Ability to disable the Cloudwatch Alarm

[RothAndrew]

Have a question? Please checkout our Slack Community or visit our Slack Archive.

Describe the Feature

I'd like the ability to turn off the Cloudwatch Alarm that gets created through use of a variable such as create_cloudwatch_alarm = false.

Expected Behavior

I'm able to use this module to create an EC2 instance without having to create the Cloudwatch Alarm

Use Case

The AWS account I'm in does not authorize me to perform iam:CreateServiceLinkedRole which is necessary to create the cloudwatch alarm. The error I get is:

Error: failed creating CloudWatch Metric Alarm (<redacted>-dev-bastion): AccessDenied: User: arn:<redacted> is not authorized to perform: iam:CreateServiceLinkedRole on resource: arn:<redacted>:role/aws-service-role/events.amazonaws.com/AWSServiceRoleForCloudWatchEvents because no identity-based policy allows the iam:CreateServiceLinkedRole action
│       status code: 403, request id: e0ffb57c-5ad2-4b02-9176-dc889c640583
│ 
│   with module.bastion.aws_cloudwatch_metric_alarm.default[0],
│   on .terraform/modules/bastion/cloudwatch-alarm.tf line 11, in resource "aws_cloudwatch_metric_alarm" "default":
│   11: resource "aws_cloudwatch_metric_alarm" "default" {

Describe Ideal Solution

A new variable called something like create_cloudwatch_alarm with type bool that changes the count param to 0 when it is set to false. It can stay true by default to preserve backward compatibility.

Alternatives Considered

Forking the module and disabling the cloudwatch alarm, or using another module, or making my own module.

Additional Context

none

[ngoyal16]

Is any one working on this?