diff --git a/_sub/monitoring/datadog-agent-kubernetes/dependencies.tf b/_sub/monitoring/datadog-agent-kubernetes/dependencies.tf deleted file mode 100644 index b9aee5a1a..000000000 --- a/_sub/monitoring/datadog-agent-kubernetes/dependencies.tf +++ /dev/null @@ -1,149 +0,0 @@ -data "github_repository" "main" { - full_name = "${var.github_owner}/${var.repo_name}" -} - -locals { - default_repo_branch = data.github_repository.main.default_branch - repo_branch = length(var.repo_branch) > 0 ? var.repo_branch : local.default_repo_branch - cluster_repo_path = "clusters/${var.cluster_name}" - helm_repo_path = "platform-apps/${var.cluster_name}/${var.deploy_name}/helm" - config_repo_path = "platform-apps/${var.cluster_name}/${var.deploy_name}/config" - app_install_name = "platform-apps-${var.deploy_name}" - - app_helm_path = { - "apiVersion" = "kustomize.toolkit.fluxcd.io/v1" - "kind" = "Kustomization" - "metadata" = { - "name" = "${local.app_install_name}-helm" - "namespace" = "flux-system" - } - "spec" = { - "interval" = "1m0s" - "dependsOn" = [ - { - "name" = "platform-apps-sources" - } - ] - "sourceRef" = { - "kind" = "GitRepository" - "name" = "flux-system" - } - "path" = "./${local.helm_repo_path}" - "prune" = var.prune - } - } - - app_config_path = { - "apiVersion" = "kustomize.toolkit.fluxcd.io/v1" - "kind" = "Kustomization" - "metadata" = { - "name" = "${local.app_install_name}-config" - "namespace" = "flux-system" - } - "spec" = { - "interval" = "1m0s" - "dependsOn" = [ - { - "name" = "${local.app_install_name}-helm" - } - ] - "sourceRef" = { - "kind" = "GitRepository" - "name" = "flux-system" - } - "path" = "./${local.config_repo_path}" - "prune" = var.prune - } - } - - helm_install = { - "apiVersion" = "kustomize.config.k8s.io/v1beta1" - "kind" = "Kustomization" - "resources" = [ - "${var.gitops_apps_repo_url}/apps/${var.deploy_name}?ref=${var.gitops_apps_repo_branch}" - ] - "patchesStrategicMerge" = [ - "patch.yaml" - ] - } - - helm_patch = { - "apiVersion" = "helm.toolkit.fluxcd.io/v2beta1" - "kind" = "HelmRelease" - "metadata" = { - "name" = "datadog-operator" - "namespace" = var.namespace - } - "spec" = { - "chart" = { - "spec" = { - "version" = var.helm_chart_version - } - } - } - } - - config_init = { - "apiVersion" = "kustomize.config.k8s.io/v1beta1" - "kind" = "Kustomization" - "resources" = [ - "agent.yaml" - ] - } - - config_agent = < 0~} - tolerations: -%{for t in var.tolerations~} - - key: ${t.key} - operator: ${t.operator} -%{if t.value != null~} - value: ${t.value} -%{endif~} - effect: ${t.effect} -%{endfor~} -%{endif~} - features: - apm: - enabled: true - logCollection: - enabled: true - containerCollectAll: true - eventCollection: - collectKubernetesEvents: true - liveProcessCollection: - enabled: true - liveContainerCollection: - enabled: true - admissionController: - enabled: false - externalMetricsServer: - enabled: false - useDatadogMetrics: false - clusterChecks: - enabled: true - npm: - enabled: true - usm: - enabled: true - YAML - -} diff --git a/_sub/monitoring/datadog-agent-kubernetes/main.tf b/_sub/monitoring/datadog-agent-kubernetes/main.tf deleted file mode 100644 index 8274a42da..000000000 --- a/_sub/monitoring/datadog-agent-kubernetes/main.tf +++ /dev/null @@ -1,50 +0,0 @@ -# -------------------------------------------------- -# Create JSON files to be picked up by Flux CD -# -------------------------------------------------- -resource "github_repository_file" "datadog_provider_helm" { - repository = var.repo_name - branch = local.repo_branch - file = "${local.cluster_repo_path}/${local.app_install_name}-helm.yaml" - content = jsonencode(local.app_helm_path) - overwrite_on_create = var.overwrite_on_create -} - -resource "github_repository_file" "datadog_provider_helm_install" { - repository = var.repo_name - branch = local.repo_branch - file = "${local.helm_repo_path}/kustomization.yaml" - content = jsonencode(local.helm_install) - overwrite_on_create = var.overwrite_on_create -} - -resource "github_repository_file" "datadog_provider_helm_patch" { - repository = var.repo_name - branch = local.repo_branch - file = "${local.helm_repo_path}/patch.yaml" - content = jsonencode(local.helm_patch) - overwrite_on_create = var.overwrite_on_create -} - -resource "github_repository_file" "datadog_config_path" { - repository = var.repo_name - branch = local.repo_branch - file = "${local.cluster_repo_path}/${local.app_install_name}-config.yaml" - content = jsonencode(local.app_config_path) - overwrite_on_create = var.overwrite_on_create -} - -resource "github_repository_file" "datadog_config_agent" { - repository = var.repo_name - branch = local.repo_branch - file = "${local.config_repo_path}/agent.yaml" - content = local.config_agent - overwrite_on_create = var.overwrite_on_create -} - -resource "github_repository_file" "datadog_config_init" { - repository = var.repo_name - branch = local.repo_branch - file = "${local.config_repo_path}/kustomization.yaml" - content = jsonencode(local.config_init) - overwrite_on_create = var.overwrite_on_create -} \ No newline at end of file diff --git a/_sub/monitoring/datadog-agent-kubernetes/outputs.tf b/_sub/monitoring/datadog-agent-kubernetes/outputs.tf deleted file mode 100644 index e69de29bb..000000000 diff --git a/_sub/monitoring/datadog-agent-kubernetes/vars.tf b/_sub/monitoring/datadog-agent-kubernetes/vars.tf deleted file mode 100644 index 9f9048be6..000000000 --- a/_sub/monitoring/datadog-agent-kubernetes/vars.tf +++ /dev/null @@ -1,96 +0,0 @@ -variable "cluster_name" { - type = string -} - -variable "deploy_name" { - type = string - description = "Unique identifier of the deployment, only needs override if deploying multiple instances" - default = "datadog-operator" -} - -variable "namespace" { - type = string - default = "datadog" - description = "The namespace in which to deploy Helm resources" -} - -variable "github_owner" { - type = string - description = "Name of the Github owner (previously: organization)" -} - -variable "repo_name" { - type = string - description = "Name of the Github repo to store the manifests in" -} - -variable "repo_branch" { - type = string - description = "Override the default branch of the repo (optional)" - default = null -} - -variable "helm_chart_version" { - type = string - description = "The version of the DataDog Helm Chart that should be used" - default = null -} - -variable "overwrite_on_create" { - type = bool - default = true - description = "Enable overwriting existing files" -} - -variable "gitops_apps_repo_url" { - type = string - default = "" - description = "The https url for your GitOps manifests" -} - -variable "gitops_apps_repo_branch" { - type = string - default = "main" - description = "The default branch for your GitOps manifests" -} - -variable "api_secret_name" { - type = string - default = "datadog-secret" -} - -variable "api_secret_key" { - type = string - default = "api-key" -} - -variable "app_secret_name" { - type = string - default = "datadog-secret" -} - -variable "app_secret_key" { - type = string - default = "app-key" -} - -variable "site" { - type = string - default = "datadoghq.eu" -} - -variable "tolerations" { - type = list(object({ - key = string, - operator = string, - value = optional(string), - effect = string, - })) - default = [] -} - -variable "prune" { - type = bool - default = true - description = "Enable Garbage collection" -} diff --git a/_sub/monitoring/datadog-agent-kubernetes/versions.tf b/_sub/monitoring/datadog-agent-kubernetes/versions.tf deleted file mode 100644 index 4d166aa6d..000000000 --- a/_sub/monitoring/datadog-agent-kubernetes/versions.tf +++ /dev/null @@ -1,10 +0,0 @@ -terraform { - required_version = "~> 1.0" - - required_providers { - github = { - source = "integrations/github" - version = "~> 5.42.0" - } - } -} diff --git a/_sub/monitoring/datadog-integration-aws/main.tf b/_sub/monitoring/datadog-integration-aws/main.tf deleted file mode 100644 index 5c362664f..000000000 --- a/_sub/monitoring/datadog-integration-aws/main.tf +++ /dev/null @@ -1,131 +0,0 @@ -resource "datadog_integration_aws" "account" { - count = var.deploy ? 1 : 0 - account_id = var.aws_account_id - role_name = var.datadog_integration_role_name # Not referenced via module.datadog_iam_role to avoid cyclic dependency - filter_tags = var.filter_tags - host_tags = var.host_tags - account_specific_namespace_rules = var.account_specific_namespace_rules - metrics_collection_enabled = var.metrics_collection_enabled - resource_collection_enabled = var.resource_collection_enabled - excluded_regions = ["us-east-1", "us-east-2", "us-west-1", "us-west-2", "ca-central-1", "af-south-1", "ap-east-1", "ap-northeast-1", "ap-northeast-2", "ap-northeast-3", "ap-south-1", "ap-south-2", "ap-southeast-1", "ap-southeast-2", "ap-southeast-3", "ap-southeast-4", "eu-north-1", "eu-central-2", "eu-south-1", "eu-south-2", "eu-west-2", "eu-west-3", "me-central-1", "me-south-1", "sa-east-1"] -} - -module "datadog_iam_role" { - count = var.deploy ? 1 : 0 - source = "../..