+# Crash log files
+crash.log
+
+# Ignore override files as they are usually used to override resources locally and so are not checked in
+override.tf
+override.tf.json
+*_override.tf
+*_override.tf.json
+
+# Ignore CLI configuration files
+.terraformrc
+terraform.rc
+
+# VSCode History plugin
+.history
+
+# Python virtual environment
+.venv
diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml
new file mode 100644
index 0000000..db118f6
--- /dev/null
+++ b/.pre-commit-config.yaml
@@ -0,0 +1,33 @@
+repos:
+ - repo: https://github.com/antonbabenko/pre-commit-terraform
+ rev: v1.83.2
+ hooks:
+ - id: terraform_fmt
+ - id: terraform_validate
+ - id: terraform_docs
+ args:
+ - '--args=--lockfile=false'
+ - id: terraform_tflint
+ args:
+ - '--args=--only=terraform_deprecated_interpolation'
+ - '--args=--only=terraform_deprecated_index'
+ - '--args=--only=terraform_unused_declarations'
+ - '--args=--only=terraform_comment_syntax'
+ - '--args=--only=terraform_documented_outputs'
+ - '--args=--only=terraform_documented_variables'
+ - '--args=--only=terraform_typed_variables'
+ - '--args=--only=terraform_module_pinned_source'
+ - '--args=--only=terraform_naming_convention'
+ - '--args=--only=terraform_required_version'
+ - '--args=--only=terraform_required_providers'
+ - '--args=--only=terraform_standard_module_structure'
+ - '--args=--only=terraform_workspace_remote'
+ - id: terraform_checkov
+ args:
+ - --args=--quiet
+ - --args=--skip-check CKV_AWS_116,CKV_AWS_117,CKV_AWS_173,CKV_AWS_272
+ - repo: https://github.com/pre-commit/pre-commit-hooks
+ rev: v4.4.0
+ hooks:
+ - id: check-merge-conflict
+ - id: end-of-file-fixer
diff --git a/.releaserc.yml b/.releaserc.yml
new file mode 100644
index 0000000..0df2035
--- /dev/null
+++ b/.releaserc.yml
@@ -0,0 +1,71 @@
+branches:
+ - main
+
+ci: false
+
+plugins:
+ - "@semantic-release/commit-analyzer"
+ - "@semantic-release/release-notes-generator"
+ - "@semantic-release/github"
+
+verifyConditions:
+ - '@semantic-release/git'
+ - "@semantic-release/github"
+analyzeCommits:
+ - path: "@semantic-release/commit-analyzer"
+ releaseRules:
+ - type: "feat"
+ release: "patch"
+ - type: "hotfix"
+ release: "patch"
+ - type: "patch"
+ release: "patch"
+ - type: "minor"
+ release: "minor"
+ - type: "breaking"
+ release: "major"
+generateNotes:
+ - path: "@semantic-release/release-notes-generator"
+ writerOpts:
+ groupBy: "type"
+ commitGroupsSort:
+ - "feat"
+ - "perf"
+ - "fix"
+ commitsSort: "header"
+ types:
+ - type: "feat"
+ - section: "Features"
+ # Tracked bug fix with a hotfix branch
+ - type: "hotfix"
+ - section: "Bug Fixes"
+ # Uninmportent fix (CI testing, etc)
+ - type: "fix"
+ - hidden: true
+ - type: "chore"
+ - hidden: true
+ - type: "docs"
+ - hidden: true
+ - type: "doc"
+ - hidden: true
+ - type: "style"
+ - hidden: true
+ - type: "refactor"
+ - hidden: true
+ - type: "perf"
+ - hidden: true
+ - type: "test"
+ - hidden: true
+ presetConfig: true
+prepare:
+ - path: "@semantic-release/git"
+ - path: "@semantic-release/changelog"
+ changelogFile: "docs/CHANGELOG.md"
+publish:
+ - path: "@semantic-release/github"
+
+success:
+ - "@semantic-release/github"
+
+fail:
+ - "@semantic-release/github"
diff --git a/.terraform-docs.yaml b/.terraform-docs.yaml
new file mode 100644
index 0000000..81e5405
--- /dev/null
+++ b/.terraform-docs.yaml
@@ -0,0 +1,8 @@
+formatter: "markdown table"
+sort:
+ enabled: true
+ by: name
+
+output:
+ file: README.md
+ mode: inject
diff --git a/CODE_OF_CONDUCT.md b/CODE_OF_CONDUCT.md
new file mode 100644
index 0000000..46f6807
--- /dev/null
+++ b/CODE_OF_CONDUCT.md
@@ -0,0 +1,132 @@
+
+# Contributor Covenant Code of Conduct
+
+## Our Pledge
+
+We as members, contributors, and leaders pledge to make participation in our
+community a harassment-free experience for everyone, regardless of age, body
+size, visible or invisible disability, ethnicity, sex characteristics, gender
+identity and expression, level of experience, education, socio-economic status,
+nationality, personal appearance, race, caste, color, religion, or sexual
+identity and orientation.
