diff --git a/infrastructure/terraform/components/app/README.md b/infrastructure/terraform/components/app/README.md
index c2cf76f74..0628ab61e 100644
--- a/infrastructure/terraform/components/app/README.md
+++ b/infrastructure/terraform/components/app/README.md
@@ -31,8 +31,12 @@
| [enable\_amplify\_branch\_auto\_build](#input\_enable\_amplify\_branch\_auto\_build) | Enable automatic building of branches | `bool` | `false` | no |
| [enable\_api\_data\_trace](#input\_enable\_api\_data\_trace) | Enable API Gateway data trace logging | `bool` | `false` | no |
| [enable\_cognito\_built\_in\_idp](#input\_enable\_cognito\_built\_in\_idp) | Enable the use of Cognito as an IDP; CIS2 is preferred | `bool` | `false` | no |
+| [enable\_event\_anomaly\_detection](#input\_enable\_event\_anomaly\_detection) | Enable CloudWatch anomaly detection alarm for SNS message publishing. Detects abnormal drops or spikes in event publishing volume. | `bool` | `true` | no |
| [enable\_event\_caching](#input\_enable\_event\_caching) | Enable caching of events to an S3 bucket | `bool` | `true` | no |
| [environment](#input\_environment) | The name of the tfscaffold environment | `string` | n/a | yes |
+| [event\_anomaly\_band\_width](#input\_event\_anomaly\_band\_width) | The width of the anomaly detection band. Higher values (e.g. 4-6) reduce sensitivity and noise, lower values (e.g. 2-3) increase sensitivity. Recommended: 2-4. | `number` | `5` | no |
+| [event\_anomaly\_evaluation\_periods](#input\_event\_anomaly\_evaluation\_periods) | Number of evaluation periods for the publishing anomaly alarm. Each period is defined by event\_anomaly\_period. | `number` | `3` | no |
+| [event\_anomaly\_period](#input\_event\_anomaly\_period) | The period in seconds over which the specified statistic is applied for anomaly detection. Minimum 300 seconds (5 minutes). Recommended: 300-600. | `number` | `300` | no |
| [event\_delivery\_logging](#input\_event\_delivery\_logging) | Enable SNS Event Delivery logging | `bool` | `true` | no |
| [event\_delivery\_logging\_success\_sample\_percentage](#input\_event\_delivery\_logging\_success\_sample\_percentage) | Enable caching of events to an S3 bucket | `number` | `0` | no |
| [external\_email\_domain](#input\_external\_email\_domain) | Externally managed domain used to create an SES identity for sending emails from. Validation DNS records will need to be manually configured in the DNS provider. | `string` | `null` | no |
@@ -53,7 +57,7 @@
| [amplify\_branch](#module\_amplify\_branch) | https://github.com/NHSDigital/nhs-notify-shared-modules/releases/download/v2.0.20/terraform-amp_branch.zip | n/a |
| [backend\_api](#module\_backend\_api) | ../../modules/backend-api | n/a |
| [download\_authorizer\_lambda](#module\_download\_authorizer\_lambda) | https://github.com/NHSDigital/nhs-notify-shared-modules/releases/download/v2.0.29/terraform-lambda.zip | n/a |
-| [eventpub](#module\_eventpub) | https://github.com/NHSDigital/nhs-notify-shared-modules/releases/download/3.0.4/terraform-eventpub.zip | n/a |
+| [eventpub](#module\_eventpub) | https://github.com/NHSDigital/nhs-notify-shared-modules/releases/download/3.0.6/terraform-eventpub.zip | n/a |
| [kms](#module\_kms) | https://github.com/NHSDigital/nhs-notify-shared-modules/releases/download/v2.0.20/terraform-kms.zip | n/a |
| [kms\_us\_east\_1](#module\_kms\_us\_east\_1) | https://github.com/NHSDigital/nhs-notify-shared-modules/releases/download/v2.0.20/terraform-kms.zip | n/a |
| [nhse\_backup\_vault](#module\_nhse\_backup\_vault) | https://github.com/NHSDigital/nhs-notify-shared-modules/releases/download/v2.0.25/terraform-aws-backup-source.zip | n/a |
diff --git a/infrastructure/terraform/components/app/module_eventpub.tf b/infrastructure/terraform/components/app/module_eventpub.tf
index 858fe8807..1c60d1060 100644
--- a/infrastructure/terraform/components/app/module_eventpub.tf
