This PR adds Multi Account Mixed Observability Observability Accelerator pattern.
Change log
Monitoring Environment now has an EKS cluster built using ObservabilityBuilder with Grafana Operator and External Secrets using GrafanaOperatorConstruct. Uses ArgoCDAddOn for GitOps.
Identity, datasources, dashboards for Grafana Operator are from https://github.com/iamprakkie/aws-observability-accelerator.git. Final change will be updated to aws-observability/aws-observability-accelerator. Grafana Dashboard URLs taken from cdk.json.
Documentation covers all steps required to deploy the pattern.
Trust entities for AMP role and CW role now uses WorkspaceIamRole as principal.
github-token and github-ssh-key are stored in AWS SecretsManager in pipeline and monitoring account. Rest all are moved to SSM Securestring parameter.
gitOwner will be picked up from SSM parameter /cdk-accelerator/pipeline-git-info.
Clean up script takes care of deleting stack resources and stack which are not covered with pattern destroy option.
Can be used for multi-account with multiple-regions too.
Work in progress
Architecture diagram.
sample-apps and grafana-operator-app git URLs to point out to aws-observability/aws-observability-accelerator.
This PR adds Multi Account Mixed Observability Observability Accelerator pattern.
Change log
Monitoring Environment now has an EKS cluster built using
ObservabilityBuilder
with Grafana Operator and External Secrets usingGrafanaOperatorConstruct
. Uses ArgoCDAddOn for GitOps.Sample apps for prod accounts will be taken from https://github.com/iamprakkie/aws-observability-accelerator.git instead of https://github.com/aws-samples/eks-blueprints-workloads.git. Final change will be updated to aws-observability/aws-observability-accelerator.
Identity, datasources, dashboards for Grafana Operator are from https://github.com/iamprakkie/aws-observability-accelerator.git. Final change will be updated to aws-observability/aws-observability-accelerator. Grafana Dashboard URLs taken from cdk.json.
Documentation covers all steps required to deploy the pattern.
Trust entities for AMP role and CW role now uses WorkspaceIamRole as principal.
github-token
andgithub-ssh-key
are stored in AWS SecretsManager inpipeline
andmonitoring
account. Rest all are moved to SSM Securestring parameter.gitOwner will be picked up from SSM parameter
/cdk-accelerator/pipeline-git-info
.Clean up script takes care of deleting stack resources and stack which are not covered with pattern destroy option.
Can be used for multi-account with multiple-regions too.
Work in progress
Architecture diagram.
sample-apps and grafana-operator-app git URLs to point out to
aws-observability/aws-observability-accelerator
.