From e756d122cdf2031b5490004593b83bd46d505cfb Mon Sep 17 00:00:00 2001
From: Christian Battaglini <christian.battaglini@fr.clara.net>
Date: Fri, 28 Feb 2025 16:42:27 +0100
Subject: [PATCH 1/8] detector-vpn-update

---
 modules/integration_aws-vpn/detectors-gen.tf | 13 +++++++++++++
 modules/integration_aws-vpn/variables-gen.tf | 18 ++++++++++++++++++
 2 files changed, 31 insertions(+)

diff --git a/modules/integration_aws-vpn/detectors-gen.tf b/modules/integration_aws-vpn/detectors-gen.tf
index 5123b41cc..3fad7fd00 100644
--- a/modules/integration_aws-vpn/detectors-gen.tf
+++ b/modules/integration_aws-vpn/detectors-gen.tf
@@ -38,8 +38,21 @@ resource "signalfx_detector" "vpn_status" {
     base_filtering = filter('namespace', 'AWS/VPN') and filter('stat', 'mean') and filter('VpnId', '*')
     signal = data('TunnelState', filter=base_filtering and ${module.filtering.signalflow})${var.vpn_status_aggregation_function}${var.vpn_status_transformation_function}.publish('signal')
     detect(when(signal < ${var.vpn_status_threshold_critical}%{if var.vpn_status_lasting_duration_critical != null}, lasting='${var.vpn_status_lasting_duration_critical}', at_least=${var.vpn_status_at_least_percentage_critical}%{endif})).publish('CRIT')
+    detect(when(signal < ${var.vpn_status_threshold_major}%{if var.vpn_status_lasting_duration_major != null}, lasting='${var.vpn_status_lasting_duration_major}', at_least=${var.vpn_status_at_least_percentage_major}%{endif})).publish('MAJ')
 EOF
 
+  rule {
+    description           = "is too low < ${var.vpn_status_threshold_major}"
+    severity              = "Major"
+    detect_label          = "MAJOR"
+    disabled              = coalesce(var.vpn_status_disabled, var.detectors_disabled)
+    notifications         = try(coalescelist(lookup(var.vpn_status_notifications, "major", []), var.notifications.major), null)
+    runbook_url           = try(coalesce(var.vpn_status_runbook_url, var.runbook_url), "")
+    tip                   = var.vpn_status_tip
+    parameterized_subject = var.message_subject == "" ? local.rule_subject : var.message_subject
+    parameterized_body    = var.message_body == "" ? local.rule_body : var.message_body
+  }
+
   rule {
     description           = "is too low < ${var.vpn_status_threshold_critical}"
     severity              = "Critical"
diff --git a/modules/integration_aws-vpn/variables-gen.tf b/modules/integration_aws-vpn/variables-gen.tf
index 3114b9a74..2815a9c41 100644
--- a/modules/integration_aws-vpn/variables-gen.tf
+++ b/modules/integration_aws-vpn/variables-gen.tf
@@ -109,3 +109,21 @@ variable "vpn_status_at_least_percentage_critical" {
   type        = number
   default     = 1
 }
+
+variable "vpn_status_threshold_major" {
+  description = "Major threshold for vpn_status detector"
+  type        = number
+  default     = 1
+}
+
+variable "vpn_status_lasting_duration_major" {
+  description = "Minimum duration that conditions must be true before raising alert"
+  type        = string
+  default     = null
+}
+
+variable "vpn_status_at_least_percentage_major" {
+  description = "Percentage of lasting that conditions must be true before raising alert (>= 0.0 and <= 1.0)"
+  type        = number
+  default     = 1
+}

From a6c21b6344d797183d60821511cb977b97d8c992 Mon Sep 17 00:00:00 2001
From: Christian Battaglini <christian.battaglini@fr.clara.net>
Date: Fri, 28 Feb 2025 16:55:38 +0100
Subject: [PATCH 2/8] detector-vpn-update

