Skip to content

Commit

Permalink
Merge pull request #165 from sandipnahak/master
Browse files Browse the repository at this point in the history 
ISSUE-163 adding default tags and resource tags
  • Loading branch information
@stationeros
stationeros committed Oct 31, 2023
2 parents 31b7213 + 3924a1e commit f784d90
Show file tree
Hide file tree
Showing 3 changed files with 88 additions and 1 deletion.
19 changes: 19 additions & 0 deletions README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -96,6 +96,25 @@ The following are the parameters for creating the cloudformation template:

[![-----------------------------------------------------](https://raw.githubusercontent.com/andreasbm/readme/master/assets/lines/colored.png)](#instructions)

## Tagging
This section describes the currently supported set of tags and how to take advantage of them in support of common use cases around billing insight generation.

Tags provide additional means of grouping and subdividing costs, whether for the purposes of analysis or cost distribution. Explanations for how tags can be applied to resources inside AWS is provided here. To facilitate a consistent approach to handling known and foreseen use cases, the following tags has been added at stack level and as well as at resource levels.

<b>AppName</b> - Name of the application, default Trapheus <br>
<b>AppComponent</b> - Name of the component, since this application targeted for DB restore, default component database <br>
<b>AppFunction</b> - Application function name, default RestoreDB <br>

If you would like to change above defaults, change it in `samconfig.toml`

Every resource has tags as well, which override the default tag.

For example:

Tags:
AppComponent: "Lambda"
AppFunction: "RenameDBInstance"

## Instructions

### Setup
Expand Down
5 changes: 5 additions & 0 deletions samconfig.toml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,5 @@
version = 0.1

[default.deploy.parameters]
capabilities = "CAPABILITY_IAM"
tags = "AppName=\"Trapheus\" AppComponent=\"database\" AppFunction=\"RestoreDB\""
65 changes: 64 additions & 1 deletion template.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -102,6 +102,8 @@ Resources:
- arn:aws:iam::aws:policy/service-role/AWSLambdaVPCAccessExecutionRole
- arn:aws:iam::aws:policy/AWSStepFunctionsReadOnlyAccess
- arn:aws:iam::aws:policy/AWSLambdaExecute
Tags:
AppComponent: "iamrole"

RecordSet:
Condition: ConfigureRoute53
Expand Down Expand Up @@ -134,6 +136,8 @@ Resources:
Action:
- "lambda:InvokeFunction"
Resource: "*"
Tags:
AppComponent: "iamrole"

CWEventStatesExecutionRole:
Type: "AWS::IAM::Role"
Expand All @@ -155,6 +159,8 @@ Resources:
Action:
- "states:StartExecution"
Resource: !GetAtt DBRestoreStateMachine.Arn
Tags:
AppComponent: "iamrole"

LambdaSecurityGroup:
Type: AWS::EC2::SecurityGroup
Expand All @@ -178,6 +184,8 @@ Resources:
- python3.7
- python3.6
LicenseInfo: 'MIT'
Tags:
AppComponent: "SecurityGroup"

RenameLambdaFunction:
Type: AWS::Serverless::Function
Expand All @@ -200,6 +208,9 @@ Resources:
SecurityGroupIds: !Split [ "," , !GetAtt LambdaSecurityGroup.GroupId ] ,
SubnetIds: !Split [ "," , !Ref Subnets ]
} , !Ref "AWS::NoValue" ]
Tags:
AppComponent: "Lambda"
AppFunction: "RenameDBInstance"

DbInstanceStatusLambdaFunction:
Type: AWS::Serverless::Function
Expand All @@ -222,6 +233,9 @@ Resources:
SecurityGroupIds: !Split [ "," , !GetAtt LambdaSecurityGroup.GroupId ] ,
SubnetIds: !Split [ "," , !Ref Subnets ]
} , !Ref "AWS::NoValue" ]
Tags:
AppComponent: "Lambda"
AppFunction: "DBInstanceStatus"

DBRestoreLambdaFunction:
Type: AWS::Serverless::Function
Expand All @@ -244,6 +258,9 @@ Resources:
SecurityGroupIds: !Split [ "," , !GetAtt LambdaSecurityGroup.GroupId ] ,
SubnetIds: !Split [ "," , !Ref Subnets ]
} , !Ref "AWS::NoValue" ]
Tags:
AppComponent: "Lambda"
AppFunction: "DBInstanceRestore"

DeleteInstanceLambdaFunction:
Type: AWS::Serverless::Function
Expand All @@ -266,6 +283,9 @@ Resources:
SecurityGroupIds: !Split [ "," , !GetAtt LambdaSecurityGroup.GroupId ] ,
SubnetIds: !Split [ "," , !Ref Subnets ]
} , !Ref "AWS::NoValue" ]
Tags:
AppComponent: "Lambda"
AppFunction: "DeleteDBInstance"

DBSnapshotLambdaFunction:
Type: AWS::Serverless::Function
Expand All @@ -288,6 +308,9 @@ Resources:
SecurityGroupIds: !Split [ "," , !GetAtt LambdaSecurityGroup.GroupId ] ,
SubnetIds: !Split [ "," , !Ref Subnets ]
} , !Ref "AWS::NoValue" ]
Tags:
AppComponent: "Lambda"
AppFunction: "DBSnapshot"

