diff --git a/README.md b/README.md index 41efb957..aa450bba 100644 --- a/README.md +++ b/README.md @@ -16,7 +16,7 @@ This CDK library automatically configures ingestion of metrics, traces, and logs ## AWS CDK v1 vs AWS CDK v2 -**WARNING**: `AWS CDK v1` has reached end-of-support and `datadog-cdk-constructs` will no longer be receiving updates. It's strongly recommended to upgrade to `AWS CDK v2` ([official migration guide](https://docs.aws.amazon.com/cdk/v2/guide/migrating-v2.html)) and switch to using `datadog-cdk-constructs-v2`. +**WARNING**: `AWS CDK v1` has reached end-of-support and `datadog-cdk-constructs` will no longer be receiving updates. It's strongly recommended to upgrade to `AWS CDK v2` ([official migration guide](https://docs.aws.amazon.com/cdk/v2/guide/migrating-v2.html)) and switch to using `datadog-cdk-constructs-v2`. Two separate versions of Datadog CDK Constructs exist; `datadog-cdk-constructs` and `datadog-cdk-constructs-v2`. These are designed to work with `AWS CDK v1` and `AWS CDK v2` respectively. @@ -27,6 +27,7 @@ Two separate versions of Datadog CDK Constructs exist; `datadog-cdk-constructs` ## npm Package Installation: For use with AWS CDK v2: + ``` yarn add --dev datadog-cdk-constructs-v2 # or @@ -34,6 +35,7 @@ npm install datadog-cdk-constructs-v2 --save-dev ``` For use with AWS CDK v1: + ``` yarn add --dev datadog-cdk-constructs # or @@ -43,15 +45,27 @@ npm install datadog-cdk-constructs --save-dev ## PyPI Package Installation: For use with AWS CDK v2: + ``` pip install datadog-cdk-constructs-v2 ``` For use with AWS CDK v1: + ``` pip install datadog-cdk-constructs ``` +## Go Package Installation: + +For use with AWS CDK v2: + +``` +go get github.com/DataDog/datadog-cdk-constructs/dist/go/ddcdkconstruct +``` + +AWS CDK v1 is not supported. + ### Note: Pay attention to the output from your package manager as the `Datadog CDK Construct Library` has peer dependencies. @@ -65,6 +79,8 @@ Pay attention to the output from your package manager as the `Datadog CDK Constr Add this to your CDK stack: +#### TypeScript + ```typescript import { Datadog } from "datadog-cdk-constructs-v2"; @@ -97,67 +113,93 @@ datadog.addLambdaFunctions([]) datadog.addForwarderToNonLambdaLogGroups([]) ``` +#### Go + +```go +import ( + "github.com/DataDog/datadog-cdk-constructs-go/ddcdkconstruct" +) +datadog := ddcdkconstruct.NewDatadog( + stack, + jsii.String("Datadog"), + &ddcdkconstruct.DatadogProps{ + NodeLayerVersion: jsii.Number(), + AddLayers: jsii.Bool(), + Site: jsii.String(), + ApiKey: jsii.String(os.Getenv("DD_API_KEY")), + // ... + }) +datadog.AddLambdaFunctions(&[]interface{}{myFunction}, nil) +datadog.AddForwarderToNonLambdaLogGroups() +``` + ## Source Code Integration + [Source code integration](https://docs.datadoghq.com/integrations/guide/source-code-integration/) is enabled by default through automatic lambda tagging, and will work if: -- The Datadog Github Integration is installed. +- The Datadog Github integration is installed. - Your datadog-cdk dependency satisfies either of the below versions: - `datadog-cdk-constructs-v2` >= 1.4.0 - `datadog-cdk-constructs` >= 0.8.5 ### Alternative Methods to Enable Source Code Integration -If the automatic implementation doesn't work for your case, please follow one of the two guides below. + +If the automatic implementation doesn't work for your case, please follow one of the two guides below. **Note: these alternate guides only work for Typescript.** +
- datadog-cdk version satisfied, but Datadog Github Integration NOT installed + datadog-cdk version satisfied, but Datadog Github integration NOT installed - If the Datadog Github Integration is not installed, you need to import the `datadog-ci` package and manually upload your Git metadata to Datadog. - We recommend you do this where your CDK Stack is initialized. +If the Datadog Github integration is not installed, you need to import the `datadog-ci` package and manually upload your Git metadata to Datadog. +For the best results, import the `datadog-ci` package where your CDK Stack is initialized. - ```typescript - const app = new cdk.App(); +```typescript +const app = new cdk.App(); - // Make sure to add @datadog/datadog-ci via your package manager - const datadogCi = require("@datadog/datadog-ci"); - // Manually uploading Git metadata to Datadog. - datadogCi.gitMetadata.uploadGitCommitHash('{Datadog_API_Key}', '') +// Make sure to add @datadog/datadog-ci via your package manager +const datadogCi = require("@datadog/datadog-ci"); +// Manually uploading Git metadata to Datadog. +datadogCi.gitMetadata.uploadGitCommitHash("{Datadog_API_Key}", ""); - const app = new cdk.App(); - new ExampleStack(app, "ExampleStack", {}); +const app = new cdk.App(); +new ExampleStack(app, "ExampleStack", {}); + +app.synth(); +``` - app.synth(); - ```
