Merge pull request #5453 from dfe-analytical-services/EES-5686-add-pu…

…blic-api-performance-metric-alerts-alerts-with-components

EES-5686 - moving alert creation into individual component files rather than higher-level templates

infrastructure/templates/public-api/application/public-api/publicApiApp.bicep

@@ -145,24 +145,11 @@ module apiContainerAppModule '../../components/containerApp.bicep' = {
       ]
       requireAuthentication: false
     }
-    tagValues: tagValues
-  }
-}
-
-module containerAppRestartsAlert '../../components/alerts/containerApps/restarts.bicep' = if (deployAlerts) {
-  name: '${resourceNames.publicApi.apiApp}RestartsDeploy'
-  params: {
-    resourceNames: [resourceNames.publicApi.apiApp]
-    alertsGroupName: resourceNames.existingResources.alertsGroup
-    tagValues: tagValues
-  }
-}
-
-module responseTimeAlert '../../components/alerts/containerApps/responseTimeAlert.bicep' = if (deployAlerts) {
-  name: '${resourceNames.publicApi.apiApp}ResponseTimeDeploy'
-  params: {
-    resourceNames: [resourceNames.publicApi.apiApp]
-    alertsGroupName: resourceNames.existingResources.alertsGroup
+    alerts: deployAlerts ? {
+      restarts: true
+      responseTime: true
+      alertsGroupName: resourceNames.existingResources.alertsGroup
+    } : null
     tagValues: tagValues
   }
 }

infrastructure/templates/public-api/application/public-api/publicApiDataProcessor.bicep

@@ -112,67 +112,14 @@ module dataProcessorFunctionAppModule '../../components/functionApp.bicep' = {
       mountPath: publicApiDataFileShareMountPath
     }]
     storageFirewallRules: storageFirewallRules
-    tagValues: tagValues
-  }
-}
-
-module functionAppHealthAlert '../../components/alerts/sites/healthAlert.bicep' = if (deployAlerts) {
-  name: '${resourceNames.publicApi.dataProcessor}HealthDeploy'
-  params: {
-    resourceNames: [resourceNames.publicApi.dataProcessor]
-    alertsGroupName: resourceNames.existingResources.alertsGroup
-    tagValues: tagValues
-  }
-}
-
-module storageAccountAvailabilityAlerts '../../components/alerts/storageAccounts/availabilityAlert.bicep' = if (deployAlerts) {
-  name: '${resourceNames.publicApi.dataProcessor}StorageAvailabilityDeploy'
-  params: {
-    resourceNames: [
-      dataProcessorFunctionAppModule.outputs.managementStorageAccountName
-      dataProcessorFunctionAppModule.outputs.slot1StorageAccountName
-      dataProcessorFunctionAppModule.outputs.slot2StorageAccountName
-    ]
-    alertsGroupName: resourceNames.existingResources.alertsGroup
-    tagValues: tagValues
-  }
-}
-
-module fileServiceAvailabilityAlerts '../../components/alerts/fileServices/availabilityAlert.bicep' = if (deployAlerts) {
-  name: '${resourceNames.publicApi.dataProcessor}FsAvailabilityDeploy'
-  params: {
-    resourceNames: [
-      dataProcessorFunctionAppModule.outputs.managementStorageAccountName
-      dataProcessorFunctionAppModule.outputs.slot1StorageAccountName
-      dataProcessorFunctionAppModule.outputs.slot2StorageAccountName
-    ]
-    alertsGroupName: resourceNames.existingResources.alertsGroup
-    tagValues: tagValues
-  }
-}
-
-module storageAccountLatencyAlert '../../components/alerts/storageAccounts/latencyAlert.bicep' = if (deployAlerts) {
-  name: '${resourceNames.publicApi.publicApiStorageAccount}LatencyDeploy'
-  params: {
-    resourceNames: [
-      dataProcessorFunctionAppModule.outputs.managementStorageAccountName
-      dataProcessorFunctionAppModule.outputs.slot1StorageAccountName
-      dataProcessorFunctionAppModule.outputs.slot2StorageAccountName
-    ]
-    alertsGroupName: resourceNames.existingResources.alertsGroup
-    tagValues: tagValues
-  }
-}
-
-module fileServiceLatencyAlert '../../components/alerts/fileServices/latencyAlert.bicep' = if (deployAlerts) {
-  name: '${resourceNames.publicApi.publicApiStorageAccount}FsLatencyDeploy'
-  params: {
-    resourceNames: [
-      dataProcessorFunctionAppModule.outputs.managementStorageAccountName
-      dataProcessorFunctionAppModule.outputs.slot1StorageAccountName
-      dataProcessorFunctionAppModule.outputs.slot2StorageAccountName
-    ]
-    alertsGroupName: resourceNames.existingResources.alertsGroup
+    alerts: deployAlerts ? {
+      functionAppHealth: true
+      storageAccountAvailability: true
+      storageLatency: true
+      fileServiceAvailability: true
+      fileServiceLatency: true
+      alertsGroupName: resourceNames.existingResources.alertsGroup
+    } : null
     tagValues: tagValues
   }
 }