+
+We pledge to act and interact in ways that contribute to an open, welcoming,
+diverse, inclusive, and healthy community.
+
+## Our Standards
+
+Examples of behavior that contributes to a positive environment for our
+community include:
+
+* Demonstrating empathy and kindness toward other people
+* Being respectful of differing opinions, viewpoints, and experiences
+* Giving and gracefully accepting constructive feedback
+* Accepting responsibility and apologizing to those affected by our mistakes,
+ and learning from the experience
+* Focusing on what is best not just for us as individuals, but for the overall
+ community
+
+Examples of unacceptable behavior include:
+
+* The use of sexualized language or imagery, and sexual attention or advances of
+ any kind
+* Trolling, insulting or derogatory comments, and personal or political attacks
+* Public or private harassment
+* Publishing others' private information, such as a physical or email address,
+ without their explicit permission
+* Other conduct which could reasonably be considered inappropriate in a
+ professional setting
+
+## Enforcement Responsibilities
+
+Community leaders are responsible for clarifying and enforcing our standards of
+acceptable behavior and will take appropriate and fair corrective action in
+response to any behavior that they deem inappropriate, threatening, offensive,
+or harmful.
+
+Community leaders have the right and responsibility to remove, edit, or reject
+comments, commits, code, wiki edits, issues, and other contributions that are
+not aligned to this Code of Conduct, and will communicate reasons for moderation
+decisions when appropriate.
+
+## Scope
+
+This Code of Conduct applies within all community spaces, and also applies when
+an individual is officially representing the community in public spaces.
+Examples of representing our community include using an official e-mail address,
+posting via an official social media account, or acting as an appointed
+representative at an online or offline event.
+
+## Enforcement
+
+Instances of abusive, harassing, or otherwise unacceptable behavior may be
+reported to the community leaders responsible for enforcement.
+All complaints will be reviewed and investigated promptly and fairly.
+
+All community leaders are obligated to respect the privacy and security of the
+reporter of any incident.
+
+## Enforcement Guidelines
+
+Community leaders will follow these Community Impact Guidelines in determining
+the consequences for any action they deem in violation of this Code of Conduct:
+
+### 1. Correction
+
+**Community Impact**: Use of inappropriate language or other behavior deemed
+unprofessional or unwelcome in the community.
+
+**Consequence**: A private, written warning from community leaders, providing
+clarity around the nature of the violation and an explanation of why the
+behavior was inappropriate. A public apology may be requested.
+
+### 2. Warning
+
+**Community Impact**: A violation through a single incident or series of
+actions.
+
+**Consequence**: A warning with consequences for continued behavior. No
+interaction with the people involved, including unsolicited interaction with
+those enforcing the Code of Conduct, for a specified period of time. This
+includes avoiding interactions in community spaces as well as external channels
+like social media. Violating these terms may lead to a temporary or permanent
+ban.
+
+### 3. Temporary Ban
+
+**Community Impact**: A serious violation of community standards, including
+sustained inappropriate behavior.