//security//iam-role" - role_name = var.datadog_integration_role_name - role_description = "Datadog Integration Role" - assume_role_policy = data.aws_iam_policy_document.assume_datadog[0].json - - role_policy_name = "DatadogIntegrationPolicy" - role_policy_document = data.aws_iam_policy_document.datadog_integration_aws[0].json -} - -data "aws_iam_policy_document" "assume_datadog" { - count = var.deploy ? 1 : 0 - statement { - sid = "DatadogAssumeRole" - actions = ["sts:AssumeRole"] - - principals { - type = "AWS" - - identifiers = ["${var.datadog_aws_account_id}"] - } - - condition { - test = "ForAnyValue:StringEquals" - variable = "sts:ExternalId" - values = ["${datadog_integration_aws.account[0].external_id}"] - } - - effect = "Allow" - } -} - -data "aws_iam_policy_document" "datadog_integration_aws" { - count = var.deploy ? 1 : 0 - statement { - sid = "DatadogIntegration" - effect = "Allow" - actions = [ - "apigateway:GET", - "autoscaling:Describe*", - "backup:List*", - "budgets:ViewBudget", - "cloudfront:GetDistributionConfig", - "cloudfront:ListDistributions", - "cloudtrail:DescribeTrails", - "cloudtrail:GetTrailStatus", - "cloudtrail:LookupEvents", - "cloudwatch:Describe*", - "cloudwatch:Get*", - "cloudwatch:List*", - "codedeploy:List*", - "codedeploy:BatchGet*", - "directconnect:Describe*", - "dynamodb:List*", - "dynamodb:Describe*", - "ec2:Describe*", - "ecs:Describe*", - "ecs:List*", - "elasticache:Describe*", - "elasticache:List*", - "elasticfilesystem:DescribeFileSystems", - "elasticfilesystem:DescribeTags", - "elasticfilesystem:DescribeAccessPoints", - "elasticloadbalancing:Describe*", - "elasticmapreduce:List*", - "elasticmapreduce:Describe*", - "es:ListTags", - "es:ListDomainNames", - "es:DescribeElasticsearchDomains", - "events:CreateEventBus", - "fsx:DescribeFileSystems", - "fsx:ListTagsForResource", - "health:DescribeEvents", - "health:DescribeEventDetails", - "health:DescribeAffectedEntities", - "kinesis:List*", - "kinesis:Describe*", - "lambda:GetPolicy", - "lambda:List*", - "logs:DeleteSubscriptionFilter", - "logs:DescribeLogGroups", - "logs:DescribeLogStreams", - "logs:DescribeSubscriptionFilters", - "logs:FilterLogEvents", - "logs:PutSubscriptionFilter", - "logs:TestMetricFilter", - "organizations:Describe*", - "organizations:List*", - "rds:Describe*", - "rds:List*", - "redshift:DescribeClusters", - "redshift:DescribeLoggingStatus", - "route53:List*", - "s3:GetBucketLogging", - "s3:GetBucketLocation", - "s3:GetBucketNotification", - "s3:GetBucketTagging", - "s3:ListAllMyBuckets", - "s3:PutBucketNotification", - "ses:Get*", - "sns:List*", - "sns:Publish", - "sqs:ListQueues", - "states:ListStateMachines", - "states:DescribeStateMachine", - "support:DescribeTrustedAdvisor*", - "support:RefreshTrustedAdvisorCheck", - "tag:GetResources", - "tag:GetTagKeys", - "tag:GetTagValues", - "xray:BatchGetTraces", - "xray:GetTraceSummaries" - ] - resources = [ - "*" - ] - } -} diff --git a/_sub/monitoring/datadog-integration-aws/outputs.tf b/_sub/monitoring/datadog-integration-aws/outputs.tf deleted file mode 100644 index e69de29bb..000000000 diff --git a/_sub/monitoring/datadog-integration-aws/vars.tf b/_sub/monitoring/datadog-integration-aws/vars.tf deleted file mode 100644 index 1af65131f..000000000 --- a/_sub/monitoring/datadog-integration-aws/vars.tf +++ /dev/null @@ -1,44 +0,0 @@ -variable "deploy" { - type = bool - default = false -} - -variable "aws_account_id" { - type = string - default = null -} - -variable "datadog_aws_account_id" { - type = string - default = null -} - -variable "datadog_integration_role_name" { - type = string - default = "DatadogIntegrationRole" -} - -variable "filter_tags" { - type = list(string) - default = null -} - -variable "host_tags" { - type = list(string) - default = null -} - -variable "account_specific_namespace_rules" { - type = map(bool) - default = null -} - -variable "metrics_collection_enabled" { - type = bool - default = true -} - -variable "resource_collection_enabled" { - type = bool - default = false -} \ No newline at end of file diff --git a/_sub/monitoring/datadog-integration-aws/versions.tf b/_sub/monitoring/datadog-integration-aws/versions.tf deleted file mode 100644 index 549419fd0..000000000 --- a/_sub/monitoring/datadog-integration-aws/versions.tf +++ /dev/null @@ -1,15 +0,0 @@ -terraform { - required_version = ">= 1.3.0, < 2.0.0" - - required_providers { - datadog = { - source = "DataDog/datadog" - version = "3.34.0" - } - - aws = { - source = "hashicorp/aws" - version = "~> 5.31.0" - } - } -}