AWS Observability Accelerator for Terraform
Welcome to the AWS Observability Accelerator for Terraform!
The AWS Observability accelerator for Terraform is a set of modules to help you configure Observability for your Amazon EKS clusters with AWS Observability services. This project proposes a core module to bootstrap your cluster with the AWS Distro for OpenTelemetry (ADOT) Operator for EKS, Amazon Managed Service for Prometheus, Amazon Managed Grafana. Additionally we have a set of workloads modules to leverage curated ADOT collector configurations, Grafana dashboards, Prometheus recording rules and alerts.
Documentation
To explore the complete project documentation, please visit our documentation site.
Getting started
To quickstart with a complete workflow and view Amazon EKS infrastructure dashboards, visit the Amazon EKS cluster monitoring documentation
How it works
The sections below demonstrate how you can leverage AWS Observability Accelerator to enable monitoring to an existing EKS cluster.
Base Module
The base module allows you to configure the AWS Observability services for your cluster and the AWS Distro for OpenTelemetry (ADOT) Operator as the signals collection mechanism.
This is the minimum configuration to have a new Amazon Managed Service for Prometheus Workspace and ADOT Operator deployed for you and ready to receive your data. The base module serve as an anchor to the workload modules and cannot run on its own.
module "eks_observability_accelerator" {
# use release tags and check for the latest versions
# https://github.com/aws-observability/terraform-aws-observability-accelerator/releases
source = "github.com/aws-observability/terraform-aws-observability-accelerator?ref=v1.6.1"
aws_region = "eu-west-1"
eks_cluster_id = "my-eks-cluster"
# As Grafana shares a different lifecycle, it's best to use an existing workspace.
managed_grafana_workspace_id = var.managed_grafana_workspace_id
grafana_api_key = var.grafana_api_key
}You can optionally reuse an existing Amazon Managed Servce for Prometheus Workspace:
module "eks_observability_accelerator" {
# use release tags and check for the latest versions
# https://github.com/aws-observability/terraform-aws-observability-accelerator/releases
source = "github.com/aws-observability/terraform-aws-observability-accelerator?ref=v1.6.1"
aws_region = "eu-west-1"
eks_cluster_id = "my-eks-cluster"
# prevents creation of a new Amazon Managed Prometheus workspace
enable_managed_prometheus = false
# reusing existing Amazon Managed Prometheus Workspace
managed_prometheus_workspace_id = "ws-abcd123..."
managed_grafana_workspace_id = "g-abcdef123"
grafana_api_key = var.grafana_api_key
}View all the configuration options in the module documentation below.
Workload modules
Workloads modules are provided, which essentially provide curated metrics collection, alerting rule and Grafana dashboards.
Infrastructure monitoring
module "workloads_infra" {
source = "aws-observability/terraform-aws-observability-accelerator/workloads/infra"
eks_cluster_id = module.eks_observability_accelerator.eks_cluster_id
dashboards_folder_id = module.eks_observability_accelerator.grafana_dashboards_folder_id
managed_prometheus_workspace_id = module.eks_observability_accelerator.managed_prometheus_workspace_id
managed_prometheus_workspace_endpoint = module.eks_observability_accelerator.managed_prometheus_workspace_endpoint
managed_prometheus_workspace_region = module.eks_observability_accelerator.managed_prometheus_workspace_region
}Grafana Dashboards
Check the the complete example
Motivation
Kubernetes is a powerful and extensible container orchestration technology that allows you to deploy and manage containerized applications at scale. The extensible nature of Kubernetes also allows you to use a wide range of popular open-source tools, commonly referred to as add-ons, in Kubernetes clusters. With such a large number of tools and design choices available, building a tailored EKS cluster that meets your application’s specific needs can take a significant amount of time. It involves integrating a wide range of open-source tools and AWS services and requires deep expertise in AWS and Kubernetes.
