|
| 1 | +# AWS Managed Grafana Terraform Module |
| 2 | + |
| 3 | +## Overview |
| 4 | +This Terraform module provisions an AWS Managed Grafana workspace, configures authentication and access, and sets up API keys for different roles. |
| 5 | + |
| 6 | +## Features |
| 7 | +- Creates an AWS Managed Grafana workspace |
| 8 | +- Configures authentication via AWS SSO |
| 9 | +- Defines API keys for different user roles (Viewer, Editor, Admin) |
| 10 | +- Supports multiple data sources (e.g., CloudWatch, Prometheus, etc.) |
| 11 | + |
| 12 | +## Usage |
| 13 | +```hcl |
| 14 | +module "managed_grafana" { |
| 15 | + source = "terraform-aws-modules/managed-service-grafana/aws" |
| 16 | +
|
| 17 | + name = "${var.environment_name}-grafana" |
| 18 | + description = "AWS Managed Grafana service ${var.environment_name} environment." |
| 19 | + account_access_type = "CURRENT_ACCOUNT" |
| 20 | + authentication_providers = ["AWS_SSO"] |
| 21 | + permission_type = "SERVICE_MANAGED" |
| 22 | + data_sources = var.data_sources |
| 23 | + notification_destinations = ["SNS"] |
| 24 | +
|
| 25 | + workspace_api_keys = { |
| 26 | + viewer = { |
| 27 | + key_name = "viewer" |
| 28 | + key_role = "VIEWER" |
| 29 | + seconds_to_live = 3600 |
| 30 | + } |
| 31 | + editor = { |
| 32 | + key_name = "editor" |
| 33 | + key_role = "EDITOR" |
| 34 | + seconds_to_live = 3600 |
| 35 | + } |
| 36 | + admin = { |
| 37 | + key_name = "admin" |
| 38 | + key_role = "ADMIN" |
| 39 | + seconds_to_live = 3600 |
| 40 | + } |
| 41 | + } |
| 42 | +
|
| 43 | + tags = { |
| 44 | + Terraform = "true" |
| 45 | + Environment = var.environment_name |
| 46 | + } |
| 47 | +} |
| 48 | +``` |
| 49 | + |
| 50 | +## Inputs |
| 51 | + |
| 52 | +| Variable | Description | Type | Default | |
| 53 | +|----------|-------------|------|---------| |
| 54 | +| `environment_name` | The name of the environment, used as a prefix for Grafana resource names | `string` | n/a | |
| 55 | +| `data_sources` | List of data sources for Grafana (e.g., `CLOUDWATCH`, `PROMETHEUS`) | `list(string)` | `["CLOUDWATCH"]` | |
| 56 | + |
| 57 | +## Outputs |
| 58 | + |
| 59 | +| Output | Description | |
| 60 | +|--------|-------------| |
| 61 | +| `grafana_workspace_id` | The ID of the created AWS Managed Grafana workspace | |
| 62 | +| `grafana_workspace_url` | The URL of the AWS Managed Grafana workspace | |
| 63 | + |
| 64 | +## Security |
| 65 | +- Uses AWS SSO for authentication. |
| 66 | +- API keys are generated for different roles (Viewer, Editor, Admin) with restricted permissions. |
| 67 | + |
| 68 | +## License |
| 69 | +This module is licensed under the MIT License. |
| 70 | + |
| 71 | +--- |
| 72 | + |
| 73 | +## 🤝 Contributing |
| 74 | +Contributions are welcome! |
| 75 | +Fork the repository and submit a pull request with bug fixes, improvements, or new features. |
| 76 | + |
| 77 | +For more details, reach out to the repository owner. |
| 78 | +Visit [Senora.dev](https://Senora.dev)💜 for more platform-related services. |
0 commit comments