The AWS Integration with Terraform

docs>integrations>The AWS Integration with Terraform
Cette page n'est pas encore disponible en français, sa traduction est en cours.
Si vous avez des questions ou des retours sur notre projet de traduction actuel, n'hésitez pas à nous contacter.

Using Terraform, you can create the Datadog IAM role, policy document, and the Datadog-AWS integration with a single terraform apply command.

  1. Configure the Datadog Terraform provider to interact with the Datadog API through a Terraform configuration.

  2. Set up your Terraform configuration file using the example below as a base template. Ensure to update the following parameters before you apply the changes:

    • AWS_PERMISSIONS_LIST: The IAM policies needed by Datadog AWS integrations. The current list is available in the Datadog AWS integration documentation.
    • AWS_ACCOUNT_ID: Your AWS account ID.

See the Terraform Registry for further example usage and the full list of optional parameters, as well as additional Datadog resources.

data "aws_iam_policy_document" "datadog_aws_integration_assume_role" {
  statement {
    actions = ["sts:AssumeRole"]

    principals {
      type = "AWS"
      identifiers = ["arn:aws:iam::464622532012:root"]
    }
    condition {
      test = "StringEquals"
      variable = "sts:ExternalId"

      values = [
        "${datadog_integration_aws.sandbox.external_id}"
      ]
    }
  }
}

data "aws_iam_policy_document" "datadog_aws_integration" {
  statement {
    actions = [<AWS_PERMISSIONS_LIST>]

    resources = ["*"]
  }
}

resource "aws_iam_policy" "datadog_aws_integration" {
  name = "DatadogAWSIntegrationPolicy"
  policy = "${data.aws_iam_policy_document.datadog_aws_integration.json}"
}

resource "aws_iam_role" "datadog_aws_integration" {
  name = "DatadogAWSIntegrationRole"
  description = "Role for Datadog AWS Integration"
  assume_role_policy = "${data.aws_iam_policy_document.datadog_aws_integration_assume_role.json}"
}

resource "aws_iam_role_policy_attachment" "datadog_aws_integration" {
  role = "${aws_iam_role.datadog_aws_integration.name}"
  policy_arn = "${aws_iam_policy.datadog_aws_integration.arn}"
}

resource "datadog_integration_aws" "sandbox" {
  account_id  = "<AWS_ACCOUNT_ID>"
  role_name   = "DatadogAWSIntegrationRole"
}
  1. Run terraform apply. Wait up to 10 minutes for data to start being collected, and then view the out-of-the-box AWS overview dashboard to see metrics sent by your AWS services and infrastructure.

Documentation, liens et articles supplémentaires utiles:

Managing Datadog with TerraformBLOG more more