+
+**Consequence**: A temporary ban from any sort of interaction or public
+communication with the community for a specified period of time. No public or
+private interaction with the people involved, including unsolicited interaction
+with those enforcing the Code of Conduct, is allowed during this period.
+Violating these terms may lead to a permanent ban.
+
+### 4. Permanent Ban
+
+**Community Impact**: Demonstrating a pattern of violation of community
+standards, including sustained inappropriate behavior, harassment of an
+individual, or aggression toward or disparagement of classes of individuals.
+
+**Consequence**: A permanent ban from any sort of public interaction within the
+community.
+
+## Attribution
+
+This Code of Conduct is adapted from the [Contributor Covenant][homepage],
+version 2.1, available at
+[https://www.contributor-covenant.org/version/2/1/code_of_conduct.html][v2.1].
+
+Community Impact Guidelines were inspired by
+[Mozilla's code of conduct enforcement ladder][Mozilla CoC].
+
+For answers to common questions about this code of conduct, see the FAQ at
+[https://www.contributor-covenant.org/faq][FAQ]. Translations are available at
+[https://www.contributor-covenant.org/translations][translations].
+
+[homepage]: https://www.contributor-covenant.org
+[v2.1]: https://www.contributor-covenant.org/version/2/1/code_of_conduct.html
+[Mozilla CoC]: https://github.com/mozilla/diversity
+[FAQ]: https://www.contributor-covenant.org/faq
+[translations]: https://www.contributor-covenant.org/translations
diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md
new file mode 100644
index 0000000..2a4488b
--- /dev/null
+++ b/CONTRIBUTING.md
@@ -0,0 +1,35 @@
+# Contributing to Terraform AWS MSK Status Monitor
+
+Thank you for considering contributing to Terraform AWS MSK Status Monitor! We
+welcome all contributions, big or small.
+
+## Getting Started
+
+To get started, follow these steps:
+
+1. Fork the repository.
+2. Clone the forked repository to your local machine.
+3. Create a new branch for your changes.
+4. Make your changes and commit them.
+5. Push your changes to your forked repository.
+6. Open a pull request to the original repository.
+
+## Code Style
+
+Please follow the existing code style in the project.
+
+## Testing
+
+Before submitting a pull request, please make sure that your changes pass all existing tests and add any new tests as necessary.
+
+## Issue Tracker
+
+If you find any bugs or have any feature requests, please open an issue on the [issue tracker](https://github.com/stefanfreitag/terraform-aws-msk-status-monitor/issues).
+
+## Code of Conduct
+
+Please note that we have a [Code of Conduct](https://github.com/stefanfreitag/terraform-aws-msk-status-monitor/blob/main/CODE_OF_CONDUCT.md) in place to ensure that our community is welcoming and inclusive to all.
+
+## License
+
+By contributing to this project, you agree to license your contributions under the Apache-2.0 license.
diff --git a/LICENSE b/LICENSE
new file mode 100644
index 0000000..d645695
--- /dev/null
+++ b/LICENSE
@@ -0,0 +1,202 @@
+
+ Apache License
+ Version 2.0, January 2004
+ http://www.apache.org/licenses/
+
+ TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
+
+ 1. Definitions.
+
+ "License" shall mean the terms and conditions for use, reproduction,
+ and distribution as defined by Sections 1 through 9 of this document.
+
+ "Licensor" shall mean the copyright owner or entity authorized by
+ the copyright owner that is granting the License.
+
+ "Legal Entity" shall mean the union of the acting entity and all
+ other entities that control, are controlled by, or are under common
+ control with that entity. For the purposes of this definition,
+ "control" means (i) the power, direct or indirect, to cause the
+ direction or management of such entity, whether by contract or
+ otherwise, or (ii) ownership of fifty percent (50%) or more of the
+ outstanding shares, or (iii) beneficial ownership of such entity.
+
+ "You" (or "Your") shall mean an individual or Legal Entity
+ exercising permissions granted by this License.
+
+ "Source" form shall mean the preferred form for making modifications,
+ including but not limited to software source code, documentation
+ source, and configuration files.
