Updates portal and sensu

Adds improved portal sensu check
Adds SG rule for test to allow sensu portal check

base/customer_portal/elb.tf

@@ -130,6 +130,17 @@ resource "aws_security_group_rule" "customer_portal_alb_http" {
   cidr_blocks       = [ var.environment == "test" ? "10.0.0.0/8" : "0.0.0.0/0", ]
 }
 
+# Needed for Sensu Check from the proxy in test
+resource "aws_security_group_rule" "customer_portal_sensu_check" {
+  count = var.environment == "test" ? 1 : 0
+  protocol          = "tcp"
+  type              = "ingress"
+  from_port         = 443
+  to_port           = 443
+  security_group_id = aws_security_group.customer_portal_alb.id
+  cidr_blocks       = [ "${var.proxy_public_ip}/32", ]
+}
+
 resource "aws_security_group_rule" "customer_portal_alb" {
   protocol                 = "tcp"
   type                     = "egress"
@@ -137,4 +148,5 @@ resource "aws_security_group_rule" "customer_portal_alb" {
   to_port                  = 443
   security_group_id        = aws_security_group.customer_portal_alb.id
   source_security_group_id = aws_security_group.customer_portal.id
-}
+}
+

base/customer_portal/vars.tf

@@ -34,4 +34,9 @@ variable "private_subnets" {
 
 variable "public_subnets" {
   type = list(string)
+}
+
+variable "proxy_public_ip" {
+  type = string
+  
 }

base/sensu-configuration/checks.tf

@@ -114,11 +114,9 @@ resource "sensu_check" "check_phantom_ports" {
   runtime_assets = [ "sensu-plugins-network-checks", "sensu-ruby-runtime", ]
 }
 
-#only needed in PROD
 resource "sensu_check" "check_portal_http" {
-  count          = var.environment == "test" ? 0 : 1
   name           = "portal_http"
-  command        = "metrics-curl.rb -u https://portal.xdr.accenturefederalcyber.com"
+  command        = "check-http.rb -u https://portal.${var.dns_info["public"]["zone"]}/api/health/ --response-code 200"
   namespace      = "default"
   subscriptions  = [ "portal", ]
   handlers       = [ "victorops", "logfile", ]