Last active
October 26, 2021 08:10
-
-
Save mnanchev/6cc94a2ec3bf8ecf0034ffa29d73cbd8 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // Creation of databrew role used by forecast and databrew | |
| const dataBrewRole = new Role(this, 'costAndUsageReportRole', { | |
| roleName: 'dataBrewServiceRole', | |
| assumedBy: new CompositePrincipal( | |
| new ServicePrincipal('databrew.amazonaws.com'), | |
| new ServicePrincipal('forecast.amazonaws.com'), | |
| ), | |
| path: '/service-role/', | |
| }); | |
| // create a bucket to store cost and usage report with aws managed encryption and versioning | |
| const reportBucket = new Bucket(this, 'costAndUsageReportBucket', { | |
| encryption: BucketEncryption.S3_MANAGED, | |
| bucketName: 'cost-and-usage-report-2021-12-12', | |
| versioned: true, | |
| autoDeleteObjects: true, | |
| removalPolicy: RemovalPolicy.DESTROY, | |
| }); | |
| // add read permissions for billingreport to put cost and usage report and databrew to get the report | |
| // and transform the data | |
| reportBucket.addToResourcePolicy( | |
| new PolicyStatement({ | |
| resources: [reportBucket.arnForObjects('*'), reportBucket.bucketArn], | |
| actions: ['s3:GetBucketAcl', 's3:GetBucketPolicy', 's3:PutObject', 's3:GetObject'], | |
| principals: [ | |
| new ServicePrincipal('billingreports.amazonaws.com'), | |
| new ServicePrincipal('databrew.amazonaws.com'), | |
| new AccountPrincipal(this.account), | |
| ], | |
| }), | |
| ); | |
| // Deploy a sample cost and usage report to use it for test | |
| const prefixCreation = new BucketDeployment(this, 'PrefixCreator', { | |
| sources: [Source.asset('./assets')], | |
| destinationBucket: reportBucket, | |
| destinationKeyPrefix: `2021`, // optional prefix in destination bucket | |
| }); | |
| // add dependency to put the file after the report bucket was created | |
| prefixCreation.node.addDependency(reportBucket); | |
| // Create cost and usage report | |
| // We use parquet because it is highly optimized and offers | |
| // a good value for speed/storage | |
| // A new report version will be created for each day. | |
| // An alternative is OVERWRITE_REPORT, because it saves storage and we | |
| // already have versioning enabled. Th problem is that this files will | |
| //grow bigger each day and i would suggest to create a new file for each new year. | |
| // A S3 lifecycle policy will also be a good idea | |
| new CfnReportDefinition(this, 'costAndUsageReport', { | |
| compression: 'Parquet', | |
| format: 'Parquet', | |
| refreshClosedReports: true, | |
| reportName: 'cost-and-usage-report-2021-12-12', | |
| reportVersioning: 'CREATE_NEW_REPORT', | |
| s3Bucket: 'cost-and-usage-report-2021-12-12', | |
| s3Prefix: '2021', | |
| s3Region: 'us-east-1', | |
| timeUnit: 'HOURLY', | |
| }).addDependsOn( | |
| reportBucket.node.defaultChild as CfnBucket, | |
| ); | |
| // We grant dataBrwRole read and write permissions to both buckets | |
| outputBucket.grantReadWrite(dataBrewRole); | |
| reportBucket.grantReadWrite(dataBrewRole); | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment