Manage alerting policies with Terraform

This document describes how to use the Google Cloud Terraform Provider to edit and delete alerting policies in your Google Cloud project. The Google Cloud Terraform Provider provides the following resources for alerting policies and notification channels:

Terraform is a tool for building, changing, and versioning infrastructure. It uses configuration files to describe the components needed to run a single application or your entire infrastructure. For more information about using Terraform, see the following documents:

Before you begin

To get the permissions that you need to modify alerting policies by using Terraform, ask your administrator to grant you the Monitoring Editor (roles/monitoring.alertPolicyEditor) IAM role on your project. For more information about granting roles, see Manage access.

You might also be able to get the required permissions through custom roles or other predefined roles.

For more information about Cloud Monitoring roles, see Control access with Identity and Access Management.

Edit or delete alerting policies

To edit or delete an alerting policy in your Google Cloud project, do the following:

Ensure that Terraform is installed in the Cloud Shell.
In the Cloud Shell, go to the directory that contains your Terraform configuration.
Edit the configuration file, locate the google_monitoring_alert_policy resource for your alerting policy, and then either modify or delete that resource.
In the Cloud Shell, enter terraform apply.

Export an alerting policy configuration to a Terraform configuration

You can export an alerting policy configuration from Google Cloud to a Terraform definition in your Terraform configuration. This process is helpful if you created an alerting policy in Google Cloud after you created your Terraform configuration.

To export your alerting policy, do the following:

Ensure that Terraform is installed in the Cloud Shell.
In the Cloud Shell, go to the directory that contains your Terraform configuration.
Add an import block to a file in your Terraform configuration. The import block has the following arguments:
- to: The resource address as specified by your Terraform configuration. This field has the format of google_monitoring_alert_policy.RESOURCE_NAME, where RESOURCE_NAME is a value you choose. We recommend choosing a resource name that clearly describes your alerting policy.
- id: The name of the alerting policy. This field has the format of project/PROJECT_ID/alertPolicies/ALERT_POLICY_ID.
For example, you want to export an alerting policy that monitors CPU usage, so you set RESOURCE_NAME to cpu_usage_threshold. You then set id as the alerting policy name:
```
import {
to = google_monitoring_alert_policy.cpu_usage_threshold
id = "projects/my-alerting-project/alertPolicies/7160801095019277297"
}
```
In the Cloud Shell, run the following command:
```
terraform plan -generate-config-out=generated.tf
```
The previous command creates a file named generated.tf, which lets you review your alerting policy definition before you add it to your Terraform configuration. You can edit the definition, move it to a different file, or leave it unchanged.
In the Cloud Shell, enter terraform apply to import your alerting policy definition to your Terraform configuration.

For more information about generating definitions for resources that aren't part of your Terraform configuration, see Generating configuration.

What's next

Learn more about Terraform.
Try out code samples that use the Google Cloud Terraform Provider with Cloud Monitoring.
View the Google Cloud Terraform Provider repository on GitHub.
File a GitHub issue to report a bug or ask a question about Terraform.