Grafana Cloud
Developer resources
Infrastructure as code
Terraform
Manage Asserts in Grafana Cloud using TerraformManage Asserts in Grafana Cloud using Terraform
Learn how to use Terraform to manage Grafana Cloud Asserts resources. This guide shows you how to create and manage alert configurations and suppressed assertions using Terraform.
Note
Grafana Cloud Asserts supports Terraform-based configuration for alert configurations and suppressed assertions. These resources use the
grafana_asserts_naming convention in Terraform.
Before you begin
Before you begin, you should have the following:
- A Grafana Cloud account, as shown in Get started
- Terraform installed on your machine
- Administrator permissions in your Grafana instance
- Asserts enabled in your Grafana Cloud stack
Note
All of the following Terraform configuration files should be saved in the same directory.
Configure the Grafana provider
This Terraform configuration sets up the Grafana provider to provide necessary authentication when managing Asserts resources.
You can reuse a similar setup to the one described in Creating and managing a Grafana Cloud stack using Terraform to set up a service account and a token.
Create a Service account and token in Grafana. To create a new one, refer to Service account tokens.
Create a file named
main.tfand add the following:terraform { required_providers { grafana = { source = "grafana/grafana" version = ">= 2.9.0" } } } provider "grafana" { alias = "asserts" url = "<Stack-URL>" auth = "<Service-account-token>" stack_id = "<Stack-ID>" }Replace the following field values:
<Stack-URL>with the URL of your Grafana stack (for example,https://my-stack.grafana.net/)<Service-account-token>with the service account token that you created<Stack-ID>with your Grafana Cloud stack ID
Note
The
stack_idparameter is required for Asserts resources to identify the stack where the resources belong.
Create notification alerts configurations
Notification alerts configurations in Asserts allow you to manage how alerts are processed and routed. You can specify match labels to filter alerts, add custom labels, set duration requirements, and control silencing.
Basic notification alerts configuration
Create a file named alert-configs.tf and add the following:
# Basic alert configuration with silencing
resource "grafana_asserts_notification_alerts_config" "prometheus_remote_storage_failures" {
provider = grafana.asserts
name = "PrometheusRemoteStorageFailures"
match_labels = {
alertname = "PrometheusRemoteStorageFailures"
alertgroup = "prometheus.alerts"
asserts_env = "prod"
}
silenced = true
}
# High severity alert with specific job and context matching
resource "grafana_asserts_notification_alerts_config" "error_buildup_notify" {
provider = grafana.asserts
name = "ErrorBuildupNotify"
match_labels = {
alertname = "ErrorBuildup"
job = "acai"
asserts_request_type = "inbound"
asserts_request_context = "/auth"
}
silenced = false
}Notification alerts configuration with additional labels and duration
# Alert with additional labels and custom duration
resource "grafana_asserts_notification_alerts_config" "payment_test_alert" {
provider = grafana.asserts
name = "PaymentTestAlert"
match_labels = {
alertname = "PaymentTestAlert"
additional_labels = "asserts_severity=~\"critical\""
alertgroup = "alex-k8s-integration-test.alerts"
}
alert_labels = {
testing = "onetwothree"
}
duration = "5m"
silenced = false
}Latency and performance notification alerts
# Latency alert for shipping service
resource "grafana_asserts_notification_alerts_config" "high_shipping_latency" {
provider = grafana.asserts
name = "high shipping latency"
match_labels = {
alertname = "LatencyP99ErrorBuildup"
job = "shipping"
asserts_request_type = "inbound"
}
silenced = false
}
# CPU throttling alert with warning severity
resource "grafana_asserts_notification_alerts_config" "cpu_throttling_sustained" {
provider = grafana.asserts
name = "CPUThrottlingSustained"
match_labels = {
alertname = "CPUThrottlingSustained"
additional_labels = "asserts_severity=~\"warning\""
}
silenced = true
}Infrastructure and service notification alerts
# Ingress error rate alert
resource "grafana_asserts_notification_alerts_config" "ingress_error" {
provider = grafana.asserts
name = "ingress error"
match_labels = {
alertname = "ErrorRatioBreach"
job = "ingress-nginx-controller-metrics"
asserts_request_type = "inbound"
}
silenced = false
}
# MySQL Galera cluster alert
resource "grafana_asserts_notification_alerts_config" "mysql_galera_not_ready" {
provider = grafana.asserts
name = "MySQLGaleraNotReady"
match_labels = {
alertname = "MySQLGaleraNotReady"
}
silenced = false
}Create suppressed assertions configurations
Suppressed assertions configurations allow you to disable specific alerts or assertions based on label matching. This is useful for maintenance windows, test environments, or when you want to temporarily suppress certain types of alerts.