---
 modules/integration_aws-vpn/detectors-gen.tf | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/modules/integration_aws-vpn/detectors-gen.tf b/modules/integration_aws-vpn/detectors-gen.tf
index 3fad7fd00..67185e623 100644
--- a/modules/integration_aws-vpn/detectors-gen.tf
+++ b/modules/integration_aws-vpn/detectors-gen.tf
@@ -38,7 +38,7 @@ resource "signalfx_detector" "vpn_status" {
     base_filtering = filter('namespace', 'AWS/VPN') and filter('stat', 'mean') and filter('VpnId', '*')
     signal = data('TunnelState', filter=base_filtering and ${module.filtering.signalflow})${var.vpn_status_aggregation_function}${var.vpn_status_transformation_function}.publish('signal')
     detect(when(signal < ${var.vpn_status_threshold_critical}%{if var.vpn_status_lasting_duration_critical != null}, lasting='${var.vpn_status_lasting_duration_critical}', at_least=${var.vpn_status_at_least_percentage_critical}%{endif})).publish('CRIT')
-    detect(when(signal < ${var.vpn_status_threshold_major}%{if var.vpn_status_lasting_duration_major != null}, lasting='${var.vpn_status_lasting_duration_major}', at_least=${var.vpn_status_at_least_percentage_major}%{endif})).publish('MAJ')
+    detect(when(signal < ${var.vpn_status_threshold_major}%{if var.vpn_status_lasting_duration_major != null}, lasting='${var.vpn_status_lasting_duration_major}', at_least=${var.vpn_status_at_least_percentage_major}%{endif})).publish('MAJOR')
 EOF
 
   rule {

From ae2873eca5639488f1c6cc632d575337f0a4eca7 Mon Sep 17 00:00:00 2001
From: Christian Battaglini <christian.battaglini@fr.clara.net>
Date: Fri, 28 Feb 2025 18:18:17 +0100
Subject: [PATCH 3/8] detector-vpn-update

---
 modules/integration_aws-vpn/detectors-gen.tf | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/modules/integration_aws-vpn/detectors-gen.tf b/modules/integration_aws-vpn/detectors-gen.tf
index 67185e623..2df21912e 100644
--- a/modules/integration_aws-vpn/detectors-gen.tf
+++ b/modules/integration_aws-vpn/detectors-gen.tf
@@ -38,7 +38,7 @@ resource "signalfx_detector" "vpn_status" {
     base_filtering = filter('namespace', 'AWS/VPN') and filter('stat', 'mean') and filter('VpnId', '*')
     signal = data('TunnelState', filter=base_filtering and ${module.filtering.signalflow})${var.vpn_status_aggregation_function}${var.vpn_status_transformation_function}.publish('signal')
     detect(when(signal < ${var.vpn_status_threshold_critical}%{if var.vpn_status_lasting_duration_critical != null}, lasting='${var.vpn_status_lasting_duration_critical}', at_least=${var.vpn_status_at_least_percentage_critical}%{endif})).publish('CRIT')
-    detect(when(signal < ${var.vpn_status_threshold_major}%{if var.vpn_status_lasting_duration_major != null}, lasting='${var.vpn_status_lasting_duration_major}', at_least=${var.vpn_status_at_least_percentage_major}%{endif})).publish('MAJOR')
+    detect(when(signal < ${var.vpn_status_threshold_major}%{if var.vpn_status_lasting_duration_major != null}, lasting='${var.vpn_status_lasting_duration_major}', at_least=${var.vpn_status_at_least_percentage_major}%{endif}) and  (not when(signal < ${var.vpn_status_threshold_critical}%{if var.vpn_status_lasting_duration_critical != null}, lasting='${var.vpn_status_lasting_duration_critical}', at_least=${var.vpn_status_at_least_percentage_critical}%{endif} ))).publish('MAJOR')
 EOF
 
   rule {

From c2eb90f12b3757922ac5507d120430f2b3e49271 Mon Sep 17 00:00:00 2001
From: Christian Battaglini <christian.battaglini@fr.clara.net>
Date: Fri, 28 Feb 2025 18:38:30 +0100
Subject: [PATCH 4/8] detector-vpn-update