+++ b/infrastructure/terraform/components/app/module_eventpub.tf
@@ -1,6 +1,7 @@
module "eventpub" {
- source = "https://github.com/NHSDigital/nhs-notify-shared-modules/releases/download/3.0.4/terraform-eventpub.zip"
- name = "eventpub"
+ source = "https://github.com/NHSDigital/nhs-notify-shared-modules/releases/download/3.0.6/terraform-eventpub.zip"
+
+ name = "eventpub"
aws_account_id = var.aws_account_id
component = var.component
@@ -16,9 +17,14 @@ module "eventpub" {
enable_sns_delivery_logging = var.event_delivery_logging
sns_success_logging_sample_percent = var.event_delivery_logging_success_sample_percentage
+ access_logging_bucket = local.acct.s3_buckets["access_logs"]["id"]
data_plane_bus_arn = var.data_plane_bus_arn
control_plane_bus_arn = var.control_plane_bus_arn
- access_logging_bucket = local.acct.s3_buckets["access_logs"]["id"]
+ # CloudWatch Anomaly Detection for publishing
+ enable_event_anomaly_detection = var.enable_event_anomaly_detection
+ event_anomaly_band_width = var.event_anomaly_band_width
+ event_anomaly_evaluation_periods = var.event_anomaly_evaluation_periods
+ event_anomaly_period = var.event_anomaly_period
}
diff --git a/infrastructure/terraform/components/app/variables.tf b/infrastructure/terraform/components/app/variables.tf
index 798032cb6..d9d2ec19c 100644
--- a/infrastructure/terraform/components/app/variables.tf
+++ b/infrastructure/terraform/components/app/variables.tf
@@ -225,3 +225,27 @@ variable "container_image_tag_suffix" {
description = "Suffix used for container/image based Lambda image tags"
default = "latest"
}
+
+variable "enable_event_anomaly_detection" {
+ type = bool
+ description = "Enable CloudWatch anomaly detection alarm for SNS message publishing. Detects abnormal drops or spikes in event publishing volume."
+ default = true
+}
+
+variable "event_anomaly_evaluation_periods" {
+ type = number
+ description = "Number of evaluation periods for the publishing anomaly alarm. Each period is defined by event_anomaly_period."
+ default = 3
+}
+
+variable "event_anomaly_period" {
+ type = number
+ description = "The period in seconds over which the specified statistic is applied for anomaly detection. Minimum 300 seconds (5 minutes). Recommended: 300-600."
+ default = 300
+}
+
+variable "event_anomaly_band_width" {
+ type = number
+ description = "The width of the anomaly detection band. Higher values (e.g. 4-6) reduce sensitivity and noise, lower values (e.g. 2-3) increase sensitivity. Recommended: 2-4."
+ default = 5
+}
diff --git a/infrastructure/terraform/components/sbx/README.md b/infrastructure/terraform/components/sbx/README.md
index 2596ffca7..216eae80c 100644
--- a/infrastructure/terraform/components/sbx/README.md
+++ b/infrastructure/terraform/components/sbx/README.md
@@ -29,7 +29,7 @@
|------|--------|---------|
| [backend\_api](#module\_backend\_api) | ../../modules/backend-api | n/a |
| [cognito\_triggers](#module\_cognito\_triggers) | ../../modules/cognito-triggers | n/a |
-| [eventpub](#module\_eventpub) | https://github.com/NHSDigital/nhs-notify-shared-modules/releases/download/3.0.4/terraform-eventpub.zip | n/a |
+| [eventpub](#module\_eventpub) | https://github.com/NHSDigital/nhs-notify-shared-modules/releases/download/3.0.6/terraform-eventpub.zip | n/a |
## Outputs
| Name | Description |
diff --git a/infrastructure/terraform/components/sbx/module_eventpub.tf b/infrastructure/terraform/components/sbx/module_eventpub.tf
index acda7ed28..a8b2ab609 100644
--- a/infrastructure/terraform/components/sbx/module_eventpub.tf
+++ b/infrastructure/terraform/components/sbx/module_eventpub.tf
@@ -1,5 +1,5 @@
module "eventpub" {
- source = "https://github.com/NHSDigital/nhs-notify-shared-modules/releases/download/3.0.4/terraform-eventpub.zip"
+ source = "https://github.com/NHSDigital/nhs-notify-shared-modules/releases/download/3.0.6/terraform-eventpub.zip"
name = "eventpub"