Managing PagerDuty Services With Terraform

By jjm

Saturday, 2021-04-03 16:21 +0100

For the last couple of years, I had been the primary maintainer for some tooling which makes heavy use of the PagerDuty REST API. Given my increasing use of Terraform plus now PagerDuty has a free account level. I thought I could get myself a PD account for receiving alerts from any monitoring for my blog that I may do and more importantly also complete a little brain bump of some PagerDuty + Terraform thoughts that are currently rattling around before start focusing on different things for my new job next week.

So turns out its crazy simple! Since PagerDuty took on maintaining this Terraform provider in late 2019, it’s just kept becoming more powerful! So just how simple is it to use? It’s important to remember that before you create your first PagerDuty service, you must have an escalation policy to associate with it. The simplest way is manually and then use a data source, however if you’re doing this for work I suggest you create the escalation policy via a resource and reference that.

data "pagerduty_escalation_policy" "default" {
  name = "Default"
}

From this it’s just a few lines to add a basic service, the pagerduty_service resource does support many other more complex options.

resource "pagerduty_service" "blog" {
  name                    = "Blog"
  description             = "My geeky-and-blonde.me.uk Blog"
  escalation_policy       = data.pagerduty_escalation_policy.default.id
  alert_creation          = "create_alerts_and_incidents"
}

For example if you wanted map urgency to severity (may not be available on all PagerDuty account levels), it’s just these few lines to your service:

  incident_urgency_rule {
    type    = "constant"
    urgency = "severity_based"
  }

Of course a service without any integrations is not much use. As you can’t send any alerts to PagerDuty, so you’ll want to add at least one of those for your service, if not more. While there is a set of generic service integrations, but most (e.g. datadog, signalfx) are done via vendors as follows:

data "pagerduty_vendor" "signalfx" {
  name = "SignalFx"
}

resource "pagerduty_service_integration" "signalfx" {
  name    = data.pagerduty_vendor.signalfx.name
  vendor  = data.pagerduty_vendor.signalfx.id
  service = pagerduty_service.blog.id
}

So if happen to be using SignalFx, getting a integration key for this integration into your SignalFx org would be as simple the following (if you had an admin token):

resource "signalfx_pagerduty_integration" "blog" {
  name    = "PagerDuty - Blog"
  enabled = true
  api_key = pagerduty_service_integration.signalfx.integration_key
}

So now I’m very much wishing that PagerDuty Terraform provider was this easy and awesome (plus I was using Terraform most days) when I started using PagerDuty in mid-2018. There’s likely to be a followup post on Monday with some other thoughts and how to send change events from a GitHub workflow.