Skip to content

IPS-668: Alert for Verify Failed access token generation and retrieval #66

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Draft
madankaruppiah wants to merge 2 commits into
base: main
Choose a base branch
from
Draft

IPS-668: Alert for Verify Failed access token generation and retrieval #66

Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
c56ddb5
IPS-668: Alert for Verify Failed access token generation and retrieval
madankaruppiah Apr 11, 2024
5bcb414
Added BearerTokenRetrievalStateMachineLogGroup as a placeholder for L…
madankaruppiah Apr 11, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
163 changes: 162 additions & 1 deletion infrastructure/template.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -1017,7 +1017,168 @@ Resources:
MetricNamespace: otg-hmrc-service
MetricName: FailTokenGenerationMetric

# BackEnd5xxAlarms
VerifyFailedAccessTokenGenerationMessageCodeMetricFilter:
Type: AWS::Logs::MetricFilter
Condition: "DeployAlarms"
Properties:
LogGroupName: !Ref BearerTokenRetrievalStateMachineLogGroup #Added the log group as a placeholder
FilterPattern: "{ $.messageCode =* }"
MetricTransformations:
- MetricValue: "1"
MetricNamespace: !Sub "${AWS::StackName}/LogMessages"
MetricName: "VerifyAccessTokenGeneration-messageCode"
Dimensions:
- Key: MessageCode
Value: $.messageCode

VerifyFailedAccessTokenGenerationLowThresholdAlarm:
DependsOn:
- "VerifyFailedAccessTokenGenerationMessageCodeMetricFilter"
Type: AWS::CloudWatch::Alarm
Condition: DeployAlarms
Properties:
AlarmName: !Sub "${AWS::StackName}-VerifyFailedAccessTokenGenerationAlarm"
AlarmDescription: !Sub "There has been an error generatingthe acces token. ${SupportManualURL}"
ActionsEnabled: true
OKActions:
- !ImportValue platform-alarm-warning-alert-topic
AlarmActions:
- !ImportValue platform-alarm-warning-alert-topic
InsufficientDataActions: [ ]
Dimensions: [ ]
EvaluationPeriods: 1
DatapointsToAlarm: 1
Threshold: 1
ComparisonOperator: GreaterThanOrEqualToThreshold
TreatMissingData: notBreaching
Metrics:
- Id: error
ReturnData: true
MetricStat:
Metric:
Namespace: !Sub "${AWS::StackName}/LogMessages"
MetricName: VerifyAccessTokenGeneration-messageCode
Dimensions:
- Name: MessageCode
Value: EVENT_PLACEHOLDER
Period: 60
Stat: Sum

VerifyFailedAccessTokenGenerationCriticalAlarm:
DependsOn:
- "VerifyFailedAccessTokenGenerationMessageCodeMetricFilter"
Type: AWS::CloudWatch::Alarm
Condition: DeployAlarms
Properties:
AlarmName: !Sub "${AWS::StackName}-VerifyFailedAccessTokenGenerationCriticalAlarm"
AlarmDescription: !Sub "There has been an error Generating the Access Token. ${SupportManualURL}"
ActionsEnabled: true
OKActions:
- !ImportValue platform-alarm-critical-alert-topic
AlarmActions:
- !ImportValue platform-alarm-critical-alert-topic
InsufficientDataActions: [ ]
Dimensions: [ ]
EvaluationPeriods: 1
DatapointsToAlarm: 1
Threshold: 10
ComparisonOperator: GreaterThanOrEqualToThreshold
TreatMissingData: notBreaching
Metrics:
- Id: error
ReturnData: true
MetricStat:
Metric:
Namespace: !Sub "${AWS::StackName}/LogMessages"
MetricName: VerifyAccessTokenGeneration-messageCode
Dimensions:
- Name: MessageCode
Value: EVENT_PLACEHOLDER
Period: 300
Stat: Sum

VerifyFailedAccessTokenRetrievalMessageCodeMetricFilter:
Type: AWS::Logs::MetricFilter
Condition: "DeployAlarms"
Properties:
LogGroupName: !Ref BearerTokenRetrievalStateMachineLogGroup #Added the log group as a placeholder
FilterPattern: "{ $.messageCode =* }"
MetricTransformations:
- MetricValue: "1"
MetricNamespace: !Sub "${AWS::StackName}/LogMessages"
MetricName: "VerifyAccessTokenRetrieval-messageCode"
Dimensions:
- Key: MessageCode
Value: $.messageCode

VerifyFailedAccessTokenRetrievalLowThresholdAlarm:
DependsOn:
- "VerifyFailedAccessTokenRetrievalMessageCodeMetricFilter"
Type: AWS::CloudWatch::Alarm
Condition: DeployAlarms
Properties:
AlarmName: !Sub "${AWS::StackName}-VerifyFailedAccessTokenRetrievalAlarm"
AlarmDescription: !Sub "There has been an error retrieving the acces token. ${SupportManualURL}"
ActionsEnabled: true
OKActions:
- !ImportValue platform-alarm-warning-alert-topic
AlarmActions:
- !ImportValue platform-alarm-warning-alert-topic
InsufficientDataActions: [ ]
Dimensions: [ ]
EvaluationPeriods: 1
DatapointsToAlarm: 1
Threshold: 1
ComparisonOperator: GreaterThanOrEqualToThreshold
TreatMissingData: notBreaching
Metrics:
- Id: error
ReturnData: true
MetricStat:
Metric:
Namespace: !Sub "${AWS::StackName}/LogMessages"
MetricName: VerifyAccessTokenRetrieval-messageCode
Dimensions:
- Name: MessageCode
Value: EVENT_PLACEHOLDER
Period: 60
Stat: Sum

VerifyFailedAccessTokenRetrievalCriticalAlarm:
DependsOn:
- "VerifyFailedAccessTokenRetrievalMessageCodeMetricFilter"
Type: AWS::CloudWatch::Alarm
Condition: DeployAlarms
Properties:
AlarmName: !Sub "${AWS::StackName}-VerifyFailedAccessTokenRetrievalCriticalAlarm"
AlarmDescription: !Sub "There has been an error Retrieving the Access Token. ${SupportManualURL}"
ActionsEnabled: true
OKActions:
- !ImportValue platform-alarm-critical-alert-topic
AlarmActions:
- !ImportValue platform-alarm-critical-alert-topic
InsufficientDataActions: [ ]
Dimensions: [ ]
EvaluationPeriods: 1
DatapointsToAlarm: 1
Threshold: 10
ComparisonOperator: GreaterThanOrEqualToThreshold
TreatMissingData: notBreaching
Metrics:
- Id: error
ReturnData: true
MetricStat:
Metric:
Namespace: !Sub "${AWS::StackName}/LogMessages"
MetricName: VerifyAccessTokenRetrieval-messageCode
Dimensions:
- Name: MessageCode
Value: EVENT_PLACEHOLDER
Period: 300
Stat: Sum

# BackEnd5xxAlarms

5XXErrorAlarm:
Type: AWS::CloudWatch::Alarm
Condition: DeployAlarms
Expand Down