infrastructure/templates/public-api/application/public-api/publicApiStorage.bicep

@@ -51,6 +51,11 @@ module publicApiStorageAccountModule '../../components/storageAccount.bicep' = {
     firewallRules: storageFirewallRules
     skuStorageResource: 'Standard_LRS'
     keyVaultName: resourceNames.existingResources.keyVault
+    alerts: deployAlerts ? {
+      availability: true
+      latency: true
+      alertsGroupName: resourceNames.existingResources.alertsGroup
+    } : null
     tagValues: tagValues
   }
 }
@@ -62,41 +67,11 @@ module dataFilesFileShareModule '../../components/fileShare.bicep' = {
     fileShareQuota: publicApiDataFileShareQuota
     storageAccountName: publicApiStorageAccountModule.outputs.storageAccountName
     fileShareAccessTier: 'TransactionOptimized'
-  }
-}
-
-module storageAccountAvailabilityAlert '../../components/alerts/storageAccounts/availabilityAlert.bicep' = if (deployAlerts) {
-  name: '${resourceNames.publicApi.publicApiStorageAccount}AvailabilityDeploy'
-  params: {
-    resourceNames: [resourceNames.publicApi.publicApiStorageAccount]
-    alertsGroupName: resourceNames.existingResources.alertsGroup
-    tagValues: tagValues
-  }
-}
-
-module fileServiceAvailabilityAlert '../../components/alerts/fileServices/availabilityAlert.bicep' = if (deployAlerts) {
-  name: '${resourceNames.publicApi.publicApiStorageAccount}FsAvailabilityDeploy'
-  params: {
-    resourceNames: [resourceNames.publicApi.publicApiStorageAccount]
-    alertsGroupName: resourceNames.existingResources.alertsGroup
-    tagValues: tagValues
-  }
-}
-
-module storageAccountLatencyAlert '../../components/alerts/storageAccounts/latencyAlert.bicep' = if (deployAlerts) {
-  name: '${resourceNames.publicApi.publicApiStorageAccount}LatencyDeploy'
-  params: {
-    resourceNames: [resourceNames.publicApi.publicApiStorageAccount]
-    alertsGroupName: resourceNames.existingResources.alertsGroup
-    tagValues: tagValues
-  }
-}
-
-module fileServiceLatencyAlert '../../components/alerts/fileServices/latencyAlert.bicep' = if (deployAlerts) {
-  name: '${resourceNames.publicApi.publicApiStorageAccount}FsLatencyDeploy'
-  params: {
-    resourceNames: [resourceNames.publicApi.publicApiStorageAccount]
-    alertsGroupName: resourceNames.existingResources.alertsGroup
+    alerts: deployAlerts ? {
+      availability: true
+      latency: true
+      alertsGroupName: resourceNames.existingResources.alertsGroup
+    } : null
     tagValues: tagValues
   }
 }