---
 modules/integration_aws-vpn/variables-gen.tf | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/modules/integration_aws-vpn/variables-gen.tf b/modules/integration_aws-vpn/variables-gen.tf
index 2815a9c41..df762508f 100644
--- a/modules/integration_aws-vpn/variables-gen.tf
+++ b/modules/integration_aws-vpn/variables-gen.tf
@@ -95,7 +95,7 @@ variable "vpn_status_disabled" {
 variable "vpn_status_threshold_critical" {
   description = "Critical threshold for vpn_status detector"
   type        = number
-  default     = 1
+  default     = 0.5 
 }
 
 variable "vpn_status_lasting_duration_critical" {

From c547c14790bc0f84d5275fd1b6a3bde38388b095 Mon Sep 17 00:00:00 2001
From: Christian Battaglini <christian.battaglini@fr.clara.net>
Date: Tue, 4 Mar 2025 10:47:04 +0100
Subject: [PATCH 5/8] fix : fmt detector-vpn-update

---
 modules/integration_aws-vpn/variables-gen.tf | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/modules/integration_aws-vpn/variables-gen.tf b/modules/integration_aws-vpn/variables-gen.tf
index df762508f..28a454063 100644
--- a/modules/integration_aws-vpn/variables-gen.tf
+++ b/modules/integration_aws-vpn/variables-gen.tf
@@ -95,7 +95,7 @@ variable "vpn_status_disabled" {
 variable "vpn_status_threshold_critical" {
   description = "Critical threshold for vpn_status detector"
   type        = number
-  default     = 0.5 
+  default     = 0.5
 }
 
 variable "vpn_status_lasting_duration_critical" {

From 00b6aff5d2bd9d64c3b95b7a273fd5b165285533 Mon Sep 17 00:00:00 2001
From: Christian Battaglini <christian.battaglini@fr.clara.net>
Date: Tue, 4 Mar 2025 10:56:45 +0100
Subject: [PATCH 6/8] fix : readme detector-vpn-update

---
 modules/integration_aws-vpn/README.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/modules/integration_aws-vpn/README.md b/modules/integration_aws-vpn/README.md
index 40d8b8c99..af8ab25ad 100644
--- a/modules/integration_aws-vpn/README.md
+++ b/modules/integration_aws-vpn/README.md
@@ -76,7 +76,7 @@ This module creates the following SignalFx detectors which could contain one or
 |Detector|Critical|Major|Minor|Warning|Info|
 |---|---|---|---|---|---|
 |AWS VPN heartbeat|X|-|-|-|-|
-|AWS VPN tunnel state|X|-|-|-|-|
+|AWS VPN tunnel state|X|X|-|-|-|
 
 ## How to collect required metrics?
 

From 0b4627981d1b359026c2951a5e1bce81e23f22eb Mon Sep 17 00:00:00 2001
From: Christian Battaglini <christian.battaglini@fr.clara.net>
Date: Tue, 4 Mar 2025 12:37:34 +0100
Subject: [PATCH 7/8] fix : detector-vpn-update

