diff --git a/src/aks-platform/02_aks.tf b/src/aks-platform/02_aks.tf
index 3caeb49470..4446857ca9 100644
--- a/src/aks-platform/02_aks.tf
+++ b/src/aks-platform/02_aks.tf
@@ -21,8 +21,8 @@ module "aks" {
oidc_issuer_enabled = var.aks_enable_workload_identity
## Prometheus managed
- # ff: enabled on DEV
- enable_prometheus_monitor_metrics = var.env_short == "d" ? true : false
+ # ff: enabled on DEV/UAT
+ enable_prometheus_monitor_metrics = var.env_short != "p" ? true : false
# ff: Enabled cost analysis on UAT/PROD
cost_analysis_enabled = var.env_short != "d" ? true : false
diff --git a/src/aks-platform/05_monitoring.tf b/src/aks-platform/05_monitoring.tf
index 4ef8dbf429..713f934400 100644
--- a/src/aks-platform/05_monitoring.tf
+++ b/src/aks-platform/05_monitoring.tf
@@ -103,7 +103,7 @@ module "opencosts" {
resource "kubernetes_manifest" "service_monitor" {
count = var.env_short == "d" ? 1 : 0
manifest = {
- "apiVersion" : "monitoring.coreos.com/v1"
+ "apiVersion" : "azmonitoring.coreos.com/v1"
"kind" : "ServiceMonitor"
"metadata" : {
"name" : "prometheus-opencosts"
@@ -136,14 +136,14 @@ resource "kubernetes_manifest" "service_monitor" {
# Refer: Resource created on next-core 02_monitor.tf
data "azurerm_monitor_workspace" "workspace" {
- count = var.env == "dev" ? 1 : 0
- name = "pagopa-${var.env_short}-${var.location}-monitor-workspace"
+ count = var.env != "prod" ? 1 : 0
+ name = "pagopa-${var.env_short}-monitor-workspace"
resource_group_name = "pagopa-${var.env_short}-monitor-rg"
}
module "prometheus_managed_addon" {
- count = var.env == "dev" ? 1 : 0
- source = "git::https://github.com/pagopa/terraform-azurerm-v3.git//kubernetes_prometheus_managed?ref=v8.80.0"
+ count = var.env != "prod" ? 1 : 0
+ source = "git::https://github.com/pagopa/terraform-azurerm-v3.git//kubernetes_prometheus_managed?ref=v8.82.0"
cluster_name = module.aks.name
resource_group_name = module.aks.aks_resource_group_name
location = var.location
@@ -151,5 +151,19 @@ module "prometheus_managed_addon" {
monitor_workspace_rg = data.azurerm_monitor_workspace.workspace.0.resource_group_name
grafana_name = "pagopa-${var.env_short}-${var.location_short}-grafana"
grafana_resource_group = "pagopa-${var.env_short}-${var.location_short}-grafana-rg"
- tags = var.tags
+
+ # takes a list and replaces any elements that are lists with a
+ # flattened sequence of the list contents.
+ # In this case, we enable OpsGenie only on prod env
+ action_groups_id = flatten([
+ [
+ data.azurerm_monitor_action_group.slack.id,
+ data.azurerm_monitor_action_group.email.id
+ ],
+ (var.env == "prod" ? [
+ data.azurerm_monitor_action_group.opsgenie.0.id
+ ] : [])
+ ])
+
+ tags = var.tags
}
diff --git a/src/aks-platform/README.md b/src/aks-platform/README.md
index 105c3ddbee..c221ff83ff 100644
--- a/src/aks-platform/README.md
+++ b/src/aks-platform/README.md
@@ -22,7 +22,7 @@
| [monitoring\_pod\_identity](#module\_monitoring\_pod\_identity) | git::https://github.com/pagopa/terraform-azurerm-v3.git//kubernetes_pod_identity | v8.53.0 |
| [nginx\_ingress](#module\_nginx\_ingress) | terraform-module/release/helm | 2.8.0 |
| [opencosts](#module\_opencosts) | git::https://github.com/pagopa/terraform-azurerm-v3.git//kubernetes_opencosts | v8.71.0 |
-| [prometheus\_managed\_addon](#module\_prometheus\_managed\_addon) | git::https://github.com/pagopa/terraform-azurerm-v3.git//kubernetes_prometheus_managed | v8.80.0 |
+| [prometheus\_managed\_addon](#module\_prometheus\_managed\_addon) | git::https://github.com/pagopa/terraform-azurerm-v3.git//kubernetes_prometheus_managed | v8.82.0 |
| [tls\_checker](#module\_tls\_checker) | git::https://github.com/pagopa/terraform-azurerm-v3.git//tls_checker | v8.54.0 |
| [tls\_checker\_workload\_identity\_configuration](#module\_tls\_checker\_workload\_identity\_configuration) | git::https://github.com/pagopa/terraform-azurerm-v3.git//kubernetes_workload_identity_configuration | v8.54.0 |
| [tls\_checker\_workload\_identity\_init](#module\_tls\_checker\_workload\_identity\_init) | git::https://github.com/pagopa/terraform-azurerm-v3.git//kubernetes_workload_identity_init | v8.54.0 |
diff --git a/src/aks-platform/env/weu-uat/terraform.tfvars b/src/aks-platform/env/weu-uat/terraform.tfvars
index 35e7fdd3e5..4299818379 100644
--- a/src/aks-platform/env/weu-uat/terraform.tfvars
+++ b/src/aks-platform/env/weu-uat/terraform.tfvars
@@ -35,7 +35,7 @@ aks_system_node_pool = {
vm_size = "Standard_D2ds_v5"
os_disk_type = "Ephemeral"
os_disk_size_gb = "75"
- node_count_min = "1" #TODO change to 2 or 3 in prod
+ node_count_min = "2" #TODO change to 2 or 3 in prod
node_count_max = "3"
only_critical_addons_enabled = true
node_labels = { node_name : "aks-system-01", node_type : "system" },
diff --git a/src/next-core/02_monitor.tf b/src/next-core/02_monitor.tf
index 0156d24bf9..3865316582 100644
--- a/src/next-core/02_monitor.tf
+++ b/src/next-core/02_monitor.tf
@@ -26,12 +26,12 @@ resource "azurerm_log_analytics_workspace" "log_analytics_workspace" {
# Azure Monitor Workspace
resource "azurerm_monitor_workspace" "monitor_workspace" {
- count = var.env == "dev" ? 1 : 0
- name = "pagopa-${var.env_short}-${var.location}-monitor-workspace"
- resource_group_name = "pagopa-${var.env_short}-monitor-rg"
- location = var.location
-
- tags = var.tags
+ count = var.env != "prod" ? 1 : 0
+ name = "pagopa-${var.env_short}-monitor-workspace"
+ resource_group_name = "pagopa-${var.env_short}-monitor-rg"
+ location = var.location
+ public_network_access_enabled = false
+ tags = var.tags
}
# Application insights