infrastructure/templates/public-api/application/shared/appGateway.bicep

@@ -51,24 +51,11 @@ module appGatewayModule '../../components/appGateway.bicep' = {
     backends: backends
     routes: routes
     rewrites: rewrites
-    tagValues: tagValues
-  }
-}
-
-module backendPoolsHealthAlert '../../components/alerts/appGateways/backendPoolHealth.bicep' = if (deployAlerts) {
-  name: '${resourceNames.sharedResources.appGateway}BackendPoolsHealthDeploy'
-  params: {
-    resourceNames: [resourceNames.sharedResources.appGateway]
-    alertsGroupName: resourceNames.existingResources.alertsGroup
-    tagValues: tagValues
-  }
-}
-
-module responseTimeAlert '../../components/alerts/appGateways/responseTimeAlert.bicep' = if (deployAlerts) {
-  name: '${resourceNames.sharedResources.appGateway}ResponseTimeDeploy'
-  params: {
-    resourceNames: [resourceNames.sharedResources.appGateway]
-    alertsGroupName: resourceNames.existingResources.alertsGroup
+    alerts: deployAlerts ? {
+      health: true
+      responseTime: true
+      alertsGroupName: resourceNames.existingResources.alertsGroup
+    } : null
     tagValues: tagValues
   }
 }

infrastructure/templates/public-api/application/shared/postgreSqlFlexibleServer.bicep

@@ -58,6 +58,12 @@ module postgreSqlServerModule '../../components/postgresqlDatabase.bicep' = {
     firewallRules: formattedFirewallRules
     databaseNames: ['public_data']
     privateEndpointSubnetId: privateEndpointSubnetId
+    alerts: deployAlerts ? {
+      availability: true
+      queryTime: true
+      transactionTime: true
+      alertGroupName: resourceNames.existingResources.alertsGroup
+    } : null
     tagValues: tagValues
   }
 }
@@ -73,33 +79,6 @@ resource maxPreparedTransactionsConfig 'Microsoft.DBforPostgreSQL/flexibleServer
   ]
 }
 
-module databaseAliveAlert '../../components/alerts/flexibleServers/databaseAlive.bicep' = if (deployAlerts) {
-  name: '${resourceNames.sharedResources.postgreSqlFlexibleServer}DbAliveDeploy'
-  params: {
-    resourceNames: [resourceNames.sharedResources.postgreSqlFlexibleServer]
-    alertsGroupName: resourceNames.existingResources.alertsGroup
-    tagValues: tagValues
-  }
-}
-
-module queryTimeAlert '../../components/alerts/flexibleServers/queryTimeAlert.bicep' = if (deployAlerts) {
-  name: '${resourceNames.sharedResources.postgreSqlFlexibleServer}QueryTimeDeploy'
-  params: {
-    resourceNames: [resourceNames.sharedResources.postgreSqlFlexibleServer]
-    alertsGroupName: resourceNames.existingResources.alertsGroup
-    tagValues: tagValues
-  }
-}
-
-module transactionTimeAlert '../../components/alerts/flexibleServers/transactionTimeAlert.bicep' = if (deployAlerts) {
-  name: '${resourceNames.sharedResources.postgreSqlFlexibleServer}TransactionTimeDeploy'
-  params: {
-    resourceNames: [resourceNames.sharedResources.postgreSqlFlexibleServer]
-    alertsGroupName: resourceNames.existingResources.alertsGroup
-    tagValues: tagValues
-  }
-}
-
 var managedIdentityConnectionStringTemplate = postgreSqlServerModule.outputs.managedIdentityConnectionStringTemplate
 
 var dataProcessorPsqlConnectionStringSecretKey = 'ees-publicapi-data-processor-connectionstring-publicdatadb'

infrastructure/templates/public-api/components/appGateway.bicep

@@ -39,6 +39,13 @@ param availabilityZones ('1' | '2' | '3') [] = [
   '3'
 ]
 
+@description('Whether to create or update Azure Monitor alerts during this deploy')
+param alerts {
+  health: bool
+  responseTime: bool
+  alertsGroupName: string
+}?
+
 @description('Tags for the resources')
 param tagValues object
 
