Skip to content

Commit fddbff8

Browse files
SohamMajumderSohamMajumder
committed
Merge remote-tracking branch 'refs/remotes/origin/main'
Includes a (new) Reference Module and updates to the testing sections for the new module
2 parents ac4b1a4 + dae93b8 commit fddbff8

34 files changed

+1403
-386
lines changed

data-collection/deploy/account-collector.yaml

Lines changed: 20 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -128,7 +128,9 @@ Resources:
128128
ZipFile: |
129129
import os
130130
import json
131+
import uuid
131132
import logging
133+
from datetime import datetime
132134
from functools import partial
133135
134136
import boto3
@@ -141,6 +143,9 @@ Resources:
141143
EXCLUDED_ACCOUNT_LIST_KEY = os.environ.get('EXCLUDED_ACCOUNT_LIST_KEY')
142144
EUC_ACCOUNTS = os.environ.get('EUC_ACCOUNT_IDS', '').strip()
143145
TMP_FILE = "/tmp/data.json"
146+
START_TIME = str(datetime.now().isoformat())
147+
LINKED_ACCOUNT_LIST_KEY = os.environ.get('LINKED_ACCOUNT_LIST_KEY', 'linked-account-list.json')
148+
PAYER_ACCOUNT_LIST_KEY = os.environ.get('PAYER_ACCOUNT_LIST_KEY', 'payer-account-list.json')
144149
145150
logger = logging.getLogger(__name__)
146151
logger.setLevel(getattr(logging, os.environ.get('LOG_LEVEL', 'INFO').upper(), logging.INFO))
@@ -156,6 +161,8 @@ Resources:
156161
logger.error(message)
157162
raise Exception(message) #pylint: disable=broad-exception-raised
158163
164+
module = event.get("module", '').lower()
165+
params = event.get("params", '')
159166
functions = { # keep keys same as boto3 services
160167
'linked': iterate_linked_accounts,
161168
'euc': partial(iterate_accounts_with_filter, EUC_ACCOUNTS),
@@ -164,7 +171,7 @@ Resources:
164171
'compute-optimizer': partial(iterate_admins_accounts, 'compute-optimizer'),
165172
'backup': partial(iterate_admins_accounts, 'backup'),
166173
}
167-
account_type = event.get("Type", '').lower()
174+
account_type = event.get("type", '').lower()
168175
if account_type not in functions:
169176
raise Exception(f"Lambda event must have 'Type' parameter with value = ({list(functions.keys())})") #pylint: disable=broad-exception-raised
170177
@@ -173,6 +180,14 @@ Resources:
173180
count = 0
174181
f.write("[\n")
175182
for account in account_iterator():
183+
account['main_exe_uuid'] = event.get("main_exe_uuid", str(uuid.uuid4()))
184+
account['module'] = module
185+
account['bucket'] = BUCKET
186+
account['dc_account'] = boto3.client('sts').get_caller_identity()['Account']
187+
account['dc_region'] = boto3.session.Session().region_name
188+
account['params'] = params
189+
account['prefix'] = RESOURCE_PREFIX
190+
account['stack_version'] = event.get("stack_version", '')
176191
if count > 0:
177192
f.write(",\n")
178193
f.write(json.dumps(account))
@@ -183,6 +198,7 @@ Resources:
183198
raise Exception('No accounts found. Check the log.') #pylint: disable=broad-exception-raised
184199
185200
key = f"account-list/{account_type}-account-list.json"
201+
key = f"account-collector/{module+'-'+(params+'-' if params else '')+(LINKED_ACCOUNT_LIST_KEY if account_type == 'linked' else PAYER_ACCOUNT_LIST_KEY)}"
186202
s3 = boto3.client('s3')
187203
s3.upload_file(TMP_FILE, Bucket=BUCKET, Key=key)
188204
@@ -285,6 +301,7 @@ Resources:
285301
aws_secret_access_key=credentials['SecretAccessKey'],
286302
aws_session_token=credentials['SessionToken'],
287303
)
304+
288305
Handler: 'index.lambda_handler'
289306
MemorySize: 2688
290307
Timeout: 600
@@ -298,6 +315,7 @@ Resources:
298315
PREDEF_ACCOUNT_LIST_KEY: "account-list/account-list"
299316
EXCLUDED_ACCOUNT_LIST_KEY: "account-list/excluded-linked-account-list.csv"
300317
EUC_ACCOUNT_IDS: !Ref EUCAccountIDs
318+
301319
Metadata:
302320
cfn_nag:
303321
rules_to_suppress:
@@ -310,4 +328,4 @@ Resources:
310328
Type: AWS::Logs::LogGroup
311329
Properties:
312330
LogGroupName: !Sub "/aws/lambda/${LambdaFunction}"
313-
RetentionInDays: 60
331+
RetentionInDays: 60

data-collection/deploy/deploy-data-collection.yaml

Lines changed: 135 additions & 89 deletions
Large diffs are not rendered by default.

