Terraform advanced example
This section guides you through an advanced example of creating a Dynatrace configuration template for a newly deployed application with Dynatrace Configuration as Code via Terraform.
Prerequisites
-
Terraform CLI with the Dynatrace provider installed and available under
PATH
. -
Access token with at least the following permissions:
- Read settings (
settings.read
) - Write settings (
settings.write
)
To create a token that would work for all configuration, please include the following permissions in addition to the above.
- Read configuration (
ReadConfig
) - Write configuration (
WriteConfig
) - Create and read synthetic monitors, locations, and nodes (
ExternalSyntheticIntegration
) - Capture request data (
CaptureRequestData
) - Read credential vault entries (
credentialVault.read
) - Write credential vault entries (
credentialVault.write
) - Read network zones (
networkZones.read
) - Write network zones (
networkZones.write
)
- Read settings (
Build configuration
In this example, we'll utilize a JSON input file to automate the creation of a management zone, alerting profile, and email notification for each defined application.
-
In your working directory, create a
main.tf
file with the following content.The configuration below uses a
locals
block to access the contents ofdata.json
within theresource
blocks.For more information on each resource, refer to the Terraform Registry documentation.
locals { app_data = jsondecode(file("data.json")) } resource "dynatrace_management_zone_v2" "mgmz_per_app" { for_each = local.app_data name = each.key rules { rule { type = "ME" enabled = true attribute_rule { entity_type = "HOST" host_to_pgpropagation = true attribute_conditions { condition { case_sensitive = true key = "HOST_GROUP_NAME" operator = "EQUALS" string_value = each.value["host-group"] } } } } } } resource "dynatrace_alerting" "alerting_per_app" { for_each = dynatrace_management_zone_v2.mgmz_per_app name = each.value.name management_zone = each.value.legacy_id rules { rule { delay_in_minutes = local.app_data[each.value.name]["delay-in-minutes"] include_mode = "NONE" severity_level = "MONITORING_UNAVAILABLE" } } } resource "dynatrace_email_notification" "email_notification_per_app" { for_each = dynatrace_alerting.alerting_per_app name = each.value.name subject = "{State} Problem {ProblemID}: {ImpactedEntity}" to = local.app_data[each.value.name]["notify"] cc = ["terraform@dynatrace.com"] body = "{ProblemDetailsHTML}" profile = each.value.id active = true notify_closed_problems = true }
-
Create a
data.json
file with the following content.{ "App-A": { "host-group": "group-a", "delay-in-minutes": 20, "notify": ["app.a.owner@dynatrace.com"] }, "App-B": { "host-group": "group-b", "delay-in-minutes": 30, "notify": ["app.b.owner@dynatrace.com"] } }
In the provided JSON configuration, we've defined two applications:
"App-A"
and"App-B"
. These names will be consistently used for creating the management zone, alerting profile, and email notification. Each application is associated with the following attributes:host-group
: Refers to the host group associated with the application. Used for management zone rule.delay-in-minutes
: Specifies the duration (in minutes) that the monitoring unavailable event remains open before triggering an alert. For more information, see alerting profile.notify
: Lists the recipients of the email notification.
-
Open a terminal window and set the tenant URL and API token environment variables. This is the tenant on which we want to push the configuration.
set DYNATRACE_ENV_URL=https://########.live.dynatrace.com set DYNATRACE_API_TOKEN=dt0c01.########.########
set DYNATRACE_ENV_URL=https://<dynatrace-host>/e/######## set DYNATRACE_API_TOKEN=dt0c01.########.########
-
Run the
terraform apply -auto-approve
command, which displays an execution plan detailing the changes to be made.dynatrace_management_zone_v2.mgmz_per_app["App-A"]: Creating... dynatrace_management_zone_v2.mgmz_per_app["App-A"]: Creation complete after 1s [id=*************] dynatrace_management_zone_v2.mgmz_per_app["App-B"]: Creating... dynatrace_management_zone_v2.mgmz_per_app["App-B"]: Creation complete after 0s [id=*************] dynatrace_alerting.alerting_per_app["App-B"]: Creating... dynatrace_alerting.alerting_per_app["App-B"]: Creation complete after 1s [id=*************] dynatrace_alerting.alerting_per_app["App-A"]: Creating... dynatrace_alerting.alerting_per_app["App-A"]: Creation complete after 0s [id=*************] dynatrace_email_notification.email_notification_per_app["App-B"]: Creating... dynatrace_email_notification.email_notification_per_app["App-B"]: Creation complete after 1s [id=*************] dynatrace_email_notification.email_notification_per_app["App-A"]: Creating... dynatrace_email_notification.email_notification_per_app["App-A"]: Creation complete after 1s [id=*************] Apply complete! Resources: 6 added, 0 changed, 0 destroyed.
Upon successful execution, the management zone, alerting profile, and email notification configurations for "App-A"
and "App-B"
will be established in the Dynatrace environment.
To change or destroy the configuration, refer back to the examples in Terraform basic example