+
+ "Object" form shall mean any form resulting from mechanical
+ transformation or translation of a Source form, including but
+ not limited to compiled object code, generated documentation,
+ and conversions to other media types.
+
+ "Work" shall mean the work of authorship, whether in Source or
+ Object form, made available under the License, as indicated by a
+ copyright notice that is included in or attached to the work
+ (an example is provided in the Appendix below).
+
+ "Derivative Works" shall mean any work, whether in Source or Object
+ form, that is based on (or derived from) the Work and for which the
+ editorial revisions, annotations, elaborations, or other modifications
+ represent, as a whole, an original work of authorship. For the purposes
+ of this License, Derivative Works shall not include works that remain
+ separable from, or merely link (or bind by name) to the interfaces of,
+ the Work and Derivative Works thereof.
+
+ "Contribution" shall mean any work of authorship, including
+ the original version of the Work and any modifications or additions
+ to that Work or Derivative Works thereof, that is intentionally
+ submitted to Licensor for inclusion in the Work by the copyright owner
+ or by an individual or Legal Entity authorized to submit on behalf of
+ the copyright owner. For the purposes of this definition, "submitted"
+ means any form of electronic, verbal, or written communication sent
+ to the Licensor or its representatives, including but not limited to
+ communication on electronic mailing lists, source code control systems,
+ and issue tracking systems that are managed by, or on behalf of, the
+ Licensor for the purpose of discussing and improving the Work, but
+ excluding communication that is conspicuously marked or otherwise
+ designated in writing by the copyright owner as "Not a Contribution."
+
+ "Contributor" shall mean Licensor and any individual or Legal Entity
+ on behalf of whom a Contribution has been received by Licensor and
+ subsequently incorporated within the Work.
+
+ 2. Grant of Copyright License. Subject to the terms and conditions of
+ this License, each Contributor hereby grants to You a perpetual,
+ worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+ copyright license to reproduce, prepare Derivative Works of,
+ publicly display, publicly perform, sublicense, and distribute the
+ Work and such Derivative Works in Source or Object form.
+
+ 3. Grant of Patent License. Subject to the terms and conditions of
+ this License, each Contributor hereby grants to You a perpetual,
+ worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+ (except as stated in this section) patent license to make, have made,
+ use, offer to sell, sell, import, and otherwise transfer the Work,
+ where such license applies only to those patent claims licensable
+ by such Contributor that are necessarily infringed by their
+ Contribution(s) alone or by combination of their Contribution(s)
+ with the Work to which such Contribution(s) was submitted. If You
+ institute patent litigation against any entity (including a
+ cross-claim or counterclaim in a lawsuit) alleging that the Work
+ or a Contribution incorporated within the Work constitutes direct
+ or contributory patent infringement, then any patent licenses
+ granted to You under this License for that Work shall terminate
+ as of the date such litigation is filed.
+
+ 4. Redistribution. You may reproduce and distribute copies of the
+ Work or Derivative Works thereof in any medium, with or without
+ modifications, and in Source or Object form, provided that You
+ meet the following conditions:
+
+ (a) You must give any other recipients of the Work or
+ Derivative Works a copy of this License; and
+
+ (b) You must cause any modified files to carry prominent notices
+ stating that You changed the files; and
+
+ (c) You must retain, in the Source form of any Derivative Works
+ that You distribute, all copyright, patent, trademark, and
+ attribution notices from the Source form of the Work,
+ excluding those notices that do not pertain to any part of
+ the Derivative Works; and
+
+ (d) If the Work includes a "NOTICE" text file as part of its
+ distribution, then any Derivative Works that You distribute must
+ include a readable copy of the attribution notices contained
+ within such NOTICE file, excluding those notices that do not
+ pertain to any part of the Derivative Works, in at least one
+ of the following places: within a NOTICE text file distributed
+ as part of the Derivative Works; within the Source form or
+ documentation, if provided along with the Derivative Works; or,
+ within a display generated by the Derivative Works, if and
+ wherever such third-party notices normally appear. The contents
+ of the NOTICE file are for informational purposes only and
+ do not modify the License. You may add Your own attribution
+ notices within Derivative Works that You distribute, alongside
+ or as an addendum to the NOTICE text from the Work, provided
+ that such additional attribution notices cannot be construed
+ as modifying the License.
+
+ You may add Your own copyright statement to Your modifications and
+ may provide additional or different license terms and conditions
+ for use, reproduction, or distribution of Your modifications, or
+ for any such Derivative Works as a whole, provided Your use,
+ reproduction, and distribution of the Work otherwise complies with
+ the conditions stated in this License.
+
+ 5. Submission of Contributions. Unless You explicitly state otherwise,
+ any Contribution intentionally submitted for inclusion in the Work
+ by You to the Licensor shall be under the terms and conditions of
+ this License, without any additional terms or conditions.
+ Notwithstanding the above, nothing herein shall supersede or modify
+ the terms of any separate license agreement you may have executed
+ with Licensor regarding such Contributions.
+
+ 6. Trademarks. This License does not grant permission to use the trade
+ names, trademarks, service marks, or product names of the Licensor,
+ except as required for reasonable and customary use in describing the
+ origin of the Work and reproducing the content of the NOTICE file.
+
+ 7. Disclaimer of Warranty. Unless required by applicable law or
+ agreed to in writing, Licensor provides the Work (and each
+ Contributor provides its Contributions) on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+ implied, including, without limitation, any warranties or conditions
+ of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
+ PARTICULAR PURPOSE. You are solely responsible for determining the
+ appropriateness of using or redistributing the Work and assume any
+ risks associated with Your exercise of permissions under this License.
+
+ 8. Limitation of Liability. In no event and under no legal theory,
+ whether in tort (including negligence), contract, or otherwise,
+ unless required by applicable law (such as deliberate and grossly
+ negligent acts) or agreed to in writing, shall any Contributor be
+ liable to You for damages, including any direct, indirect, special,
+ incidental, or consequential damages of any character arising as a
+ result of this License or out of the use or inability to use the
+ Work (including but not limited to damages for loss of goodwill,
+ work stoppage, computer failure or malfunction, or any and all
+ other commercial damages or losses), even if such Contributor
+ has been advised of the possibility of such damages.
+
+ 9. Accepting Warranty or Additional Liability. While redistributing
+ the Work or Derivative Works thereof, You may choose to offer,
+ and charge a fee for, acceptance of support, warranty, indemnity,
+ or other liability obligations and/or rights consistent with this
+ License. However, in accepting such obligations, You may act only
+ on Your own behalf and on Your sole responsibility, not on behalf
+ of any other Contributor, and only if You agree to indemnify,
+ defend, and hold each Contributor harmless for any liability
+ incurred by, or claims asserted against, such Contributor by reason
+ of your accepting any such warranty or additional liability.
+
+ END OF TERMS AND CONDITIONS
+
+ APPENDIX: How to apply the Apache License to your work.
+
+ To apply the Apache License to your work, attach the following
+ boilerplate notice, with the fields enclosed by brackets "[]"
+ replaced with your own identifying information. (Don't include
+ the brackets!) The text should be enclosed in the appropriate
+ comment syntax for the file format. We also recommend that a
+ file or class name and description of purpose be included on the
+ same "printed page" as the copyright notice for easier
+ identification within third-party archives.
+
+ Copyright [yyyy] [name of copyright owner]
+
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
diff --git a/README.md b/README.md
index 37008fd..9281459 100644
--- a/README.md
+++ b/README.md
@@ -1,4 +1,4 @@
-# terraform-aws-fsx-health
+# terraform-aws-msk-health
[](https://releases.hashicorp.com/terraform/)
[](https://opensource.org/licenses/Apache-2.0)
@@ -11,6 +11,7 @@ This module deploys a Lambda function that checks the health of MSK cluster and
| Name | Version |
|------|---------|
| [terraform](#requirement\_terraform) | >= 1.0 |
+| [archive](#requirement\_archive) | 2.4.0 |
| [aws](#requirement\_aws) | >= 5.0 |
| [random](#requirement\_random) | >=3.5.1 |
@@ -18,7 +19,7 @@ This module deploys a Lambda function that checks the health of MSK cluster and
| Name | Version |
|------|---------|
-| [archive](#provider\_archive) | n/a |
+| [archive](#provider\_archive) | 2.4.0 |
| [aws](#provider\_aws) | >= 5.0 |
| [random](#provider\_random) | >=3.5.1 |
@@ -30,14 +31,18 @@ No modules.
| Name | Type |
|------|------|
+| [aws_cloudwatch_event_rule.msk_health_lambda_schedule](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_event_rule) | resource |
+| [aws_cloudwatch_event_target.msk_health_lambda_target](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_event_target) | resource |
+| [aws_cloudwatch_log_group.msk_health_lambda_log_groups](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_log_group) | resource |
| [aws_iam_policy.msk_health_lambda_role_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_policy) | resource |
| [aws_iam_role.msk_health_lambda_role](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role) | resource |
| [aws_iam_role_policy_attachment.msk_health_permissions](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy_attachment) | resource |
-| [aws_lambda_function.terraform_lambda_func](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/lambda_function) | resource |
+| [aws_lambda_function.msk_health_lambda](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/lambda_function) | resource |
+| [aws_lambda_permission.allow_cw_call_lambda](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/lambda_permission) | resource |
| [aws_sns_topic.msk_health_sns_topic](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/sns_topic) | resource |
| [aws_sns_topic_subscription.msk_health_sns_topic_email_target](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/sns_topic_subscription) | resource |
| [random_id.id](https://registry.terraform.io/providers/hashicorp/random/latest/docs/resources/id) | resource |
-| [archive_file.status_checker_code](https://registry.terraform.io/providers/hashicorp/archive/latest/docs/data-sources/file) | data source |
+| [archive_file.status_checker_code](https://registry.terraform.io/providers/hashicorp/archive/2.4.0/docs/data-sources/file) | data source |
| [aws_caller_identity.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/caller_identity) | data source |
| [aws_region.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/region) | data source |
@@ -46,6 +51,7 @@ No modules.
| Name | Description | Type | Default | Required |
|------|-------------|------|---------|:--------:|
| [email](#input\_email) | List of e-mail addresses subscribing to the SNS topic. Default is empty list. | `list(string)` | `[]` | no |
+| [schedule\_expression](#input\_schedule\_expression) | The schedule expression for the CloudWatch event rule. Default is 'rate(15 minutes)'. | `string` | `"rate(15 minutes)"` | no |
| [tags](#input\_tags) | A map of tags to add to all resources. Default is empty map. | `map(string)` | `{}` | no |
## Outputs
diff --git a/data.tf b/data.tf
new file mode 100644
index 0000000..361d68d
--- /dev/null
+++ b/data.tf
@@ -0,0 +1,12 @@
+# AWS account information
+data "aws_caller_identity" "current" {}
+
+# AWS region information
+data "aws_region" "current" {}
+
+
+data "archive_file" "status_checker_code" {
+ type = "zip"
+ source_dir = "${path.module}/functions/check-msk-status/"
+ output_path = "${path.module}/python/hello-python.zip"
+}
diff --git a/examples/01_default_configuration/README.md b/examples/01_default_configuration/README.md
new file mode 100644
index 0000000..8ceb592
--- /dev/null
+++ b/examples/01_default_configuration/README.md
@@ -0,0 +1,30 @@
+
+## Requirements
+
+| Name | Version |
+|------|---------|
+| [terraform](#requirement\_terraform) | ~>1.5 |
+| [aws](#requirement\_aws) | ~>5.0 |
+
+## Providers
+
+No providers.
+
+## Modules
+
+| Name | Source | Version |
+|------|--------|---------|
+| [msk\_monitor](#module\_msk\_monitor) | ../.. | n/a |
+
+## Resources
+
+No resources.
+
+## Inputs
+
+No inputs.
+
+## Outputs
+
+No outputs.
