groups:

- name: EmbeddedExporter

  rules:

    - alert: VaultSealed
      expr: 'vault_core_unsealed == 0'
      for: 0m
      labels:
        severity: critical
      annotations:
        summary: Vault sealed (instance {{ $labels.instance }})
        description: "Vault instance is sealed on {{ $labels.instance }}\n  VALUE = {{ $value }}\n  LABELS = {{ $labels }}"

    - alert: VaultTooManyPendingTokens
      expr: 'avg(vault_token_create_count - vault_token_store_count) > 0'
      for: 5m
      labels:
        severity: warning
      annotations:
        summary: Vault too many pending tokens (instance {{ $labels.instance }})
        description: "Too many pending tokens {{ $labels.instance }}: {{ $value | printf \"%.2f\"}}%\n  VALUE = {{ $value }}\n  LABELS = {{ $labels }}"

    - alert: VaultTooManyInfinityTokens
      expr: 'vault_token_count_by_ttl{creation_ttl="+Inf"} > 3'
      for: 5m
      labels:
        severity: warning
      annotations:
        summary: Vault too many infinity tokens (instance {{ $labels.instance }})
        description: "Too many infinity tokens {{ $labels.instance }}: {{ $value | printf \"%.2f\"}}%\n  VALUE = {{ $value }}\n  LABELS = {{ $labels }}"

    - alert: VaultClusterHealth
      expr: 'sum(vault_core_active) / count(vault_core_active) <= 0.5'
      for: 0m
      labels:
        severity: critical
      annotations:
        summary: Vault cluster health (instance {{ $labels.instance }})
        description: "Vault cluster is not healthy {{ $labels.instance }}: {{ $value | printf \"%.2f\"}}%\n  VALUE = {{ $value }}\n  LABELS = {{ $labels }}"