Name	Name	Last commit message	Last commit date
parent directory ..
bin	bin
lib	lib
resources	resources
src/eksInventory	src/eksInventory
statemachine	statemachine
test	test
.gitignore	.gitignore
.npmignore	.npmignore
README.md	README.md
cdk.json	cdk.json
example-workflow.json	example-workflow.json
jest.config.js	jest.config.js
package.json	package.json
tsconfig.json	tsconfig.json

Name

Last commit message

Last commit date

lib

example-workflow.json

jest.config.js

package.json

tsconfig.json

sfnEksInventory

This workflow demonstrates the Distributed Map to inventorize EKS clusters across an AWS Organization. It gathers ARN's and Version Numbers to build up the inventory.

Requirements

Create an AWS account if you do not already have one and log in. The IAM user that you use must have sufficient permissions to make necessary AWS service calls and manage AWS resources.
AWS CLI installed and configured
Git Installed
AWS Serverless Application Model (AWS SAM) installed

Deployment Instructions

Create a new directory, navigate to that directory in a terminal and clone the GitHub repository:
```
git clone https://github.com/aws-samples/step-functions-workflows-collection
```
Change directory to the pattern directory:
```
cd sfn-eks-inventory
```
From the command line, use AWS CDK to deploy the AWS resources for the workflow:
```
npx cdk deploy
```

How it works

The example requires pre-existing Cross Account roles in Linked Accounts to allow querying which are out of scope for this example. The roles require ec2:DescribeRegions, eks:ListClusters and eks:DescribeCluster permissions. This role is hard configured to "arn:aws:iam::{account_id}:role/OrgInventoryReader" which can be modified in the python function.

The step function can be initiated by any input or schedule. Once started it will execute organizations:ListAccounts to create an inventory of accounts.

Distributed Map then processes account by invoking a Python Lambda Function that lists all enabled ec2 regions, lists clusters in each region and then retrieves its name, arn, platform version and version.

Once the inventory is collected it is written out to s3 with the distributed map ResultWriter.

The workflow has loose concurrency control, it is pre-configured with MaxConcurrency 10.

This integration pattern can be reused with other services and tasks with Step Functions.

Image

Provide an exported .png of the workflow in the /resources directory from Workflow stuio and add here.

Notes:

When implementing this workflow in production take care that you change the CDK S3 removalPolicy to your desired settings by removing the below blocks.

removalPolicy: cdk.RemovalPolicy.DESTROY,
autoDeleteObjects: true,

The 'Wait for Textract Callback Token' state implements a 1800 second timeout for processing of Documents

Cleanup

From the pattern directory, run

Delete the stack
```
npx cdk destroy
```

SPDX-License-Identifier: MIT-0

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Files

sfn-eks-inventory

sfn-eks-inventory

README.md

sfnEksInventory

Requirements

Deployment Instructions

How it works

Image

Cleanup

Files

sfn-eks-inventory

Directory actions

More options

Directory actions

More options

Latest commit

History

sfn-eks-inventory

Folders and files

parent directory

README.md

sfnEksInventory

Requirements

Deployment Instructions

How it works

Image

Cleanup