From 1de06bb1990ce44f28d6513153b6334fa3b589db Mon Sep 17 00:00:00 2001 From: Gary H <26419401+Gary-H9@users.noreply.github.com> Date: Wed, 9 Oct 2024 13:26:07 +0000 Subject: [PATCH 01/23] :wrench: Add Athena Data Source --- .../environment-configurations.tf | 20 +++++++++++++++++++ .../modules/grafana/athena-source/main.tf | 19 ++++++++++++++++++ .../grafana/athena-source/providers.tf | 9 +++++++++ .../grafana/athena-source/variables.tf | 16 +++++++++++++++ .../modules/grafana/team/variables.tf | 3 +++ .../tenant-configuration/main.tf | 11 ++++++++++ .../tenant-configuration/variables.tf | 2 ++ 7 files changed, 80 insertions(+) create mode 100644 terraform/environments/observability-platform/modules/grafana/athena-source/main.tf create mode 100644 terraform/environments/observability-platform/modules/grafana/athena-source/providers.tf create mode 100644 terraform/environments/observability-platform/modules/grafana/athena-source/variables.tf diff --git a/terraform/environments/observability-platform/environment-configurations.tf b/terraform/environments/observability-platform/environment-configurations.tf index b3413d34e24..3c71c1f3e85 100644 --- a/terraform/environments/observability-platform/environment-configurations.tf +++ b/terraform/environments/observability-platform/environment-configurations.tf @@ -13,6 +13,7 @@ locals { prometheus_push_enabled = false amazon_prometheus_query_enabled = false xray_enabled = true + athena_enabled = false } } }, @@ -24,6 +25,7 @@ locals { prometheus_push_enabled = false amazon_prometheus_query_enabled = false xray_enabled = true + athena_enabled = false }, "analytical-platform-compute-development" = { cloudwatch_enabled = true @@ -31,6 +33,7 @@ locals { amazon_prometheus_query_enabled = true amazon_prometheus_workspace_id = "ws-bfdd5d7a-5571-4686-bfd4-43ab07cf8d54ba" xray_enabled = true + athena_enabled = false }, "analytical-platform-compute-test" = { cloudwatch_enabled = true @@ -38,6 +41,7 @@ locals { amazon_prometheus_query_enabled = true amazon_prometheus_workspace_id = "ws-a9d7f576-58b7-4748-b4c1-b02bbdc54a2922" xray_enabled = true + athena_enabled = false } } }, @@ -49,6 +53,7 @@ locals { prometheus_push_enabled = false amazon_prometheus_query_enabled = false xray_enabled = false + athena_enabled = false } } }, @@ -60,18 +65,21 @@ locals { prometheus_push_enabled = false amazon_prometheus_query_enabled = false xray_enabled = false + athena_enabled = false }, "digital-prison-reporting-preproduction" = { cloudwatch_enabled = true prometheus_push_enabled = false amazon_prometheus_query_enabled = false xray_enabled = false + athena_enabled = false }, "digital-prison-reporting-test" = { cloudwatch_enabled = true prometheus_push_enabled = false amazon_prometheus_query_enabled = false xray_enabled = false + athena_enabled = false } } }, @@ -83,12 +91,14 @@ locals { prometheus_push_enabled = false amazon_prometheus_query_enabled = false xray_enabled = false + athena_enabled = false } "oasys-test" = { cloudwatch_enabled = true prometheus_push_enabled = false amazon_prometheus_query_enabled = false xray_enabled = false + athena_enabled = false } } } @@ -107,6 +117,7 @@ locals { prometheus_push_enabled = false amazon_prometheus_query_enabled = false xray_enabled = true + athena_enabled = false } } }, @@ -118,6 +129,7 @@ locals { prometheus_push_enabled = false amazon_prometheus_query_enabled = false xray_enabled = true + athena_enabled = false }, "analytical-platform-compute-production" = { cloudwatch_enabled = true @@ -125,6 +137,7 @@ locals { amazon_prometheus_query_enabled = true amazon_prometheus_workspace_id = "ws-257796b7-4aa4-4c18-b906-6dd21e95d7b73e" xray_enabled = true + athena_enabled = false }, "analytical-platform-production" = { cloudwatch_enabled = true @@ -132,6 +145,7 @@ locals { amazon_prometheus_query_enabled = true amazon_prometheus_workspace_id = "ws-a7b353be-244a-47e7-8054-436b41c050d932" xray_enabled = false + athena_enabled = false } } }, @@ -143,6 +157,7 @@ locals { prometheus_push_enabled = false amazon_prometheus_query_enabled = false xray_enabled = false + athena_enabled = false } } }, @@ -155,30 +170,35 @@ locals { prometheus_push_enabled = false amazon_prometheus_query_enabled = false xray_enabled = false + athena_enabled = false }, "core-logging-production" = { cloudwatch_enabled = true prometheus_push_enabled = false amazon_prometheus_query_enabled = false xray_enabled = false + athena_enabled = true }, "core-security-production" = { cloudwatch_enabled = true prometheus_push_enabled = false amazon_prometheus_query_enabled = false xray_enabled = false + athena_enabled = false }, "core-shared-services-production" = { cloudwatch_enabled = true prometheus_push_enabled = false amazon_prometheus_query_enabled = false xray_enabled = false + athena_enabled = false }, "core-vpc-production" = { cloudwatch_enabled = true prometheus_push_enabled = false amazon_prometheus_query_enabled = false xray_enabled = false + athena_enabled = false } } } diff --git a/terraform/environments/observability-platform/modules/grafana/athena-source/main.tf b/terraform/environments/observability-platform/modules/grafana/athena-source/main.tf new file mode 100644 index 00000000000..73c09047dfe --- /dev/null +++ b/terraform/environments/observability-platform/modules/grafana/athena-source/main.tf @@ -0,0 +1,19 @@ +locals { + name = "${var.name}-athena" +} +data "grafana_data_source" "this" { + count = var.athena_enabled ? 