+
\ No newline at end of file
diff --git a/examples/01_default_configuration/main.tf b/examples/01_default_configuration/main.tf
new file mode 100644
index 0000000..754cf3d
--- /dev/null
+++ b/examples/01_default_configuration/main.tf
@@ -0,0 +1,6 @@
+module "msk_monitor" {
+ source = "../.."
+ tags = {
+ "Name" = "msk-monitor"
+ }
+}
diff --git a/examples/01_default_configuration/provider.tf b/examples/01_default_configuration/provider.tf
new file mode 100644
index 0000000..e69de29
diff --git a/examples/01_default_configuration/variables.tf b/examples/01_default_configuration/variables.tf
new file mode 100644
index 0000000..e69de29
diff --git a/examples/01_default_configuration/versions.tf b/examples/01_default_configuration/versions.tf
new file mode 100644
index 0000000..618c4f4
--- /dev/null
+++ b/examples/01_default_configuration/versions.tf
@@ -0,0 +1,9 @@
+terraform {
+ required_version = "~>1.5"
+ required_providers {
+ aws = {
+ source = "hashicorp/aws"
+ version = "~>5.0"
+ }
+ }
+}
diff --git a/functions/check-msk-status/index.py b/functions/check-msk-status/index.py
new file mode 100644
index 0000000..0e5521d
--- /dev/null
+++ b/functions/check-msk-status/index.py
@@ -0,0 +1,37 @@
+import boto3
+import os
+
+def lambda_handler(event, context):
+ LAMBDASNSTOPIC = os.environ['SNS_TOPIC_ARN']
+ region = 'eu-central-1'
+ # Create an MSK client
+ client = boto3.client('kafka', region_name=region)
+ # Retrieve a list of clusters
+ response = client.list_clusters()
+ # Extract the cluster ARNs from the response
+ cluster_arns = response['ClusterInfoList']
+
+ for cluster in cluster_arns:
+ arn = cluster['ClusterArn']
+ response = client.describe_cluster(ClusterArn=arn)
+ status = response['ClusterInfo']['State']
+ sns_client = boto3.client('sns')
+
+ if status != 'ACTIVE':
+ print("The MSK cluster: {} needs attention.".format(arn))
+ sns_client.publish(TopicArn=LAMBDASNSTOPIC,
+ Message="MSK cluster: " + arn + " needs attention. The status is: " + status,
+ Subject="MSK Health Warning!")
+ else:
+ print(
+ "The MSK cluster: {} is in a healthy state, and is reachable and available for use.".format(
+ arn))
+
+ # Return the status
+ return {
+ 'statusCode': 200,
+ 'body': 'OK'
+ }
+
+if __name__ == '__main__':
+ lambda_handler(None, None)
diff --git a/functions/check-msk-status/requirements.txt b/functions/check-msk-status/requirements.txt
new file mode 100644
index 0000000..d8f08d5
--- /dev/null
+++ b/functions/check-msk-status/requirements.txt
@@ -0,0 +1,7 @@
+boto3==1.28.63
+botocore==1.31.63
+jmespath==1.0.1
+python-dateutil==2.8.2
+s3transfer==0.7.0
+six==1.16.0
+urllib3==2.0.6
diff --git a/main.tf b/main.tf
new file mode 100644
index 0000000..77e477d
--- /dev/null
+++ b/main.tf
@@ -0,0 +1,142 @@
+# A random identifier used for naming resources
+resource "random_id" "id" {
+ byte_length = 8
+}
+
+# The SNS topic to send notifications to
+resource "aws_sns_topic" "msk_health_sns_topic" {
+ name = "msk-health-topic-${random_id.id.hex}"
+ kms_master_key_id = "alias/aws/sns"
+ tags = var.tags
+}
+
+# SNS subscriptions
+resource "aws_sns_topic_subscription" "msk_health_sns_topic_email_target" {
+ for_each = toset(var.email)
+ topic_arn = aws_sns_topic.msk_health_sns_topic.arn
+ protocol = "email"
+ endpoint = each.value
+}
+
+# IAM role
+resource "aws_iam_role" "msk_health_lambda_role" {
+ name = "msk-health-lambda-role-${random_id.id.hex}"
+
+ assume_role_policy = <