Deploy StatusCake SSL Checks for public endpoints

terraform/README.md

@@ -126,6 +126,7 @@ If everything looks good, answer `yes` and wait for the new infrastructure to be
 |------|---------|
 | <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 1.5.7 |
 | <a name="requirement_azurerm"></a> [azurerm](#requirement\_azurerm) | >= 3.67.0 |
+| <a name="requirement_statuscake"></a> [statuscake](#requirement\_statuscake) | >= 2.1.0 |
 
 ## Providers
 
@@ -137,6 +138,7 @@ No providers.
 |------|--------|---------|
 | <a name="module_azure_container_apps_hosting"></a> [azure\_container\_apps\_hosting](#module\_azure\_container\_apps\_hosting) | github.com/DFE-Digital/terraform-azurerm-container-apps-hosting | v1.1.0 |
 | <a name="module_azurerm_key_vault"></a> [azurerm\_key\_vault](#module\_azurerm\_key\_vault) | github.com/DFE-Digital/terraform-azurerm-key-vault-tfvars | v0.2.2 |
+| <a name="module_statuscake-tls-monitor"></a> [statuscake-tls-monitor](#module\_statuscake-tls-monitor) | github.com/dfe-digital/terraform-statuscake-tls-monitor | v0.1.2 |
 
 ## Resources
 
@@ -191,6 +193,11 @@ No resources.
 | <a name="input_mssql_server_admin_password"></a> [mssql\_server\_admin\_password](#input\_mssql\_server\_admin\_password) | The local administrator password for the MSSQL server | `string` | `""` | no |
 | <a name="input_mssql_server_public_access_enabled"></a> [mssql\_server\_public\_access\_enabled](#input\_mssql\_server\_public\_access\_enabled) | Enable public internet access to your MSSQL instance. Be sure to specify 'mssql\_firewall\_ipv4\_allow\_list' to restrict inbound connections | `bool` | `false` | no |
 | <a name="input_project_name"></a> [project\_name](#input\_project\_name) | Project name. Will be used along with `environment` as a prefix for all resources. | `string` | n/a | yes |
+| <a name="input_statuscake_api_token"></a> [statuscake\_api\_token](#input\_statuscake\_api\_token) | API token for StatusCake | `string` | `"00000000000000000000000000000"` | no |
+| <a name="input_statuscake_contact_group_email_addresses"></a> [statuscake\_contact\_group\_email\_addresses](#input\_statuscake\_contact\_group\_email\_addresses) | List of email address that should receive notifications from StatusCake | `list(string)` | `[]` | no |
+| <a name="input_statuscake_contact_group_integrations"></a> [statuscake\_contact\_group\_integrations](#input\_statuscake\_contact\_group\_integrations) | List of Integration IDs to connect to your Contact Group | `list(string)` | `[]` | no |
+| <a name="input_statuscake_contact_group_name"></a> [statuscake\_contact\_group\_name](#input\_statuscake\_contact\_group\_name) | Name of the contact group in StatusCake | `string` | `""` | no |
+| <a name="input_statuscake_monitored_resource_addresses"></a> [statuscake\_monitored\_resource\_addresses](#input\_statuscake\_monitored\_resource\_addresses) | The URLs to perform TLS checks on | `list(string)` | `[]` | no |
 | <a name="input_tags"></a> [tags](#input\_tags) | Tags to be applied to all resources | `map(string)` | n/a | yes |
 | <a name="input_tfvars_filename"></a> [tfvars\_filename](#input\_tfvars\_filename) | tfvars filename. This ensures that tfvars are kept up to date in Key Vault. | `string` | n/a | yes |
 | <a name="input_virtual_network_address_space"></a> [virtual\_network\_address\_space](#input\_virtual\_network\_address\_space) | Virtual network address space CIDR | `string` | n/a | yes |

terraform/locals.tf

@@ -47,4 +47,8 @@ locals {
   existing_network_watcher_name                   = var.existing_network_watcher_name
   existing_network_watcher_resource_group_name    = var.existing_network_watcher_resource_group_name
   custom_container_apps                           = var.custom_container_apps
+  statuscake_monitored_resource_addresses         = var.statuscake_monitored_resource_addresses
+  statuscake_contact_group_name                   = var.statuscake_contact_group_name
+  statuscake_contact_group_integrations           = var.statuscake_contact_group_integrations
+  statuscake_contact_group_email_addresses        = var.statuscake_contact_group_email_addresses
 }

terraform/providers.tf

@@ -2,3 +2,7 @@ provider "azurerm" {
   features {}
   skip_provider_registration = true
 }
+
+provider "statuscake" {
+  api_token = var.statuscake_api_token
+}

terraform/statuscake-tls-monitor.tf

@@ -0,0 +1,11 @@
+module "statuscake-tls-monitor" {
+  source = "github.com/dfe-digital/terraform-statuscake-tls-monitor?ref=v0.1.2"
+
+  statuscake_monitored_resource_addresses = local.statuscake_monitored_resource_addresses
+  statuscake_alert_at = [ # days to alert on
+    14, 7, 3
+  ]
+  statuscake_contact_group_name            = local.statuscake_contact_group_name
+  statuscake_contact_group_integrations    = local.statuscake_contact_group_integrations
+  statuscake_contact_group_email_addresses = local.statuscake_contact_group_email_addresses
+}

terraform/variables.tf

@@ -313,3 +313,34 @@ variable "image_tag" {
   type        = string
   default     = "web-latest"
 }
+
+variable "statuscake_api_token" {
+  description = "API token for StatusCake"
+  type        = string
+  sensitive   = true
+  default     = "00000000000000000000000000000"
+}
+
+variable "statuscake_contact_group_name" {
+  description = "Name of the contact group in StatusCake"
+  type        = string
+  default     = ""
+}
+
+variable "statuscake_contact_group_integrations" {
+  description = "List of Integration IDs to connect to your Contact Group"
+  type        = list(string)
+  default     = []
+}
+
+variable "statuscake_monitored_resource_addresses" {
+  description = "The URLs to perform TLS checks on"
+  type        = list(string)
+  default     = []
+}
+
+variable "statuscake_contact_group_email_addresses" {
+  description = "List of email address that should receive notifications from StatusCake"
+  type        = list(string)
+  default     = []
+}

terraform/versions.tf

@@ -5,5 +5,9 @@ terraform {
       source  = "hashicorp/azurerm"
       version = ">= 3.67.0"
     }
+    statuscake = {
+      source  = "StatusCakeDev/statuscake"
+      version = ">= 2.1.0"
+    }
   }
 }