telemetry: add project account id and region #8079

kzr-at-amazon · 2025-09-19T17:38:37Z

Problem

The project account id and region was missing from data connection and space action telemetry.

Solution

The project account id and region are added to data connection and space action telemetry.

Telemetry for a cross-account example:

2025-09-23 15:42:29.674 [debug] telemetry: smus_login {
  Metadata: {
    metricId: 'fdbf85ac-a093-4ab9-ac47-add57a5901cc',
    traceId: '7ee3db34-3f9b-41b7-aa16-824290fa0719',
    parentId: '5c66c1e2-09ba-4308-8e28-a47bfc4acdda',
    smusDomainId: 'dzd_64o7tjjv1cm9gp',
    awsRegion: 'us-east-2',
    smusDomainAccountId: '730335272067',
    duration: '24121',
    result: 'Succeeded',
    awsAccount: 'not-set'
  },
  Value: 1,
  Unit: 'None',
  Passive: false
}

2025-09-23 15:42:32.466 [debug] telemetry: smus_accessProject {
  Metadata: {
    metricId: 'cc75867d-cb7c-4392-b7d7-cda1f7ba627c',
    traceId: '7ee3db34-3f9b-41b7-aa16-824290fa0719',
    parentId: 'da7fad30-0aee-4f31-8962-00ef50b408b8',
    smusDomainId: 'dzd_64o7tjjv1cm9gp',
    smusProjectId: 'cxtwtxb6e3ly95',
    smusDomainRegion: 'us-east-2',
    smusDomainAccountId: '730335272067',
    duration: '3994',
    result: 'Succeeded',
    awsAccount: 'not-set',
    awsRegion: 'us-east-1'
  },
  Value: 1,
  Unit: 'None',
  Passive: false
}

2025-09-23 15:42:43.475 [debug] telemetry: smus_renderLakehouseNode {
  Metadata: {
    metricId: 'dc09a62e-9f18-45c5-bd8b-c113c6a8c5c9',
    traceId: '58ea5647-a29a-45dc-9e6c-fb4175a34a6d',
    smusToolkitEnv: 'local',
    smusDomainId: 'dzd_64o7tjjv1cm9gp',
    smusDomainAccountId: '730335272067',
    smusProjectId: 'cxtwtxb6e3ly95',
    smusConnectionId: '4r6iscfi0rih0p',
    smusConnectionType: 'LAKEHOUSE',
    smusProjectRegion: 'us-east-1',
    smusProjectAccountId: '976193268201',
    duration: '965',
    result: 'Succeeded',
    awsAccount: 'not-set',
    awsRegion: 'us-east-1'
  },
  Value: 1,
  Unit: 'None',
  Passive: false
}


2025-09-23 15:42:46.623 [debug] telemetry: smus_renderS3Node {
  Metadata: {
    metricId: 'be029b31-6111-48f1-8e66-99121dd48484',
    traceId: 'a3698692-e948-4ec4-881a-17a0443e109d',
    smusToolkitEnv: 'local',
    smusDomainId: 'dzd_64o7tjjv1cm9gp',
    smusDomainAccountId: '730335272067',
    smusProjectId: 'cxtwtxb6e3ly95',
    smusConnectionId: '6gy7b7go2jd50p',
    smusConnectionType: 'S3',
    smusProjectRegion: 'us-east-1',
    smusProjectAccountId: '976193268201',
    duration: '1',
    result: 'Succeeded',
    awsAccount: 'not-set',
    awsRegion: 'us-east-1'
  },
  Value: 1,
  Unit: 'None',
  Passive: false
}

2025-09-23 15:43:04.774 [debug] telemetry: smus_openRemoteConnection {
  Metadata: {
    metricId: '7f2c4573-b681-4e81-bc34-84509aac1f46',
    traceId: 'fc5d6674-7042-4634-b7aa-1098aee2b540',
    smusSpaceKey: 'd-uyehbqjlnjl0__ce',
    smusDomainRegion: 'us-east-1',
    smusDomainId: 'dzd_64o7tjjv1cm9gp',
    smusDomainAccountId: '730335272067',
    smusProjectId: 'cxtwtxb6e3ly95',
    smusProjectAccountId: '976193268201',
    smusProjectRegion: 'us-east-1',
    duration: '6969',
    result: 'Succeeded',
    awsAccount: 'not-set',
    awsRegion: 'us-east-1'
  },
  Value: 1,
  Unit: 'None',
  Passive: false
}