Create a file named suppressed-assertions.tf and add the following:
# Basic suppressed alert configuration for maintenance
resource "grafana_asserts_suppressed_assertions_config" "maintenance_window" {
provider = grafana.asserts
name = "MaintenanceWindow"
match_labels = {
service = "api-service"
maintenance = "true"
}
}
# Suppress specific alertname during deployment
resource "grafana_asserts_suppressed_assertions_config" "deployment_suppression" {
provider = grafana.asserts
name = "DeploymentSuppression"
match_labels = {
alertname = "HighLatency"
job = "web-service"
env = "staging"
}
}
# Suppress alerts for specific test environment
resource "grafana_asserts_suppressed_assertions_config" "test_environment_suppression" {
provider = grafana.asserts
name = "TestEnvironmentSuppression"
match_labels = {
alertgroup = "test.alerts"
environment = "test"
}
}Resource reference
The following configurations provide more details and examples for working with the Grafana API.
grafana_asserts_notification_alerts_config
Manage Asserts notification alerts configurations through the Grafana API.
Arguments
| Name | Type | Required | Description |
|---|---|---|---|
name | string | Yes | The name of the notification alerts configuration. This field is immutable and will force recreation if changed. |
match_labels | map(string) | No | Labels to match for this notification alerts configuration. Used to filter which alerts this configuration applies to. |
alert_labels | map(string) | No | Labels to add to alerts generated by this notification alerts configuration. |
duration | string | No | Duration for which the condition must be true before firing (for example, ‘5m’, ’30s’). Maps to ‘for’ in Asserts API. |
silenced | bool | No | Whether this notification alerts configuration is silenced. Defaults to false. |
Example
resource "grafana_asserts_notification_alerts_config" "example" {
provider = grafana.asserts
name = "ExampleAlert"
match_labels = {
alertname = "HighCPUUsage"
job = "monitoring"
}
alert_labels = {
severity = "warning"
team = "platform"
}
duration = "5m"
silenced = false
}grafana_asserts_suppressed_assertions_config
Manage Asserts suppressed assertions configurations through the Grafana API.
Arguments
| Name | Type | Required | Description |
|---|---|---|---|
name | string | Yes | The name of the suppressed assertions configuration. This field is immutable and will force recreation if changed. |
match_labels | map(string) | No | Labels to match for this suppressed assertions configuration. Used to determine which alerts should be suppressed. |
Example
resource "grafana_asserts_suppressed_assertions_config" "example" {
provider = grafana.asserts
name = "ExampleSuppression"
match_labels = {
alertname = "TestAlert"
env = "development"
}
}Apply the Terraform configuration
In a terminal, run the following commands from the directory where all of the configuration files are located.
Initialize a working directory containing Terraform configuration files:
terraform initPreview the changes that Terraform will make:
terraform planApply the configuration files:
terraform apply
Validation
After you apply the changes in the Terraform configurations, you should be able to verify the following:
- Notification alerts configurations are created in your Asserts instance and can be viewed in the Asserts UI
- Suppressed assertions configurations are active and suppressing the specified alerts
- The configurations are properly scoped to your Grafana Cloud stack
Best practices
When managing Asserts resources with Terraform, consider the following best practices:
Naming conventions
- Use descriptive names for your notification alerts configurations that clearly indicate their purpose
- Follow a consistent naming pattern across your organization
- Include environment or team identifiers in the names when appropriate
Label management
- Use specific and meaningful labels in
match_labelsto ensure precise alert filtering - Leverage existing label conventions from your monitoring setup
- Consider using
asserts_envandasserts_sitelabels for multi-environment setups
Silencing strategy
- Use the
silencedparameter for temporary suppression rather than deleting notification alerts configurations - Document the reason for silencing in your Terraform configuration comments
- Regularly review silenced configurations to ensure they’re still needed
Duration configuration
- Set appropriate duration values based on your alerting requirements
- Consider the nature of the monitored condition when choosing duration
- Use consistent duration formats across similar alert types
Conclusion
In this guide, you learned how to use Terraform to manage Grafana Cloud Asserts resources by creating notification alerts configurations and suppressed assertions.
To learn more about managing Grafana Cloud using Terraform, refer to Grafana provider’s documentation.
For more information about Asserts, refer to the Asserts documentation.
Was this page helpful?
Related resources from Grafana Labs