@@ -275,3 +282,21 @@ resource appGateway 'Microsoft.Network/applicationGateways@2024-01-01' = {
     keyVaultAccessPolicyModule
   ]
 }
+
+module backendPoolsHealthAlert 'alerts/appGateways/backendPoolHealth.bicep' = if (alerts != null && alerts!.health) {
+  name: '${appGatewayName}BackendPoolsHealthDeploy'
+  params: {
+    resourceNames: [appGatewayName]
+    alertsGroupName: alerts!.alertsGroupName
+    tagValues: tagValues
+  }
+}
+
+module responseTimeAlert 'alerts/appGateways/responseTimeAlert.bicep' = if (alerts != null && alerts!.responseTime) {
+  name: '${appGatewayName}ResponseTimeDeploy'
+  params: {
+    resourceNames: [appGatewayName]
+    alertsGroupName: alerts!.alertsGroupName
+    tagValues: tagValues
+  }
+}

infrastructure/templates/public-api/components/containerApp.bicep

@@ -108,6 +108,13 @@ param volumeMounts {
 @description('An existing App Registration registered with Entra ID that will be used to control access to this Container App')
 param entraIdAuthentication EntraIdAuthentication?
 
+@description('Whether to create or update Azure Monitor alerts during this deploy')
+param alerts {
+  restarts: bool
+  responseTime: bool
+  alertsGroupName: string
+}?
+
 @description('A set of tags with which to tag the resource in Azure')
 param tagValues object
 
@@ -210,6 +217,24 @@ module privateDns 'containerAppPrivateDns.bicep' = if (deployPrivateDns) {
   }
 }
 
+module containerAppRestartsAlert 'alerts/containerApps/restarts.bicep' = if (alerts != null && alerts!.restarts) {
+  name: '${containerAppName}RestartsDeploy'
+  params: {
+    resourceNames: [containerAppName]
+    alertsGroupName: alerts!.alertsGroupName
+    tagValues: tagValues
+  }
+}
+
+module responseTimeAlert 'alerts/containerApps/responseTimeAlert.bicep' = if (alerts != null && alerts!.responseTime) {
+  name: '${containerAppName}ResponseTimeDeploy'
+  params: {
+    resourceNames: [containerAppName]
+    alertsGroupName: alerts!.alertsGroupName
+    tagValues: tagValues
+  }
+}
+
 output containerAppFqdn string = containerAppFqdn
 output containerImage string = containerImageName
 output containerAppName string = containerApp.name

infrastructure/templates/public-api/components/fileShare.bicep

@@ -11,6 +11,16 @@ param fileShareAccessTier string = 'Hot'
 @description('Name of the Storage Account')
 param storageAccountName string
 
+@description('Whether to create or update Azure Monitor alerts during this deploy')
+param alerts {
+  availability: bool
+  latency: bool
+  alertsGroupName: string
+}?
+
+@description('A set of tags with which to tag the resource in Azure')
+param tagValues object
+
 // Reference an existing Storage Account.
 resource storageAccount 'Microsoft.Storage/storageAccounts@2023-05-01' existing = {
   name: storageAccountName
@@ -30,4 +40,22 @@ resource fileShare 'Microsoft.Storage/storageAccounts/fileServices/shares@2023-0
   }
 }
 
+module availabilityAlerts 'alerts/fileServices/availabilityAlert.bicep' = if (alerts != null && alerts!.availability) {
+  name: '${storageAccountName}FsAvailabilityDeploy'
+  params: {
+    resourceNames: [storageAccountName]
+    alertsGroupName: alerts!.alertsGroupName
+    tagValues: tagValues
+  }
+}
+
+module latencyAlert 'alerts/fileServices/latencyAlert.bicep' = if (alerts != null && alerts!.latency) {
+  name: '${storageAccountName}FsLatencyDeploy'
+  params: {
+    resourceNames: [storageAccountName]
+    alertsGroupName: alerts!.alertsGroupName
+    tagValues: tagValues
+  }
+}
+
 output fileShareName string = fileShare.name