EmailAlertLambdaFunction:
Type: AWS::Serverless::Function
Expand Down Expand Up @@ -316,6 +339,9 @@ Resources:
Fn::Sub: ${SenderEmail}
RecipientEmail:
Fn::Sub: ${RecipientEmail}
Tags:
AppComponent: "Lambda"
AppFunction: "EmailAlerting"

SlackAlertLambdaFunction:
Type: AWS::Serverless::Function
Expand All @@ -342,6 +368,9 @@ Resources:
Variables:
SLACK_WEBHOOK:
Fn::Sub: ${SlackWebhookUrls}
Tags:
AppComponent: "Lambda"
AppFunction: "SlackAlerting"

ClusterRenameLambdaFunction:
Type: AWS::Serverless::Function
Expand All @@ -364,6 +393,9 @@ Resources:
SecurityGroupIds: !Split [ "," , !GetAtt LambdaSecurityGroup.GroupId ] ,
SubnetIds: !Split [ "," , !Ref Subnets ]
} , !Ref "AWS::NoValue" ]
Tags:
AppComponent: "Lambda"
AppFunction: "DBClusterRename"

ClusterRestoreLambdaFunction:
Type: AWS::Serverless::Function
Expand All @@ -386,6 +418,9 @@ Resources:
SecurityGroupIds: !Split [ "," , !GetAtt LambdaSecurityGroup.GroupId ] ,
SubnetIds: !Split [ "," , !Ref Subnets ]
} , !Ref "AWS::NoValue" ]
Tags:
AppComponent: "Lambda"
AppFunction: "DBClusterRestore"

ClusterStatusLambdaFunction:
Type: AWS::Serverless::Function
Expand All @@ -408,6 +443,9 @@ Resources:
SecurityGroupIds: !Split [ "," , !GetAtt LambdaSecurityGroup.GroupId ] ,
SubnetIds: !Split [ "," , !Ref Subnets ]
} , !Ref "AWS::NoValue" ]
Tags:
AppComponent: "Lambda"
AppFunction: "DBClusterStatus"

ClusterDeleteLambdaFunction:
Type: AWS::Serverless::Function
Expand All @@ -430,6 +468,9 @@ Resources:
SecurityGroupIds: !Split [ "," , !GetAtt LambdaSecurityGroup.GroupId ] ,
SubnetIds: !Split [ "," , !Ref Subnets ]
} , !Ref "AWS::NoValue" ]
Tags:
AppComponent: "Lambda"
AppFunction: "DBClusterDelete"

ClusterSnapshotLambdaFunction:
Type: AWS::Serverless::Function
Expand All @@ -452,7 +493,10 @@ Resources:
SecurityGroupIds: !Split [ "," , !GetAtt LambdaSecurityGroup.GroupId ] ,
SubnetIds: !Split [ "," , !Ref Subnets ]
} , !Ref "AWS::NoValue" ]

Tags:
AppComponent: "Lambda"
AppFunction: "DBClusterSnapshot"

SnapshotExportKmsKey:
Type: AWS::KMS::Key
Properties:
Expand Down Expand Up @@ -487,11 +531,17 @@ Resources:
- kms:TagResource
- kms:UntagResource
Resource: '*'
Tags:
AppComponent: "CMK"
AppFunction: "export-snapshot-to-s3"

SnapshotsBucket:
Type: AWS::S3::Bucket
Properties:
BucketName: !Sub 'rds-snapshots-${AWS::AccountId}'
Tags:
AppComponent: "S3"
AppFunction: "rds-snapshots"

SnapshotExportLambdaFunction:
Type: AWS::Serverless::Function
Expand All @@ -516,6 +566,9 @@ Resources:
VpcConfig:
SecurityGroupIds: !Split [ "," , !GetAtt LambdaSecurityGroup.GroupId ]
SubnetIds: !Split [ "," , !Ref Subnets ]
Tags:
AppComponent: "Lambda"
AppFunction: "DBExportSnapshots"

ClusterSnapshotExportLambdaFunction:
Type: AWS::Serverless::Function
Expand All @@ -540,6 +593,9 @@ Resources:
VpcConfig:
SecurityGroupIds: !Split [ "," , !GetAtt LambdaSecurityGroup.GroupId ]
SubnetIds: !Split [ "," , !Ref Subnets ]
Tags:
AppComponent: "Lambda"
AppFunction: "ClusterExportSnapshots"

DBRestoreStateMachine:
Type: AWS::StepFunctions::StateMachine
Expand Down Expand Up @@ -1242,6 +1298,9 @@ Resources:
SlackAlertLambdaArn: !GetAtt SlackAlertLambdaFunction.Arn
}
RoleArn: !GetAtt StatesExecutionRole.Arn
Tags:
AppComponent: "Lambda"
AppFunction: "ClusterExportSnapshots"

DBRestoreStateMachineEventRule:
Type: AWS::Events::Rule
Expand All @@ -1267,3 +1326,7 @@ Resources:
"task": "create_snapshot",
"isCluster": true
}'
Tags:
AppComponent: "CW-Rule"
AppFunction: "DBRestoreRule"

0 comments on commit f784d90

Please sign in to comment.