Skip to main content
Sponsor @cloudposse

Module: managed-grafana

This module is responsible for provisioning an Amazon Managed Grafana workspace.

Introduction

Amazon Managed Grafana is a fully managed service for Grafana, a popular open-source analytics platform that enables you to query, visualize, and alert on your metrics, logs, and traces.

Deploy this module alongside terraform-aws-managed-prometheus to visual metrics or add a Grafana Loki data source to visualize logs.

Usage

For a complete example, see examples/complete.

For automated tests of the complete example using bats and Terratest (which tests and deploys the example on AWS), see test.

locals {
  enabled = module.this.enabled

  # These are pulled from the output of the cloudposse/terraform-aws-managed-prometheus module
  additional_allowed_roles = compact([for prometheus in module.prometheus : prometheus.outputs.access_role_arn])
}

module "security_group" {
  source  = "cloudposse/security-group/aws"
  version = "2.2.0"

  enabled = local.enabled && var.private_network_access_enabled

  allow_all_egress = true
  rules            = []
  vpc_id           = module.vpc.outputs.vpc_id

  context = module.this.context
}

module "managed_grafana" {
  source  = "cloudposse/managed-grafana/aws"
  # Cloud Posse recommends pinning every module to a specific version
  # version = "x.x.x"

  enabled = local.enabled

  prometheus_policy_enabled = var.prometheus_policy_enabled
  additional_allowed_roles  = local.additional_allowed_roles

  sso_role_associations = [
    {
      "role" = "ADMIN"
      "group_ids" = ["xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"]
    }
  ]

  vpc_configuration = var.private_network_access_enabled ? {
    subnet_ids         = module.vpc.outputs.private_subnet_ids
    security_group_ids = [module.security_group.id]
  } : {}

  context = module.this.context
}

Examples

Here is an example of using this module: