diff --git a/CloudWatchAutoAlarms.yaml b/CloudWatchAutoAlarms.yaml index 9f011d3..879e686 100755 --- a/CloudWatchAutoAlarms.yaml +++ b/CloudWatchAutoAlarms.yaml @@ -146,6 +146,7 @@ Resources: Variables: ALARM_TAG: Create_Auto_Alarms CREATE_DEFAULT_ALARMS: true + SKIP_DEFAULT_ALARMS_TAG: Skip_Default_Alarms LOCAL_ACCOUNT_ID: !Ref AWS::AccountId CLOUDWATCH_NAMESPACE: CWAgent ALARM_CPU_HIGH_THRESHOLD: 75 diff --git a/src/actions.py b/src/actions.py index ca1e730..12edc0f 100755 --- a/src/actions.py +++ b/src/actions.py @@ -726,7 +726,7 @@ def delete_alarms(name, alarm_identifier, alarm_separator, region, account_id=No 'Error deleting alarms for {}!: {}'.format(name, e)) -def scan_and_process_alarm_tags(create_alarm_tag, default_alarms, metric_dimensions_map, sns_topic_arn, cw_namespace, create_default_alarms_flag, alarm_separator, alarm_identifier, region, account_id=None): +def scan_and_process_alarm_tags(create_alarm_tag, default_alarms, metric_dimensions_map, sns_topic_arn, cw_namespace, create_default_alarms_flag, skip_default_alarms_tag, alarm_separator, alarm_identifier, region, account_id=None): """ Scans EC2 instances and processes alarm tags. If an account ID is provided, assumes a cross-account role to access the EC2 client. @@ -752,10 +752,19 @@ def scan_and_process_alarm_tags(create_alarm_tag, default_alarms, metric_dimensi if instance["State"]["Code"] > 16: continue - if check_alarm_tag(instance["InstanceId"], create_alarm_tag, region, account_id): + has_create_alarm_tag = check_alarm_tag(instance["InstanceId"], create_alarm_tag, region, account_id) + create_instance_default_alarms_flag = create_default_alarms_flag + + if has_create_alarm_tag: + if create_instance_default_alarms_flag: + has_skip_default_alarms_tag = check_alarm_tag(instance["InstanceId"], skip_default_alarms_tag, region, account_id) + + if has_skip_default_alarms_tag: + create_instance_default_alarms_flag = False + process_alarm_tags(instance["InstanceId"], instance, default_filtered_alarms, wildcard_alarms, - metric_dimensions_map, sns_topic_arn, cw_namespace, create_default_alarms_flag, - alarm_separator, alarm_identifier, region, account_id) + metric_dimensions_map, sns_topic_arn, cw_namespace, create_instance_default_alarms_flag, + alarm_separator, alarm_identifier, region) except Exception as e: logger.error('Failure describing reservations: {}'.format(e)) diff --git a/src/cw_auto_alarms.py b/src/cw_auto_alarms.py index 4180285..0dca2fe 100755 --- a/src/cw_auto_alarms.py +++ b/src/cw_auto_alarms.py @@ -25,6 +25,7 @@ def lambda_handler(event, context): cw_namespace = getenv("CLOUDWATCH_NAMESPACE", "CWAgent") create_default_alarms_flag = getenv("CREATE_DEFAULT_ALARMS", "true").lower() + skip_default_alarms_tag = getenv("SKIP_DEFAULT_ALARMS_TAG", "Skip_Default_Alarms").lower() append_dimensions = getenv("CLOUDWATCH_APPEND_DIMENSIONS", 'InstanceId, ImageId, InstanceType') append_dimensions = [dimension.strip() for dimension in append_dimensions.split(',')] @@ -294,14 +295,14 @@ def lambda_handler(event, context): logger.info(f"Processing region {region}") # Call scan_and_process_alarm_tags for the account and region scan_and_process_alarm_tags(create_alarm_tag, default_alarms, metric_dimensions_map, sns_topic_arn, - cw_namespace, create_default_alarms_flag, alarm_separator, alarm_identifier, region, account_id) + cw_namespace, create_default_alarms_flag, skip_default_alarms_tag, alarm_separator, alarm_identifier, region, account_id) else: # Call scan_and_process_alarm_tags for single account for region in target_regions: logger.info(f"Processing region {region}") # Call scan_and_process_alarm_tags for the account and region scan_and_process_alarm_tags(create_alarm_tag, default_alarms, metric_dimensions_map, sns_topic_arn, - cw_namespace, create_default_alarms_flag, alarm_separator, alarm_identifier, region) + cw_namespace, create_default_alarms_flag, skip_default_alarms_tag, alarm_separator, alarm_identifier, region) except Exception as e: # If any other exceptions which we didn't expect are raised