Treat all work as PUBLIC. Private feature/x branches will not be squash-merged at release time.
Your code changes must meet the guidelines in CONTRIBUTING.md.
License: I confirm that my contribution is made under the terms of the Apache 2.0 license.

amazon-inspector-ohio · 2025-09-19T17:38:41Z

⏳ I'm reviewing this pull request for security vulnerabilities and code quality issues. I'll provide an update when I'm done

amazon-inspector-ohio · 2025-09-19T17:39:12Z

✅ I finished the code review, and didn't find any security or code quality issues.

Normicrypto · 2025-09-22T15:40:46Z

No issues

liuzulin

The test detail in PR description seems indicating we only tested when domain account id === project account id. Can you test with an actual x region x account set up. I can send you the project info

liuzulin · 2025-09-23T20:01:42Z

packages/core/src/sagemakerunifiedstudio/auth/providers/smusAuthenticationProvider.ts

+     * @returns Promise resolving to the account ID
+     * @throws ToolkitError if unable to extract account ID
+     */
+    private async extractAccountIdFromResourceMetadata(): Promise<string> {


This should be moved to util file. for example smusUtils.ts

it is moved to the util file.

liuzulin · 2025-09-23T20:04:24Z

packages/core/src/sagemakerunifiedstudio/auth/providers/smusAuthenticationProvider.ts

+            return this.cachedProjectAccountIds.get(projectId)!
+        }
+
+        // If in SMUS space environment, extract account ID from resource-metadata file


I thought the one in resource-metadata is always domain account id? can you confirm?

The resourceArn in resource-metadata.json gives the project id.

liuzulin · 2025-09-23T20:05:08Z

packages/core/src/sagemakerunifiedstudio/auth/providers/smusAuthenticationProvider.ts

+            logger.debug('Fetching project account ID via STS GetCallerIdentity with project credentials')
+
+            // Get project credentials
+            const projectCredProvider = await this.getProjectCredentialProvider(projectId)


Can me move this as a util function as well

We may leave it there because, first the logic is not used in other places, second it follows getDomainAccountId theme.

liuzulin · 2025-09-23T20:07:53Z

packages/core/src/sagemakerunifiedstudio/shared/telemetry.ts

+        let projectRegion: string | undefined
+
+        if (projectId) {
+            projectAccountId = await authProvider.getProjectAccountId(projectId)


Just want to confirm, this method is only used by retrieving project account id for right?

kzr-at-amazon requested a review from a team as a code owner September 19, 2025 17:38

kzr-at-amazon force-pushed the master branch 2 times, most recently from 8c03419 to d427165 Compare September 19, 2025 18:02

Normicrypto approved these changes Sep 22, 2025

View reviewed changes

liuzulin reviewed Sep 23, 2025

View reviewed changes

Normicrypto approved these changes Sep 23, 2025

View reviewed changes

kzr-at-amazon force-pushed the master branch from 2506e00 to 30e58e8 Compare September 23, 2025 23:52

telemetry: add project account id and region

7bb0309

kzr-at-amazon force-pushed the master branch from 30e58e8 to 7bb0309 Compare September 24, 2025 00:19

liuzulin approved these changes Sep 24, 2025

View reviewed changes

laileni-aws approved these changes Sep 24, 2025

View reviewed changes

Merge branch 'master' into master

d93cf4d

ashishrp-aws approved these changes Sep 24, 2025

View reviewed changes

ashishrp-aws merged commit f297d64 into aws:master Sep 24, 2025
21 of 22 checks passed

telemetry: add project account id and region #8079

telemetry: add project account id and region #8079

Uh oh!

Conversation

kzr-at-amazon commented Sep 19, 2025 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Problem

Solution

Uh oh!

amazon-inspector-ohio bot commented Sep 19, 2025

Uh oh!

amazon-inspector-ohio bot commented Sep 19, 2025

Uh oh!

Normicrypto commented Sep 22, 2025

Uh oh!

liuzulin left a comment

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

5 participants

kzr-at-amazon commented Sep 19, 2025 •

edited

Loading