AWS customers have asked for examples that demonstrate how to integrate the landscape of Kubernetes tools and make it easy for them to provision complete, opinionated EKS clusters that meet specific application requirements. Customers can use AWS Observability Accelerator to configure and deploy purpose built EKS clusters, and start onboarding workloads in days, rather than months.
Support & Feedback
AWS Observability Accelerator for Terraform is maintained by AWS Solution Architects. It is not part of an AWS service and support is provided best-effort by the AWS Observability Accelerator community.
To post feedback, submit feature ideas, or report bugs, please use the Issues section of this GitHub repo.
If you are interested in contributing, see the Contribution guide.
Requirements
| Name | Version |
|---|---|
| terraform | >= 1.1.0 |
| aws | >= 4.0.0 |
| awscc | >= 0.24.0 |
| grafana | 1.25.0 |
Providers
| Name | Version |
|---|---|
| aws | >= 4.0.0 |
| grafana | 1.25.0 |
Modules
| Name | Source | Version |
|---|---|---|
| managed_grafana | terraform-aws-modules/managed-service-grafana/aws | ~> 1.3 |
| operator | ./modules/add-ons/adot-operator | n/a |
Resources
| Name | Type |
|---|---|
| aws_prometheus_alert_manager_definition.this | resource |
| aws_prometheus_workspace.this | resource |
| grafana_data_source.amp | resource |
| grafana_folder.this | resource |
| aws_caller_identity.current | data source |
| aws_eks_cluster.eks_cluster | data source |
| aws_grafana_workspace.this | data source |
| aws_partition.current | data source |
| aws_region.current | data source |
Inputs
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| aws_region | AWS Region | string |
n/a | yes |
| eks_cluster_id | Name of the EKS cluster | string |
n/a | yes |
| enable_alertmanager | Creates Amazon Managed Service for Prometheus AlertManager for all workloads | bool |
false |
no |
| enable_amazon_eks_adot | Enables the ADOT Operator on the EKS Cluster | bool |
true |
no |
| enable_cert_manager | Allow reusing an existing installation of cert-manager | bool |
true |
no |
| enable_managed_grafana | Creates a new Amazon Managed Grafana Workspace | bool |
true |
no |
| enable_managed_prometheus | Creates a new Amazon Managed Service for Prometheus Workspace | bool |
true |
no |
| grafana_api_key | Grafana API key for the Amazon Managed Grafana workspace | string |
n/a | yes |
| irsa_iam_permissions_boundary | IAM permissions boundary for IRSA roles | string |
null |
no |
| irsa_iam_role_path | IAM role path for IRSA roles | string |
"/" |
no |
| managed_grafana_workspace_id | Amazon Managed Grafana Workspace ID | string |
"" |
no |
| managed_prometheus_workspace_id | Amazon Managed Service for Prometheus Workspace ID | string |
"" |
no |
| managed_prometheus_workspace_region | Region where Amazon Managed Service for Prometheus is deployed | string |
null |
no |
| tags | Additional tags (e.g. map('BusinessUnit,XYZ) |
map(string) |
{} |
no |
Outputs
| Name | Description |
|---|---|
| aws_region | AWS Region |
| eks_cluster_id | EKS Cluster Id |
| eks_cluster_version | EKS Cluster version |
| grafana_dashboards_folder_id | Grafana folder ID for automatic dashboards. Required by workload modules |
| managed_grafana_workspace_endpoint | Amazon Managed Grafana workspace endpoint |
| managed_grafana_workspace_id | Amazon Managed Grafana workspace ID |
| managed_prometheus_workspace_endpoint | Amazon Managed Prometheus workspace endpoint |
| managed_prometheus_workspace_id | Amazon Managed Prometheus workspace ID |
| managed_prometheus_workspace_region | Amazon Managed Prometheus workspace region |
Contributing
See CONTRIBUTING for more information.
License
Apache-2.0 Licensed. See LICENSE.