---
 modules/integration_aws-vpn/detectors-gen.tf | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/modules/integration_aws-vpn/detectors-gen.tf b/modules/integration_aws-vpn/detectors-gen.tf
index 2df21912e..ff777c1e5 100644
--- a/modules/integration_aws-vpn/detectors-gen.tf
+++ b/modules/integration_aws-vpn/detectors-gen.tf
@@ -45,7 +45,7 @@ EOF
     description           = "is too low < ${var.vpn_status_threshold_major}"
     severity              = "Major"
     detect_label          = "MAJOR"
-    disabled              = coalesce(var.vpn_status_disabled, var.detectors_disabled)
+    disabled              = coalesce(var.vpn_status_disabled_major, var.vpn_status_disabled, var.detectors_disabled)
     notifications         = try(coalescelist(lookup(var.vpn_status_notifications, "major", []), var.notifications.major), null)
     runbook_url           = try(coalesce(var.vpn_status_runbook_url, var.runbook_url), "")
     tip                   = var.vpn_status_tip
@@ -57,7 +57,7 @@ EOF
     description           = "is too low < ${var.vpn_status_threshold_critical}"
     severity              = "Critical"
     detect_label          = "CRIT"
-    disabled              = coalesce(var.vpn_status_disabled, var.detectors_disabled)
+    disabled              = coalesce(var.vpn_status_disabled_critical, var.vpn_status_disabled, var.detectors_disabled)
     notifications         = try(coalescelist(lookup(var.vpn_status_notifications, "critical", []), var.notifications.critical), null)
     runbook_url           = try(coalesce(var.vpn_status_runbook_url, var.runbook_url), "")
     tip                   = var.vpn_status_tip

From e5e98c619eac450a5b9d06574a8996da8ea49187 Mon Sep 17 00:00:00 2001
From: Christian Battaglini <christian.battaglini@fr.clara.net>
Date: Thu, 13 Mar 2025 12:08:42 +0100
Subject: [PATCH 8/8] fix: add variables for major

---
 modules/integration_aws-vpn/variables-gen.tf | 33 +++++++++++++-------
 1 file changed, 22 insertions(+), 11 deletions(-)

diff --git a/modules/integration_aws-vpn/variables-gen.tf b/modules/integration_aws-vpn/variables-gen.tf
index 28a454063..3f64f222a 100644
--- a/modules/integration_aws-vpn/variables-gen.tf
+++ b/modules/integration_aws-vpn/variables-gen.tf
@@ -92,37 +92,48 @@ variable "vpn_status_disabled" {
   default     = null
 }
 
-variable "vpn_status_threshold_critical" {
-  description = "Critical threshold for vpn_status detector"
+variable "vpn_status_disabled_major" {
+  description = "Disable major alerting rule for vpn_status detector"
+  type        = bool
+  default     = null
+}
+
+variable "vpn_status_disabled_critical" {
+  description = "Disable critical alerting rule for vpn_status detector"
+  type        = bool
+  default     = null
+}
+
+variable "vpn_status_threshold_major" {
+  description = "Major threshold for vpn_status detector"
   type        = number
-  default     = 0.5
+  default     = 1
 }
 
-variable "vpn_status_lasting_duration_critical" {
+variable "vpn_status_lasting_duration_major" {
   description = "Minimum duration that conditions must be true before raising alert"
   type        = string
   default     = null
 }
 
-variable "vpn_status_at_least_percentage_critical" {
+variable "vpn_status_at_least_percentage_major" {
   description = "Percentage of lasting that conditions must be true before raising alert (>= 0.0 and <= 1.0)"
   type        = number
   default     = 1
 }
-
-variable "vpn_status_threshold_major" {
-  description = "Major threshold for vpn_status detector"
+variable "vpn_status_threshold_critical" {
+  description = "Critical threshold for vpn_status detector"
   type        = number
-  default     = 1
+  default     = 0.5
 }
 
-variable "vpn_status_lasting_duration_major" {
+variable "vpn_status_lasting_duration_critical" {
   description = "Minimum duration that conditions must be true before raising alert"
   type        = string
   default     = null
 }
 
-variable "vpn_status_at_least_percentage_major" {
+variable "vpn_status_at_least_percentage_critical" {
   description = "Percentage of lasting that conditions must be true before raising alert (>= 0.0 and <= 1.0)"
   type        = number
   default     = 1