1 : 0 + name = "${var.name}-athena" +} +resource "grafana_data_source" "this" { + type = "athena" + name = local.name + json_data_encoded = jsonencode({ + defaultRegion = "eu-west-2" + authType = "ec2_iam_role" + assumeRoleArn = "arn:aws:iam::${var.account_id}:role/observability-platform" + externalId = var.name + database = var.athena_database + workgroup = var.athena_workgroup + }) +} diff --git a/terraform/environments/observability-platform/modules/grafana/athena-source/providers.tf b/terraform/environments/observability-platform/modules/grafana/athena-source/providers.tf new file mode 100644 index 00000000000..516d493291f --- /dev/null +++ b/terraform/environments/observability-platform/modules/grafana/athena-source/providers.tf @@ -0,0 +1,9 @@ +terraform { + required_providers { + grafana = { + source = "grafana/grafana" + version = "~> 3.0" + } + } + required_version = "~> 1.0" +} diff --git a/terraform/environments/observability-platform/modules/grafana/athena-source/variables.tf b/terraform/environments/observability-platform/modules/grafana/athena-source/variables.tf new file mode 100644 index 00000000000..bdbdbd010fa --- /dev/null +++ b/terraform/environments/observability-platform/modules/grafana/athena-source/variables.tf @@ -0,0 +1,16 @@ +variable "name" { + type = string +} +variable "account_id" { + type = string +} +variable "athena_enabled" { + type = bool + default = false +} +variable "athena_database" { + type = string +} +variable "athena_workgroup" { + type = string +} diff --git a/terraform/environments/observability-platform/modules/grafana/team/variables.tf b/terraform/environments/observability-platform/modules/grafana/team/variables.tf index efed6445fcc..aeb472edd63 100644 --- a/terraform/environments/observability-platform/modules/grafana/team/variables.tf +++ b/terraform/environments/observability-platform/modules/grafana/team/variables.tf @@ -11,5 +11,8 @@ variable "aws_accounts" { cloudwatch_enabled = optional(bool) xray_enabled = optional(bool) amazon_prometheus_query_enabled = optional(bool) + athena_enabled = optional(bool) })) } + + diff --git a/terraform/environments/observability-platform/modules/observability-platform/tenant-configuration/main.tf b/terraform/environments/observability-platform/modules/observability-platform/tenant-configuration/main.tf index 637d7d604d5..b40c7400509 100644 --- a/terraform/environments/observability-platform/modules/observability-platform/tenant-configuration/main.tf +++ b/terraform/environments/observability-platform/modules/observability-platform/tenant-configuration/main.tf @@ -36,6 +36,17 @@ module "amazon_prometheus_query_source" { amazon_prometheus_workspace_id = each.value.amazon_prometheus_workspace_id } +module "athena_source" { + for_each = { + for name, account in var.aws_accounts : name => account if account.athena_enabled + } + source = "../../grafana/athena-source" + name = each.key + account_id = var.environment_management.account_ids[each.key] + athena_database = "" + athena_workgroup = "" +} + module "prometheus_push" { for_each = { for name, account in var.aws_accounts : name => account if account.prometheus_push_enabled diff --git a/terraform/environments/observability-platform/modules/observability-platform/tenant-configuration/variables.tf b/terraform/environments/observability-platform/modules/observability-platform/tenant-configuration/variables.tf index 6e55539a48b..cce4e9548bd 100644 --- a/terraform/environments/observability-platform/modules/observability-platform/tenant-configuration/variables.tf +++ b/terraform/environments/observability-platform/modules/observability-platform/tenant-configuration/variables.tf @@ -18,6 +18,7 @@ variable "aws_accounts" { amazon_prometheus_query_enabled = optional(bool) amazon_prometheus_workspace_id = optional(string) xray_enabled = optional(bool) + athena_enabled = optional(bool) })) default = { default = { @@ -26,6 +27,7 @@ variable "aws_accounts" { amazon_prometheus_query_enabled = false amazon_prometheus_workspace_id = "" xray_enabled = false + athena_enabled = false } } } From 850864d1bf6323ff8560c2e612e53a21f4d03534 Mon Sep 17 00:00:00 2001 From: Gary H <26419401+Gary-H9@users.noreply.github.com> Date: Wed, 9 Oct 2024 14:13:12 +0000 Subject: [PATCH 02/23] :wrench: Modify for multiple Athena Data Sources --- .../environment-configurations.tf | 6 ++++++ .../modules/grafana/athena-source/main.tf | 4 ++-- .../modules/grafana/athena-source/variables.tf | 15 ++++++++++----- .../tenant-configuration/main.tf | 9 ++++----- 4 files changed, 22 insertions(+), 12 deletions(-) diff --git a/terraform/environments/observability-platform/environment-configurations.tf b/terraform/environments/observability-platform/environment-configurations.tf index 3c71c1f3e85..e69b99396a7 100644 --- a/terraform/environments/observability-platform/environment-configurations.tf +++ b/terraform/environments/observability-platform/environment-configurations.tf @@ -178,6 +178,12 @@ locals { amazon_prometheus_query_enabled = false xray_enabled = false athena_enabled = true + athena_config = { + athena_source = { + database = "data" + workgroup = "mod-platform-cur-reports" + } + } }, "core-security-production" = { cloudwatch_enabled = true diff --git a/terraform/environments/observability-platform/modules/grafana/athena-source/main.tf b/terraform/environments/observability-platform/modules/grafana/athena-source/main.tf index 73c09047dfe..d38dc998eda 100644 --- a/terraform/environments/observability-platform/modules/grafana/athena-source/main.tf +++ b/terraform/environments/observability-platform/modules/grafana/athena-source/main.tf @@ -13,7 +13,7 @@ resource "grafana_data_source" "this" { authType = "ec2_iam_role" assumeRoleArn = "arn:aws:iam::${var.account_id}:role/observability-platform" externalId = var.name - database = var.athena_database - workgroup = var.athena_workgroup + database = var.athena_config.athena_source.database + workgroup = var.athena_config.athena_source.workgroup }) } diff --git a/terraform/environments/observability-platform/modules/grafana/athena-source/variables.tf b/terraform/environments/observability-platform/modules/grafana/athena-source/variables.tf index bdbdbd010fa..cab1c8ced92 100644 --- a/terraform/environments/observability-platform/modules/grafana/athena-source/variables.tf +++ b/terraform/environments/observability-platform/modules/grafana/athena-source/variables.tf @@ -1,16 +1,21 @@ variable "name" { type = string } + variable "account_id" { type = string } + variable "athena_enabled" { type = bool default = false } -variable "athena_database" { - type = string -} -variable "athena_workgroup" { - type = string + +variable "athena_config" { + type = map(object({ + athena_source = object({ + database = string + workgroup = string + }) + })) } diff --git a/terraform/environments/observability-platform/modules/observability-platform/tenant-configuration/main.tf b/terraform/environments/observability-platform/modules/observability-platform/tenant-configuration/main.tf index b40c7400509..ad9e4b014d2 100644 --- a/terraform/environments/observability-platform/modules/observability-platform/tenant-configuration/main.tf +++ b/terraform/environments/observability-platform/modules/observability-platform/tenant-configuration/main.tf @@ -40,11 +40,10 @@ module "athena_source" { for_each = { for name, account in var.aws_accounts : name => account if account.athena_enabled } - source = "../../grafana/athena-source" - name = each.key - account_id = var.environment_management.account_ids[each.key] - athena_database = "" - athena_workgroup = "" + source = "../../grafana/athena-source" + name = each.key + account_id = var.environment_management.account_ids[each.key] + athena_config = try(each.value.athena_config, {}) } module "prometheus_push" { From 5342c52e0fe52db33203eb2927dd1e7682d7b1a1 Mon Sep 17 00:00:00 2001 From: Gary H <26419401+Gary-H9@users.noreply.github.com> Date: Wed, 9 Oct 2024 14:32:37 +0000 Subject: [PATCH 03/23] :recycle: Refactor --- .../modules/grafana/athena-source/main.tf | 10 +++++++--- .../modules/grafana/athena-source/variables.tf | 6 ++---- 2 files changed, 9 insertions(+), 7 deletions(-) diff --git a/terraform/environments/observability-platform/modules/grafana/athena-source/main.tf b/terraform/environments/observability-platform/modules/grafana/athena-source/main.tf index d38dc998eda..ec293e358e6 100644 --- a/terraform/environments/observability-platform/modules/grafana/athena-source/main.tf +++ b/terraform/environments/observability-platform/modules/grafana/athena-source/main.tf @@ -1,19 +1,23 @@ locals { name = "${var.name}-athena" } + data "grafana_data_source" "this" { count = var.athena_enabled ? 1 : 0 name = "${var.name}-athena" } + resource "grafana_data_source" "this" { + for_each = var.athena_config + type = "athena" - name = local.name + name = "${local.name}-${each.key}" json_data_encoded = jsonencode({ defaultRegion = "eu-west-2" authType = "ec2_iam_role" assumeRoleArn = "arn:aws:iam::${var.account_id}:role/observability-platform" externalId = var.name - database = var.athena_config.athena_source.database - workgroup = var.athena_config.athena_source.workgroup + database = each.value.database + workgroup = each.value.workgroup }) } diff --git a/terraform/environments/observability-platform/modules/grafana/athena-source/variables.tf b/terraform/environments/observability-platform/modules/grafana/athena-source/variables.tf index cab1c8ced92..91e71b0663f 100644 --- a/terraform/environments/observability-platform/modules/grafana/athena-source/variables.tf +++ b/terraform/environments/observability-platform/modules/grafana/athena-source/variables.tf @@ -13,9 +13,7 @@ variable "athena_enabled" { variable "athena_config" { type = map(object({ - athena_source = object({ - database = string - workgroup = string - }) + database = string + workgroup = string })) } From 19b76a4e70f4aa504f2a302b839e98676d46782f Mon Sep 17 00:00:00 2001 From: Gary H <26419401+Gary-H9@users.noreply.github.com> Date: Thu, 10 Oct 2024 10:25:49 +0000 Subject: [PATCH 04/23] :recycle: Refactor --- .../observability-platform/environment-configurations.tf | 2 +- .../observability-platform/tenant-configuration/main.tf | 6 ++++-- 2 files changed, 5 insertions(+), 3 deletions(-) diff --git a/terraform/environments/observability-platform/environment-configurations.tf b/terraform/environments/observability-platform/environment-configurations.tf index e69b99396a7..011bd6105bc 100644 --- a/terraform/environments/observability-platform/environment-configurations.tf +++ b/terraform/environments/observability-platform/environment-configurations.tf @@ -179,7 +179,7 @@ locals { xray_enabled = false athena_enabled = true athena_config = { - athena_source = { + mod-platform-cur-reports = { database = "data" workgroup = "mod-platform-cur-reports" } diff --git a/terraform/environments/observability-platform/modules/observability-platform/tenant-configuration/main.tf b/terraform/environments/observability-platform/modules/observability-platform/tenant-configuration/main.tf index ad9e4b014d2..8d0104deea1 100644 --- a/terraform/environments/observability-platform/modules/observability-platform/tenant-configuration/main.tf +++ b/terraform/environments/observability-platform/modules/observability-platform/tenant-configuration/main.tf @@ -40,10 +40,12 @@ module "athena_source" { for_each = { for name, account in var.aws_accounts : name => account if account.athena_enabled } - source = "../../grafana/athena-source" + + source = "../../grafana/athena-source" + name = each.key account_id = var.environment_management.account_ids[each.key] - athena_config = try(each.value.athena_config, {}) + athena_config = each.value.athena_config } module "prometheus_push" { From 3941aaaeb8d18590df8f750b96e0cf6ba61518a1 Mon Sep 17 00:00:00 2001 From: Gary H <26419401+Gary-H9@users.noreply.github.com> Date: Thu, 10 Oct 2024 10:29:32 +0000 Subject: [PATCH 05/23] :wrench: Add try --- .../modules/observability-platform/tenant-configuration/main.