Skip to content

Terraform repository used to deploy and manage a Cloud Intelligence framework

License

Notifications You must be signed in to change notification settings

appvia/terraform-aws-cudos

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Appvia Banner

Terraform Registry Latest Release Slack Community Contributors

Github Actions

Terraform AWS Cloud Intelligence Dashboards

CUDOS

Description

The purpose of this module is to deploy the AWS Cloud Intelligence Dashboards (CUDOS) framework. The framework is a collection of dashboards that provide insights into your AWS environment. The dashboards are built using AWS QuickSight and are designed to provide insights into your AWS environment.

Usage

Add example usage here

module "cudos_framework" {
  source = "../.."

  dashbords_bucket_name              = var.dashboard_bucket_name
  enable_compute_optimizer_dashboard = true
  enable_cost_intelligence_dashboard = true
  enable_cudos_dashboard             = true
  enable_cudos_v5_dashboard          = true
  enable_kpi_dashboard               = true
  enable_sso                         = true
  enable_tao_dashboard               = false
  saml_metadata                      = file("${path.module}/assets/saml-metadata.xml")
  quicksights_username               = var.quicksights_username
  tags                               = var.tags

  providers = {
    aws.management              = aws.management
    aws.management_us_east_1    = aws.management_us_east_1
    aws.cost_analysis           = aws.cost_analysis
    aws.cost_analysis_us_east_1 = aws.cost_analysis_us_east_1
  }
}

Deployment Architecture

The following is taken from the Cloud Intelligence Dashboards framework, and depicts the deployment architecture:

Deployment Architecture

References

Upgrading the dashboards

Due to the level of customization that can be done with the dashboards, it is recommended to follow the official documentation to upgrade the dashboards. The following steps are a general guide to upgrade the dashboards:

  1. Download the latest version of cid-cmd, the instructions can be found here
  2. Run the cic-cmd command to upgrade the dashboards, selecting each of the dashboards that you want to upgrade.
  3. Pay attention the Athena views, ensuring any customizations are not overwritten.

Update Documentation

The terraform-docs utility is used to generate this README. Follow the below steps to update:

  1. Make changes to the .terraform-docs.yml file
  2. Fetch the terraform-docs binary (https://terraform-docs.io/user-guide/installation/)
  3. Run terraform-docs markdown table --output-file ${PWD}/README.md --output-mode inject .account

Enable Cora Data Exports

To enable the Cora Data Exports, please see https://catalog.workshops.aws/awscid/en-US/dashboards/additional/cora for more information, you simply have to enable the var.enable_cora_data_exports. This will deploy an additional cloudformation with the management account.

Providers

Name Version
aws ~> 5.0
aws.cost_analysis ~> 5.0
aws.management ~> 5.0

Inputs

Name Description Type Default Required
dashboards_bucket_name The name of the bucket to store the dashboards configurations string n/a yes
tags Tags to apply to all resources map(string) n/a yes
additional_payer_accounts List of additional payer accounts to be included in the collectors module list(string) [] no
enable_backup_module Indicates if the Backup module should be enabled bool true no
enable_budgets_module Indicates if the Budget module should be enabled bool true no
enable_compute_optimizer_dashboard Indicates if the Compute Optimizer dashboard should be enabled bool true no
enable_compute_optimizer_module Indicates if the Compute Optimizer module should be enabled bool true no
enable_cora_data_exports Indicates if the CORA Data Exports module should be enabled bool false no
enable_cost_anomaly_module Indicates if the Cost Anomaly module should be enabled bool true no
enable_cost_intelligence_dashboard Indicates if the Cost Intelligence dashboard should be enabled bool true no
enable_cudos_dashboard Indicates if the CUDOS dashboard should be enabled bool false no
enable_cudos_v5_dashboard Indicates if the CUDOS V5 framework should be enabled bool true no
enable_ecs_chargeback_module Indicates if the ECS Chargeback module should be enabled bool false no
enable_health_events Indicates if the Health Events module should be enabled bool true no
enable_inventory_module Indicates if the Inventory module should be enabled bool true no
enable_kpi_dashboard Indicates if the KPI dashboard should be enabled bool true no
enable_license_manager_module Indicates if the License Manager module should be enabled bool false no
enable_org_data_module Indicates if the Organization Data module should be enabled bool true no
enable_prerequisites_quicksight Indicates if the prerequisites for QuickSight should be enabled bool true no
enable_prerequisites_quicksight_permissions Indicates if the prerequisites for QuickSight permissions should be enabled bool true no
enable_quicksight_subscription Enable QuickSight subscription bool false no
enable_rds_utilization_module Indicates if the RDS Utilization module should be enabled bool true no
enable_rightsizing_module Indicates if the Rightsizing module should be enabled bool true no
enable_scad Indicates if the SCAD module should be enabled, only available when Cora enabled bool false no
enable_sso Enable integration with identity center for QuickSight bool true no
enable_tao_dashboard Indicates if the TAO dashboard should be enabled bool false no
enable_tao_module Indicates if the TAO module should be enabled bool true no
enable_transit_gateway_module Indicates if the Transit Gateway module should be enabled bool true no
quicksight_groups Map of groups with user membership to be added to QuickSight
map(object({
description = optional(string)
namespace = optional(string)
members = optional(list(string), [])
}))
{} no
quicksight_subscription_account_name The account name for the QuickSight quicksight_subscription edition string null no
quicksight_subscription_authentication_method The identity for the QuickSight quicksight_subscription edition string "IAM_AND_QUICKSIGHT" no
quicksight_subscription_edition The edition for the QuickSight quicksight_subscription string "ENTERPRISE" no
quicksight_subscription_email The email address for the QuickSight quicksight_subscription edition string null no
quicksight_users Map of user accounts to be registered in QuickSight
map(object({
identity_type = optional(string, "IAM")
namespace = optional(string, "default")
role = optional(string, "READER")
}))
{} no
quicksights_username The username for the QuickSight user string "admin" no
saml_metadata The configuration for the SAML identity provider string null no
stack_name_cloud_intelligence The name of the CloudFormation stack to create the dashboards string "CI-Cloud-Intelligence-Dashboards" no
stack_name_collectors The name of the CloudFormation stack to create the collectors string "CidDataCollectionStack" no
stack_name_cora_data_exports_destination The name of the CloudFormation stack to create the CORA Data Exports string "CidCoraCoraDataExportsDestinationStack" no
stack_name_cora_data_exports_source The name of the CloudFormation stack to create the CORA Data Exports string "CidCoraCoraDataExportsSourceStack" no
stack_name_read_permissions The name of the CloudFormation stack to create the collectors string "CidDataCollectionReadPermissionsStack" no
stacks_bucket_name The name of the bucket to store the CloudFormation templates string "cid-cloudformation-templates" no

Outputs

Name Description
cloudformation_bucket_arn The ARN of the bucket to store the CloudFormation templates
cloudformation_bucket_name The name of the bucket to store the CloudFormation templates
cloudformation_bucket_short_url The domain name of the bucket to store the CloudFormation templates
cloudformation_bucket_website_url The URL for the bucket to store the CloudFormation templates
destination_account_id The account ID of the destination bucket
destination_bucket_arn The ARN of the destination bucket
destination_bucket_name The name of the destination bucket
destination_bucket_short_url The domain name of the destination bucket
destination_bucket_website_url The URL for the destination bucket
source_account_id The account ID of the source account i.e. the management account