From 590d87776eae91ff76352d226e6a3e0c1212aa11 Mon Sep 17 00:00:00 2001
From: Ash Davies <3853061+DrizzlyOwl@users.noreply.github.com>
Date: Mon, 16 Oct 2023 12:35:39 +0100
Subject: [PATCH] Added Statuscake TLS Monitor
* This will allow us to get Slack alerts as the day of expiry approaches
---
terraform/README.md | 2 ++
terraform/locals.tf | 2 ++
terraform/statuscake-tls-monitor.tf | 12 ++++++++++++
terraform/variables.tf | 6 ++++++
4 files changed, 22 insertions(+)
create mode 100644 terraform/statuscake-tls-monitor.tf
diff --git a/terraform/README.md b/terraform/README.md
index 3783e98ef..9a071fd3a 100644
--- a/terraform/README.md
+++ b/terraform/README.md
@@ -141,6 +141,7 @@ If everything looks good, answer `yes` and wait for the new infrastructure to be
|------|--------|---------|
| [azure\_container\_apps\_hosting](#module\_azure\_container\_apps\_hosting) | github.com/DFE-Digital/terraform-azurerm-container-apps-hosting | v1.1.0 |
| [azurerm\_key\_vault](#module\_azurerm\_key\_vault) | github.com/DFE-Digital/terraform-azurerm-key-vault-tfvars | v0.2.1 |
+| [statuscake-tls-monitor](#module\_statuscake-tls-monitor) | github.com/dfe-digital/terraform-statuscake-tls-monitor | v0.1.0 |
## Resources
@@ -201,6 +202,7 @@ If everything looks good, answer `yes` and wait for the new infrastructure to be
| [project\_name](#input\_project\_name) | Project name. Will be used along with `environment` as a prefix for all resources. | `string` | n/a | yes |
| [redis\_cache\_capacity](#input\_redis\_cache\_capacity) | Redis Cache Capacity | `number` | n/a | yes |
| [redis\_cache\_sku](#input\_redis\_cache\_sku) | Redis Cache SKU | `string` | n/a | yes |
+| [statuscake\_api\_token](#input\_statuscake\_api\_token) | API token for StatusCake | `string` | n/a | yes |
| [tags](#input\_tags) | Tags to be applied to all resources | `map(string)` | n/a | yes |
| [tfvars\_filename](#input\_tfvars\_filename) | tfvars filename. This file is uploaded and stored encrypted within Key Vault, to ensure that the latest tfvars are stored in a shared place. | `string` | n/a | yes |
| [virtual\_network\_address\_space](#input\_virtual\_network\_address\_space) | Virtual network address space CIDR | `string` | n/a | yes |
diff --git a/terraform/locals.tf b/terraform/locals.tf
index 4974067ff..656eff213 100644
--- a/terraform/locals.tf
+++ b/terraform/locals.tf
@@ -49,4 +49,6 @@ locals {
key_vault_access_users = var.key_vault_access_users
key_vault_access_ipv4 = var.key_vault_access_ipv4
tfvars_filename = var.tfvars_filename
+ statuscake_api_token = var.statuscake_api_token
+ statuscake_monitored_resource_address = "https://${local.dns_zone_domain_name}${monitor_endpoint_healthcheck}"
}
diff --git a/terraform/statuscake-tls-monitor.tf b/terraform/statuscake-tls-monitor.tf
new file mode 100644
index 000000000..157713982
--- /dev/null
+++ b/terraform/statuscake-tls-monitor.tf
@@ -0,0 +1,12 @@
+module "statuscake-tls-monitor" {
+ source = "github.com/dfe-digital/terraform-statuscake-tls-monitor?ref=v0.1.0"
+
+ statuscake_api_token = local.statuscake_api_token
+ statuscake_monitored_resource_address = local.statuscake_monitored_resource_address
+ statuscake_alert_at = [ # days to alert on
+ 60, 30, 14, 7, 3, 1
+ ]
+ statuscake_contact_group_name = "Find Information About Academies And Trusts"
+ statuscake_contact_group_email_addresses = local.monitor_email_receivers
+ statuscake_contact_group_integrations = ["53598"]
+}
diff --git a/terraform/variables.tf b/terraform/variables.tf
index a777182c4..c1f88a991 100644
--- a/terraform/variables.tf
+++ b/terraform/variables.tf
@@ -277,3 +277,9 @@ variable "tfvars_filename" {
description = "tfvars filename. This file is uploaded and stored encrypted within Key Vault, to ensure that the latest tfvars are stored in a shared place."
type = string
}
+
+variable "statuscake_api_token" {
+ description = "API token for StatusCake"
+ type = string
+ sensitive = true
+}