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/terraform/environments/observability-platform/modules/observability-platform/tenant-configuration/main.tf b/terraform/environments/observability-platform/modules/observability-platform/tenant-configuration/main.tf index 8d0104deea1..9fde48e7d7a 100644 --- a/terraform/environments/observability-platform/modules/observability-platform/tenant-configuration/main.tf +++ b/terraform/environments/observability-platform/modules/observability-platform/tenant-configuration/main.tf @@ -45,7 +45,7 @@ module "athena_source" { name = each.key account_id = var.environment_management.account_ids[each.key] - athena_config = each.value.athena_config + athena_config = try(each.value.athena_config, {}) } module "prometheus_push" { From 093ae58c3d5e721b4cce1bb22c5a0fb91cb23746 Mon Sep 17 00:00:00 2001 From: Gary H <26419401+Gary-H9@users.noreply.github.com> Date: Thu, 10 Oct 2024 10:43:18 +0000 Subject: [PATCH 06/23] :pencil: Attempt 1 --- .../observability-platform/tenant-configuration/variables.tf | 1 + 1 file changed, 1 insertion(+) diff --git a/terraform/environments/observability-platform/modules/observability-platform/tenant-configuration/variables.tf b/terraform/environments/observability-platform/modules/observability-platform/tenant-configuration/variables.tf index cce4e9548bd..d5fa3733113 100644 --- a/terraform/environments/observability-platform/modules/observability-platform/tenant-configuration/variables.tf +++ b/terraform/environments/observability-platform/modules/observability-platform/tenant-configuration/variables.tf @@ -19,6 +19,7 @@ variable "aws_accounts" { amazon_prometheus_workspace_id = optional(string) xray_enabled = optional(bool) athena_enabled = optional(bool) + athena_config = optional(map(object)) })) default = { default = { From 5e4fcda76f00c946804f0a616bfee5025e73feae Mon Sep 17 00:00:00 2001 From: Gary H <26419401+Gary-H9@users.noreply.github.com> Date: Thu, 10 Oct 2024 10:46:02 +0000 Subject: [PATCH 07/23] :recycle: Refactor --- .../observability-platform/tenant-configuration/variables.tf | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/terraform/environments/observability-platform/modules/observability-platform/tenant-configuration/variables.tf b/terraform/environments/observability-platform/modules/observability-platform/tenant-configuration/variables.tf index d5fa3733113..0fe0ba87859 100644 --- a/terraform/environments/observability-platform/modules/observability-platform/tenant-configuration/variables.tf +++ b/terraform/environments/observability-platform/modules/observability-platform/tenant-configuration/variables.tf @@ -19,7 +19,10 @@ variable "aws_accounts" { amazon_prometheus_workspace_id = optional(string) xray_enabled = optional(bool) athena_enabled = optional(bool) - athena_config = optional(map(object)) + athena_config = optional(map(object({ + database = string + workgroup = string + }))) })) default = { default = { From 25feee442e49abad8b51e2349477809bc31429a7 Mon Sep 17 00:00:00 2001 From: Gary H <26419401+Gary-H9@users.noreply.github.com> Date: Thu, 10 Oct 2024 11:23:14 +0000 Subject: [PATCH 08/23] :wrench: TEST --- .../environment-configurations.tf | 4 ++++ .../modules/grafana/team/main.tf | 21 +++++++++++++++++++ 2 files changed, 25 insertions(+) diff --git a/terraform/environments/observability-platform/environment-configurations.tf b/terraform/environments/observability-platform/environment-configurations.tf index 011bd6105bc..ebe069be956 100644 --- a/terraform/environments/observability-platform/environment-configurations.tf +++ b/terraform/environments/observability-platform/environment-configurations.tf @@ -182,6 +182,10 @@ locals { mod-platform-cur-reports = { database = "data" workgroup = "mod-platform-cur-reports" + }, + gary-test = { + database = "test-database" + workgroup = "test-workgroup" } } }, diff --git a/terraform/environments/observability-platform/modules/grafana/team/main.tf b/terraform/environments/observability-platform/modules/grafana/team/main.tf index 0bff958d733..f3fd08874c1 100644 --- a/terraform/environments/observability-platform/modules/grafana/team/main.tf +++ b/terraform/environments/observability-platform/modules/grafana/team/main.tf @@ -55,6 +55,27 @@ resource "grafana_data_source_permission" "xray" { } } +data "grafana_data_source" "athena" { + for_each = { + for name, config in var.aws_accounts.athena_config : name => config if config.athena_enabled + } + + name = "${each.key}-athena" +} + +resource "grafana_data_source_permission" "athena" { + for_each = { + for name, config in var.aws_accounts.athena_config : name => config if config.athena_enabled + } + + datasource_uid = trimprefix(data.grafana_data_source.athena[each.key].id, "1:") + + permissions { + team_id = grafana_team.this.id + permission = "Query" + } +} + data "grafana_data_source" "amazon_prometheus" { for_each = { for name, account in var.aws_accounts : name => account if account.amazon_prometheus_query_enabled From 59e362845fdc5ba8afd4e0d3a920974391e35465 Mon Sep 17 00:00:00 2001 From: Gary H <26419401+Gary-H9@users.noreply.github.com> Date: Thu, 10 Oct 2024 11:30:29 +0000 Subject: [PATCH 09/23] :wrench: TEST2 --- .../observability-platform/modules/grafana/team/main.tf | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/terraform/environments/observability-platform/modules/grafana/team/main.tf b/terraform/environments/observability-platform/modules/grafana/team/main.tf index f3fd08874c1..504946e2967 100644 --- a/terraform/environments/observability-platform/modules/grafana/team/main.tf +++ b/terraform/environments/observability-platform/modules/grafana/team/main.tf @@ -57,7 +57,7 @@ resource "grafana_data_source_permission" "xray" { data "grafana_data_source" "athena" { for_each = { - for name, config in var.aws_accounts.athena_config : name => config if config.athena_enabled + for name, config in var.aws_accounts : name => config.athena_config if config.athena_enabled } name = "${each.key}-athena" @@ -65,7 +65,7 @@ data "grafana_data_source" "athena" { resource "grafana_data_source_permission" "athena" { for_each = { - for name, config in var.aws_accounts.athena_config : name => config if config.athena_enabled + for name, config in var.aws_accounts : name => config.athena_config if config.athena_enabled } datasource_uid = trimprefix(data.grafana_data_source.athena[each.key].id, "1:") From ee5fba8c38b8c2aa87d1b7286e450c8637204674 Mon Sep 17 00:00:00 2001 From: Gary H <26419401+Gary-H9@users.noreply.github.com> Date: Thu, 10 Oct 2024 11:36:39 +0000 Subject: [PATCH 10/23] :wrench: TEST --- .../observability-platform/modules/grafana/team/main.tf | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/terraform/environments/observability-platform/modules/grafana/team/main.tf b/terraform/environments/observability-platform/modules/grafana/team/main.tf index 504946e2967..9eed470a980 100644 --- a/terraform/environments/observability-platform/modules/grafana/team/main.tf +++ b/terraform/environments/observability-platform/modules/grafana/team/main.tf @@ -57,7 +57,7 @@ resource "grafana_data_source_permission" "xray" { data "grafana_data_source" "athena" { for_each = { - for name, config in var.aws_accounts : name => config.athena_config if config.athena_enabled + for name, config in var.aws_accounts : name => config.athena_config if config.athena_enabled && contains(keys(config), "athena_config") } name = "${each.key}-athena" @@ -65,7 +65,7 @@ data "grafana_data_source" "athena" { resource "grafana_data_source_permission" "athena" { for_each = { - for name, config in var.aws_accounts : name => config.athena_config if config.athena_enabled + for name, config in var.aws_accounts : name => config.athena_config if config.athena_enabled && contains(keys(config), "athena_config") } datasource_uid = trimprefix(data.grafana_data_source.athena[each.key].id, "1:") From cfe8a4fc8410806e6696765e4f50794ecfc6b7a8 Mon Sep 17 00:00:00 2001 From: Gary H <26419401+Gary-H9@users.noreply.github.com> Date: Thu, 10 Oct 2024 11:42:48 +0000 Subject: [PATCH 11/23] :wrench: Revert to cleaner, still incorrect code --- .../observability-platform/modules/grafana/team/main.tf | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/terraform/environments/observability-platform/modules/grafana/team/main.tf b/terraform/environments/observability-platform/modules/grafana/team/main.tf index 9eed470a980..f3fd08874c1 100644 --- a/terraform/environments/observability-platform/modules/grafana/team/main.tf +++ b/terraform/environments/observability-platform/modules/grafana/team/main.tf @@ -57,7 +57,7 @@ resource "grafana_data_source_permission" "xray" { data "grafana_data_source" "athena" { for_each = { - for name, config in var.aws_accounts : name => config.athena_config if config.athena_enabled && contains(keys(config), "athena_config") + for name, config in var.aws_accounts.athena_config : name => config if config.athena_enabled } name = "${each.key}-athena" @@ -65,7 +65,7 @@ data "grafana_data_source" "athena" { resource "grafana_data_source_permission" "athena" { for_each = { - for name, config in var.aws_accounts : name => config.athena_config if config.athena_enabled && contains(keys(config), "athena_config") + for name, config in var.aws_accounts.athena_config : name => config if config.athena_enabled } datasource_uid = trimprefix(data.grafana_data_source.athena[each.key].id, "1:") From 4ad333eb8a9222bb0be12371aa88b9f28664a997 Mon Sep 17 00:00:00 2001 From: Gary H <26419401+Gary-H9@users.noreply.github.com> Date: Thu, 10 Oct 2024 12:38:03 +0000 Subject: [PATCH 12/23] :wrench: Another rever --- .../observability-platform/modules/grafana/team/main.tf | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/terraform/environments/observability-platform/modules/grafana/team/main.tf b/terraform/environments/observability-platform/modules/grafana/team/main.tf index f3fd08874c1..93178314dd9 100644 --- a/terraform/environments/observability-platform/modules/grafana/team/main.tf +++ b/terraform/environments/observability-platform/modules/grafana/team/main.tf @@ -57,7 +57,7 @@ resource "grafana_data_source_permission" "xray" { data "grafana_data_source" "athena" { for_each = { - for name, config in var.aws_accounts.athena_config : name => config if config.athena_enabled + for name, config in var.aws_accounts.athena_config : name => config if config.enabled } name = "${each.key}-athena" @@ -65,7 +65,7 @@ data "grafana_data_source" "athena" { resource "grafana_data_source_permission" "athena" { for_each = { - for name, config in var.aws_accounts.athena_config : name => config if config.athena_enabled + for name, config in var.aws_accounts.athena_config : name => config if config.enabled } datasource_uid = trimprefix(data.grafana_data_source.athena[each.key].id, "1:") From 5eb93e39e9594dab319ddd1b8cd66c29351c174b Mon Sep 17 00:00:00 2001 From: Gary H <26419401+Gary-H9@users.noreply.github.com> Date: Thu, 17 Oct 2024 15:49:42 +0000 Subject: [PATCH 13/23] :wrench: plz plz plz --- .../modules/grafana/team/main.tf | 9 +++++++-- .../tenant-configuration/main.tf | 20 ++++++++++++++++--- 2 files changed, 24 insertions(+), 5 deletions(-) diff --git a/terraform/environments/observability-platform/modules/grafana/team/main.tf b/terraform/environments/observability-platform/modules/grafana/team/main.tf index 93178314dd9..c42472d1047 100644 --- a/terraform/environments/observability-platform/modules/grafana/team/main.tf +++ b/terraform/environments/observability-platform/modules/grafana/team/main.tf @@ -57,15 +57,20 @@ resource "grafana_data_source_permission" "xray" { data "grafana_data_source" "athena" { for_each = { - for name, config in var.aws_accounts.athena_config : name => config if config.enabled + for name, config in var.aws_accounts : name => config if config.athena_enabled } + # for_each = { + # for name, config in var.accounts : + # for name, athena_config in config : name => config if config.enabled + # } + name = "${each.key}-athena" } resource "grafana_data_source_permission" "athena" { for_each = { - for name, config in var.aws_accounts.athena_config : name => config if config.enabled + for name, config in var.aws_accounts : name => config if config.athena_enabled } datasource_uid = trimprefix(data.grafana_data_source.athena[each.key].id, "1:") diff --git a/terraform/environments/observability-platform/modules/observability-platform/tenant-configuration/main.tf b/terraform/environments/observability-platform/modules/observability-platform/tenant-configuration/main.tf index 9fde48e7d7a..016bc1a42ca 100644 --- a/terraform/environments/observability-platform/modules/observability-platform/tenant-configuration/main.tf +++ b/terraform/environments/observability-platform/modules/observability-platform/tenant-configuration/main.tf @@ -36,15 +36,28 @@ module "amazon_prometheus_query_source" { amazon_prometheus_workspace_id = each.value.amazon_prometheus_workspace_id } +locals { + flattened_athena_configs = flatten([ + for env_name, env_data in var.aws_accounts : [ + for config_name, config_data in try(env_data.athena_config, {}) : { + key = "${env_name}-${config_name}" + account_id = var.environment_management.account_ids[env_name] + database = config_data.database + workgroup = config_data.workgroup + } + ] if env_data.athena_enabled == true + ]) +} + module "athena_source" { for_each = { - for name, account in var.aws_accounts : name => account if account.athena_enabled + for config in local.flattened_athena_configs : config.key => config } source = "../../grafana/athena-source" name = each.key - account_id = var.environment_management.account_ids[each.key] + account_id = each.value.account_id athena_config = try(each.value.athena_config, {}) } @@ -73,6 +86,7 @@ module "team" { depends_on = [ module.xray_source, module.cloudwatch_source, - module.amazon_prometheus_query_source + module.amazon_prometheus_query_source, + module.athena_source ] } From ae47d06a919acdd18965eda86b97a114e7d38976 Mon Sep 17 00:00:00 2001 From: Gary H <26419401+Gary-H9@users.noreply.github.com> Date: Mon, 21 Oct 2024 14:29:41 +0000 Subject: [PATCH 14/23] :wrench: Refactor --- .../observability-platform/modules/grafana/team/main.tf | 5 ----- .../observability-platform/tenant-configuration/main.tf | 8 +++----- 2 files changed, 3 insertions(+), 10 deletions(-) diff --git a/terraform/environments/observability-platform/modules/grafana/team/main.tf b/terraform/environments/observability-platform/modules/grafana/team/main.tf index c42472d1047..ccdc31cc897 100644 --- a/terraform/environments/observability-platform/modules/grafana/team/main.tf +++ b/terraform/environments/observability-platform/modules/grafana/team/main.tf @@ -60,11 +60,6 @@ data "grafana_data_source" "athena" { for name, config in var.aws_accounts : name => config if config.athena_enabled } - # for_each = { - # for name, config in var.accounts : - # for name, athena_config in config : name => config if config.enabled - # } - name = "${each.key}-athena" } diff --git a/terraform/environments/observability-platform/modules/observability-platform/tenant-configuration/main.tf b/terraform/environments/observability-platform/modules/observability-platform/tenant-configuration/main.tf index 016bc1a42ca..dde10cbd70a 100644 --- a/terraform/environments/observability-platform/modules/observability-platform/tenant-configuration/main.tf +++ b/terraform/environments/observability-platform/modules/observability-platform/tenant-configuration/main.tf @@ -50,15 +50,13 @@ locals { } module "athena_source" { - for_each = { - for config in local.flattened_athena_configs : config.key => config - } + for_each = local.flattened_athena_configs source = "../../grafana/athena-source" - name = each.key + name = each.value.key account_id = each.value.account_id - athena_config = try(each.value.athena_config, {}) + athena_config = try(each.value, {}) } module "prometheus_push" { From 58e075e8415ccff3629d52471eadaeca477195e9 Mon Sep 17 00:00:00 2001 From: Gary H <26419401+Gary-H9@users.noreply.github.com> Date: Mon, 21 Oct 2024 14:55:24 +0000 Subject: [PATCH 15/23] :wrench: Resolve empty tuple error --- .../modules/observability-platform/tenant-configuration/main.