Merge branch 'main' into post-1.25-tests

ministryofjustice · Nov 20, 2023 · 0807612 · 0807612
2 parents 9ec65ac + 41318e0
commit 0807612
Show file tree

Hide file tree

Showing 3 changed files with 19 additions and 7 deletions.
diff --git a/terraform/aws-accounts/cloud-platform-aws/vpc/eks/components/components.tf b/terraform/aws-accounts/cloud-platform-aws/vpc/eks/components/components.tf
@@ -179,7 +179,7 @@ module "monitoring" {
 }
 
 module "gatekeeper" {
-  source     = "github.com/ministryofjustice/cloud-platform-terraform-gatekeeper?ref=1.9.1"
+  source     = "github.com/ministryofjustice/cloud-platform-terraform-gatekeeper?ref=1.9.2"
   depends_on = [module.monitoring, module.modsec_ingress_controllers_v1, module.cert_manager]
 
   dryrun_map = {
@@ -234,7 +234,7 @@ module "velero" {
 }
 
 module "kuberhealthy" {
-  source = "github.com/ministryofjustice/cloud-platform-terraform-kuberhealthy?ref=1.2.8"
+  source = "github.com/ministryofjustice/cloud-platform-terraform-kuberhealthy?ref=1.2.9"
 
   dependence_prometheus = module.monitoring.prometheus_operator_crds_status
 }

diff --git a/terraform/aws-accounts/cloud-platform-ephemeral-test/account/kibana-alerts.tf b/terraform/aws-accounts/cloud-platform-ephemeral-test/account/kibana-alerts.tf
@@ -122,7 +122,7 @@ resource "elasticsearch_opensearch_monitor" "psa_violations" {
       {
          "search": {
             "indices": [
-               "live-kubernetes-*"
+               "live_kubernetes_cluster*"
             ],
             "query": {
                "size": 0,

diff --git a/terraform/global-resources/kibana-alerts.tf b/terraform/global-resources/kibana-alerts.tf
@@ -122,7 +122,7 @@ resource "elasticsearch_opensearch_monitor" "psa_violations" {
       {
          "search": {
             "indices": [
-               "live-kubernetes-*"
+               "live_kubernetes_cluster*"
             ],
             "query": {
                "size": 0,
@@ -132,6 +132,18 @@ resource "elasticsearch_opensearch_monitor" "psa_violations" {
                      "adjust_pure_negative": true,
                      "boost": 1,
                      "filter": [
+                        {
+                           "range": {
+                              "@timestamp": {
+                                 "boost": 1,
+                                 "from": "{{period_end}}||-10m",
+                                 "to": "{{period_end}}",
+                                 "include_lower": true,
+                                 "include_upper": true,
+                                 "format": "epoch_millis"
+                              }
+                           }
+                        },
                         {
                             "multi_match": {
                               "type": "phrase",
@@ -190,15 +202,15 @@ resource "elasticsearch_opensearch_monitor" "psa_violations" {
                "destination_id": "${elasticsearch_opensearch_destination.cloud_platform_alerts.id}",
                "throttle_enabled": true,
                "throttle": {
-                  "value": 60,
+                  "value": 1440,
                   "unit": "MINUTES"
                },
                "message_template": {
-                  "source": "Monitor {{ctx.monitor.name}} just entered alert status. Please investigate the issue.\n- Trigger: {{ctx.trigger.name}}\n- Severity: {{ctx.trigger.severity}}\n- Period start: {{ctx.periodStart}}\n- Period end: {{ctx.periodEnd}}\n- Contact the user to rectify.",
+                  "source": "Search \"violates PodSecurity\" on Kibana and investigate the affected namespaces.\nContact the user to rectify.",
                   "lang": "mustache"
                },
                "subject_template": {
-                  "source": "PodSecurity Violations found",
+                  "source": "One or more namespaces have PodSecurity Violations in the past 10 minutes.",
                   "lang": "mustache"
                }
             }