data-collection/deploy/deploy-data-read-permissions.yaml

Lines changed: 6 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,6 @@
1-
# https://github.com/awslabs/cid-data-collection-framework/blob/main/data-collection/v3.10.0/deploy/deploy-data-read-permissions.yaml
1+
# https://github.com/awslabs/cid-data-collection-framework/blob/main/data-collection/v3.11.0/deploy/deploy-data-read-permissions.yaml
22
AWSTemplateFormatVersion: '2010-09-09'
3-
Description: CID Data Collection - All-in-One for Management Account v3.10.0 - AWS Solution SO9011
3+
Description: CID Data Collection - All-in-One for Management Account v3.11.0 - AWS Solution SO9011
44
Metadata:
55
AWS::CloudFormation::Interface:
66
ParameterGroups:
@@ -190,7 +190,7 @@ Resources:
190190
DataCollectorMgmtAccountReadStack:
191191
Type: AWS::CloudFormation::Stack
192192
Properties:
193-
TemplateURL: !Sub "https://${CFNSourceBucket}.s3.${AWS::URLSuffix}/cfn/data-collection/v3.10.0/deploy-in-management-account.yaml"
193+
TemplateURL: !Sub "https://${CFNSourceBucket}.s3.${AWS::URLSuffix}/cfn/data-collection/v3.11.0/deploy-in-management-account.yaml"
194194
Parameters:
195195
DataCollectionAccountID: !Ref DataCollectionAccountID
196196
ManagementAccountRole: !Ref ManagementAccountRole
@@ -206,7 +206,7 @@ Resources:
206206
Type: AWS::CloudFormation::Stack
207207
Condition: DeployModuleReadInMgmt
208208
Properties:
209-
TemplateURL: !Sub "https://${CFNSourceBucket}.s3.${AWS::URLSuffix}/cfn/data-collection/v3.10.0/deploy-in-linked-account.yaml"
209+
TemplateURL: !Sub "https://${CFNSourceBucket}.s3.${AWS::URLSuffix}/cfn/data-collection/v3.11.0/deploy-in-linked-account.yaml"
210210
Parameters:
211211
DataCollectionAccountID: !Ref DataCollectionAccountID
212212
MultiAccountRoleName: !Ref MultiAccountRoleName
@@ -223,7 +223,7 @@ Resources:
223223
DataCollectorOrgAccountModulesReadStackSet:
224224
Type: AWS::CloudFormation::StackSet
225225
Properties:
226-
Description: "StackSet in charge of deploying read roles across organization accounts v3.10.0"
226+
Description: "StackSet in charge of deploying read roles across organization accounts v3.11.0"
227227
PermissionModel: SERVICE_MANAGED
228228
AutoDeployment:
229229
Enabled: true
@@ -268,4 +268,4 @@ Resources:
268268
- CAPABILITY_IAM
269269
- CAPABILITY_NAMED_IAM
270270
StackSetName: !Sub "StackSet-${AWS::AccountId}-OptimizationDataRole"
271-
TemplateURL: !Sub "https://${CFNSourceBucket}.s3.${AWS::URLSuffix}/cfn/data-collection/v3.10.0/deploy-in-linked-account.yaml"
271+
TemplateURL: !Sub "https://${CFNSourceBucket}.s3.${AWS::URLSuffix}/cfn/data-collection/v3.11.0/deploy-in-linked-account.yaml"

data-collection/deploy/deploy-in-linked-account.yaml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,5 +1,5 @@
11
AWSTemplateFormatVersion: '2010-09-09'
2-
Description: CID Data Collection - Role for Linked Account v3.10.0
2+
Description: CID Data Collection - Role for Linked Account v3.11.0
33
Metadata:
44
AWS::CloudFormation::Interface:
55
ParameterGroups:

data-collection/deploy/deploy-in-management-account.yaml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,5 +1,5 @@
11
AWSTemplateFormatVersion: '2010-09-09'
2-
Description: CID Data Collection - Role for Management Account v3.10.0
2+
Description: CID Data Collection - Role for Management Account v3.11.0
33
Metadata:
44
AWS::CloudFormation::Interface:
55
ParameterGroups:

data-collection/deploy/module-aws-feeds.yaml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -932,4 +932,4 @@ Resources:
932932
Type: Custom::LambdaAnalyticsExecutor
933933
Properties:
934934
ServiceToken: !Ref LambdaAnalyticsARN
935-
Name: !Ref CFDataName
935+
Name: !Ref CFDataName

data-collection/deploy/module-backup.yaml

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -320,6 +320,7 @@ Resources:
320320
DeployRegion: !Ref AWS::Region
321321
Account: !Ref AWS::AccountId
322322
Prefix: !Ref ResourcePrefix
323+
Bucket: !Ref DestinationBucket
323324
'RefreshSchedule${AwsObject}':
324325
Type: AWS::Scheduler::Schedule
325326
Properties:
@@ -338,4 +339,4 @@ Resources:
338339
Type: Custom::LambdaAnalyticsExecutor
339340
Properties:
340341
ServiceToken: !Ref LambdaAnalyticsARN
341-
Name: !Ref CFDataName
342+
Name: !Ref CFDataName

data-collection/deploy/module-budgets.yaml

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -290,6 +290,7 @@ Resources:
290290
DeployRegion: !Ref AWS::Region
291291
Account: !Ref AWS::AccountId
292292
Prefix: !Ref ResourcePrefix
293+
Bucket: !Ref DestinationBucket
293294

294295
ModuleRefreshSchedule:
295296
Type: 'AWS::Scheduler::Schedule'

data-collection/deploy/module-compute-optimizer.yaml

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -501,6 +501,7 @@ Resources:
501501
DeployRegion: !Ref AWS::Region
502502
Account: !Ref AWS::AccountId
503503
Prefix: !Ref ResourcePrefix
504+
Bucket: !Ref DestinationBucket
504505

505506
ModuleRefreshSchedule:
506507
Type: 'AWS::Scheduler::Schedule'

data-collection/deploy/module-cost-anomaly.yaml

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -425,6 +425,7 @@ Resources:
425425
DeployRegion: !Ref AWS::Region
426426
Account: !Ref AWS::AccountId
427427
Prefix: !Ref ResourcePrefix
428+
Bucket: !Ref DestinationBucket
428429

429430
ModuleRefreshSchedule:
430431
Type: "AWS::Scheduler::Schedule"

0 commit comments

Comments
 (0)