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/terraform/environments/observability-platform/modules/observability-platform/tenant-configuration/main.tf b/terraform/environments/observability-platform/modules/observability-platform/tenant-configuration/main.tf index dde10cbd70a..2ef212aad0d 100644 --- a/terraform/environments/observability-platform/modules/observability-platform/tenant-configuration/main.tf +++ b/terraform/environments/observability-platform/modules/observability-platform/tenant-configuration/main.tf @@ -50,7 +50,7 @@ locals { } module "athena_source" { - for_each = local.flattened_athena_configs + for_each = toset(local.flattened_athena_configs) source = "../../grafana/athena-source" From 31182e49517781ec7c9c1b8befb376e5e73b579c Mon Sep 17 00:00:00 2001 From: Gary H <26419401+Gary-H9@users.noreply.github.com> Date: Mon, 21 Oct 2024 15:33:23 +0000 Subject: [PATCH 16/23] :wrench: Add nonsensitive --- .../modules/observability-platform/tenant-configuration/main.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/terraform/environments/observability-platform/modules/observability-platform/tenant-configuration/main.tf b/terraform/environments/observability-platform/modules/observability-platform/tenant-configuration/main.tf index 2ef212aad0d..2ef6f59258f 100644 --- a/terraform/environments/observability-platform/modules/observability-platform/tenant-configuration/main.tf +++ b/terraform/environments/observability-platform/modules/observability-platform/tenant-configuration/main.tf @@ -55,7 +55,7 @@ module "athena_source" { source = "../../grafana/athena-source" name = each.value.key - account_id = each.value.account_id + account_id = nonsensitive(each.value.account_id) athena_config = try(each.value, {}) } From 8d4ce1eb44ab609d67856106db70dd7a8f463e18 Mon Sep 17 00:00:00 2001 From: Gary H <26419401+Gary-H9@users.noreply.github.com> Date: Mon, 21 Oct 2024 15:46:00 +0000 Subject: [PATCH 17/23] : --- .../observability-platform/tenant-configuration/main.tf | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/terraform/environments/observability-platform/modules/observability-platform/tenant-configuration/main.tf b/terraform/environments/observability-platform/modules/observability-platform/tenant-configuration/main.tf index 2ef6f59258f..a59a9df6044 100644 --- a/terraform/environments/observability-platform/modules/observability-platform/tenant-configuration/main.tf +++ b/terraform/environments/observability-platform/modules/observability-platform/tenant-configuration/main.tf @@ -41,7 +41,7 @@ locals { for env_name, env_data in var.aws_accounts : [ for config_name, config_data in try(env_data.athena_config, {}) : { key = "${env_name}-${config_name}" - account_id = var.environment_management.account_ids[env_name] + account_id = nonsensitive(var.environment_management.account_ids[env_name]) database = config_data.database workgroup = config_data.workgroup } @@ -55,7 +55,7 @@ module "athena_source" { source = "../../grafana/athena-source" name = each.value.key - account_id = nonsensitive(each.value.account_id) + account_id = each.value.account_id athena_config = try(each.value, {}) } From 85ff8af7843291e86844fb37b373e6d97d43981b Mon Sep 17 00:00:00 2001 From: Gary H <26419401+Gary-H9@users.noreply.github.com> Date: Mon, 21 Oct 2024 15:51:21 +0000 Subject: [PATCH 18/23] :wrench: for_each changes --- .../observability-platform/tenant-configuration/main.tf | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/terraform/environments/observability-platform/modules/observability-platform/tenant-configuration/main.tf b/terraform/environments/observability-platform/modules/observability-platform/tenant-configuration/main.tf index a59a9df6044..fee8d043d42 100644 --- a/terraform/environments/observability-platform/modules/observability-platform/tenant-configuration/main.tf +++ b/terraform/environments/observability-platform/modules/observability-platform/tenant-configuration/main.tf @@ -50,11 +50,13 @@ locals { } module "athena_source" { - for_each = toset(local.flattened_athena_configs) + for_each = { + for config in local.flattened_athena_configs : config.key => config + } source = "../../grafana/athena-source" - name = each.value.key + name = each.key account_id = each.value.account_id athena_config = try(each.value, {}) } From 3d57dd772612ae4f5ca3b42704b4eaa352fb890f Mon Sep 17 00:00:00 2001 From: Gary H <26419401+Gary-H9@users.noreply.github.com> Date: Mon, 21 Oct 2024 15:55:40 +0000 Subject: [PATCH 19/23] :wrench: There was an attempt --- .../modules/observability-platform/tenant-configuration/main.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/terraform/environments/observability-platform/modules/observability-platform/tenant-configuration/main.tf b/terraform/environments/observability-platform/modules/observability-platform/tenant-configuration/main.tf index fee8d043d42..27c803389d0 100644 --- a/terraform/environments/observability-platform/modules/observability-platform/tenant-configuration/main.tf +++ b/terraform/environments/observability-platform/modules/observability-platform/tenant-configuration/main.tf @@ -58,7 +58,7 @@ module "athena_source" { name = each.key account_id = each.value.account_id - athena_config = try(each.value, {}) + athena_config = try(each, {}) } module "prometheus_push" { From f3fc11f537b51f7bc0a368196e5530be90f9a87a Mon Sep 17 00:00:00 2001 From: Gary H <26419401+Gary-H9@users.noreply.github.com> Date: Mon, 21 Oct 2024 16:12:33 +0000 Subject: [PATCH 20/23] :wrench: Refactor --- .../modules/grafana/athena-source/main.tf | 8 +++----- .../modules/grafana/athena-source/variables.tf | 11 ++++++----- .../tenant-configuration/main.tf | 7 ++++--- 3 files changed, 13 insertions(+), 13 deletions(-) diff --git a/terraform/environments/observability-platform/modules/grafana/athena-source/main.tf b/terraform/environments/observability-platform/modules/grafana/athena-source/main.tf index ec293e358e6..178162769af 100644 --- a/terraform/environments/observability-platform/modules/grafana/athena-source/main.tf +++ b/terraform/environments/observability-platform/modules/grafana/athena-source/main.tf @@ -8,16 +8,14 @@ data "grafana_data_source" "this" { } resource "grafana_data_source" "this" { - for_each = var.athena_config - type = "athena" - name = "${local.name}-${each.key}" + name = "${var.athena_workgroup}-${var.athena_database}" json_data_encoded = jsonencode({ defaultRegion = "eu-west-2" authType = "ec2_iam_role" assumeRoleArn = "arn:aws:iam::${var.account_id}:role/observability-platform" externalId = var.name - database = each.value.database - workgroup = each.value.workgroup + database = var.athena_database + workgroup = var.athena_workgroup }) } diff --git a/terraform/environments/observability-platform/modules/grafana/athena-source/variables.tf b/terraform/environments/observability-platform/modules/grafana/athena-source/variables.tf index 91e71b0663f..1fd8f3f8bc1 100644 --- a/terraform/environments/observability-platform/modules/grafana/athena-source/variables.tf +++ b/terraform/environments/observability-platform/modules/grafana/athena-source/variables.tf @@ -11,9 +11,10 @@ variable "athena_enabled" { default = false } -variable "athena_config" { - type = map(object({ - database = string - workgroup = string - })) +variable "athena_workgroup" { + type = string +} + +variable "athena_database" { + type = string } diff --git a/terraform/environments/observability-platform/modules/observability-platform/tenant-configuration/main.tf b/terraform/environments/observability-platform/modules/observability-platform/tenant-configuration/main.tf index 27c803389d0..b09155ebf1b 100644 --- a/terraform/environments/observability-platform/modules/observability-platform/tenant-configuration/main.tf +++ b/terraform/environments/observability-platform/modules/observability-platform/tenant-configuration/main.tf @@ -56,9 +56,10 @@ module "athena_source" { source = "../../grafana/athena-source" - name = each.key - account_id = each.value.account_id - athena_config = try(each, {}) + name = each.key + account_id = each.value.account_id + athena_workgroup = each.value.workgroup + athena_database = each.value.database } module "prometheus_push" { From 25e0411cd69b006952539f1184e5a149b06e8f32 Mon Sep 17 00:00:00 2001 From: Gary H <26419401+Gary-H9@users.noreply.github.com> Date: Tue, 22 Oct 2024 08:09:46 +0000 Subject: [PATCH 21/23] :wrench: Remove test config --- .../observability-platform/environment-configurations.tf | 4 ---- 1 file changed, 4 deletions(-) diff --git a/terraform/environments/observability-platform/environment-configurations.tf b/terraform/environments/observability-platform/environment-configurations.tf index ebe069be956..011bd6105bc 100644 --- a/terraform/environments/observability-platform/environment-configurations.tf +++ b/terraform/environments/observability-platform/environment-configurations.tf @@ -182,10 +182,6 @@ locals { mod-platform-cur-reports = { database = "data" workgroup = "mod-platform-cur-reports" - }, - gary-test = { - database = "test-database" - workgroup = "test-workgroup" } } }, From e582e05fae9ccf109f4a77d107537c947f03350b Mon Sep 17 00:00:00 2001 From: Gary H <26419401+Gary-H9@users.noreply.github.com> Date: Tue, 22 Oct 2024 08:18:01 +0000 Subject: [PATCH 22/23] one more time with feeling --- .../observability-platform/environment-configurations.tf | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/terraform/environments/observability-platform/environment-configurations.tf b/terraform/environments/observability-platform/environment-configurations.tf index 011bd6105bc..ebe069be956 100644 --- a/terraform/environments/observability-platform/environment-configurations.tf +++ b/terraform/environments/observability-platform/environment-configurations.tf @@ -182,6 +182,10 @@ locals { mod-platform-cur-reports = { database = "data" workgroup = "mod-platform-cur-reports" + }, + gary-test = { + database = "test-database" + workgroup = "test-workgroup" } } }, From e747bc67477016e388c0b40dac2373287a20410e Mon Sep 17 00:00:00 2001 From: Gary H <26419401+Gary-H9@users.noreply.github.com> Date: Tue, 22 Oct 2024 08:20:40 +0000 Subject: [PATCH 23/23] Panic over --- .../observability-platform/environment-configurations.tf | 4 ---- 1 file changed, 4 deletions(-) diff --git a/terraform/environments/observability-platform/environment-configurations.tf b/terraform/environments/observability-platform/environment-configurations.tf index ebe069be956..011bd6105bc 100644 --- a/terraform/environments/observability-platform/environment-configurations.tf +++ b/terraform/environments/observability-platform/environment-configurations.tf @@ -182,10 +182,6 @@ locals { mod-platform-cur-reports = { database = "data" workgroup = "mod-platform-cur-reports" - }, - gary-test = { - database = "test-database" - workgroup = "test-workgroup" } } },