datadog-cdk version NOT satisfied - Change your initialization function as follows (note: we're changing this to pass just the `gitHash` value to the CDK): +Change your initialization function as follows (in this case, `gitHash` value is passed to the CDK): - ```typescript - async function main() { - // Make sure to add @datadog/datadog-ci via your package manager - const datadogCi = require("@datadog/datadog-ci"); - const [, gitHash] = await datadogCi.gitMetadata.uploadGitCommitHash('{Datadog_API_Key}', '') +```typescript +async function main() { + // Make sure to add @datadog/datadog-ci via your package manager + const datadogCi = require("@datadog/datadog-ci"); + const [, gitHash] = await datadogCi.gitMetadata.uploadGitCommitHash("{Datadog_API_Key}", ""); - const app = new cdk.App(); - // Pass in the hash to the ExampleStack constructor - new ExampleStack(app, "ExampleStack", {}, gitHash); - } - ``` - Ensure you call this function to initialize your stack. - - In your stack constructor, change to add an optional `gitHash` parameter, and call `addGitCommitMetadata()`: - - ```typescript - export class ExampleStack extends cdk.Stack { - constructor(scope: cdk.App, id: string, props?: cdk.StackProps, gitHash?: string) { - ... - ... - datadog.addGitCommitMetadata([], gitHash) - } + const app = new cdk.App(); + // Pass in the hash to the ExampleStack constructor + new ExampleStack(app, "ExampleStack", {}, gitHash); +} +``` + +Ensure you call this function to initialize your stack. + +In your stack constructor, change to add an optional `gitHash` parameter, and call `addGitCommitMetadata()`: + +```typescript +export class ExampleStack extends cdk.Stack { + constructor(scope: cdk.App, id: string, props?: cdk.StackProps, gitHash?: string) { + ... + ... + datadog.addGitCommitMetadata([], gitHash) } - ``` +} +``` +
## Configuration @@ -166,42 +208,43 @@ To further configure your Datadog construct, use the following custom parameters _Note_: The descriptions use the npm package parameters, but they also apply to the PyPI package parameters. -| npm package parameter | PyPI package parameter | Description | -| --- | --- | --- | -| `addLayers` | `add_layers` | Whether to add the Lambda Layers or expect the user to bring their own. Defaults to `true`. When `true`, the Lambda Library version variables are also required. When `false`, you must include the Datadog Lambda library in your functions' deployment packages. | -| `pythonLayerVersion` | `python_layer_version` | Version of the Python Lambda layer to install, such as `83`. Required if you are deploying at least one Lambda function written in Python and `addLayers` is `true`. Find the latest version number [here][5]. | -| `nodeLayerVersion` | `node_layer_version` | Version of the Node.js Lambda layer to install, such as `100`. Required if you are deploying at least one Lambda function written in Node.js and `addLayers` is `true`. Find the latest version number from [here][6]. | -| `javaLayerVersion` | `java_layer_version` | Version of the Java layer to install, such as `8`. Required if you are deploying at least one Lambda function written in Java and `addLayers` is `true`. Find the latest version number in the [Serverless Java installation documentation][15]. **Note**: `extensionLayerVersion >= 25` and `javaLayerVersion >= 5` are required for the Datadog construct to instrument your Java functions properly. | -| `dotnetLayerVersion` | `dotnet_layer_version` | Version of the .NET layer to install, such as `13`. Required if you are deploying at least one Lambda function written in .NET and `addLayers` is `true`. Find the latest version number from [here][18]. | -| `extensionLayerVersion` | `extension_layer_version` | Version of the Datadog Lambda Extension layer to install, such as 5. When `extensionLayerVersion` is set, `apiKey` (or if encrypted, `apiKMSKey` or `apiKeySecretArn`) needs to be set as well. When enabled, lambda function log groups will not be subscribed by the forwarder. Learn more about the Lambda extension [here][12]. | -| `forwarderArn` | `forwarder_arn` | When set, the plugin will automatically subscribe the Datadog Forwarder to the functions' log groups. Do not set `forwarderArn` when `extensionLayerVersion` is set. | -| `createForwarderPermissions` | `createForwarderPermissions` | When set to `true`, creates a Lambda permission on the the Datadog Forwarder per log group. Since the Datadog Forwarder has permissions configured by default, this is unnecessary in most use cases. | -| `flushMetricsToLogs` | `flush_metrics_to_logs` | Send custom metrics using CloudWatch logs with the Datadog Forwarder Lambda function (recommended). Defaults to `true` . If you disable this parameter, it's required to set `apiKey` (or if encrypted, `apiKMSKey` or `apiKeySecretArn`). | -| `site` | `site` | Set which Datadog site to send data. This is only used when `flushMetricsToLogs` is `false` or `extensionLayerVersion` is set. Possible values are `datadoghq.com`, `datadoghq.eu`, `us3.datadoghq.com`, `us5.datadoghq.com`, `ap1.datadoghq.com`, and `ddog-gov.com`. The default is `datadoghq.com`. | -| `apiKey` | `api_key` | Datadog API Key, only needed when `flushMetricsToLogs` is `false` or `extensionLayerVersion` is set. For more information about getting a Datadog API key, see the [API key documentation][8]. | -| `apiKeySecretArn` | `api_key_secret_arn` | The ARN of the secret storing the Datadog API key in AWS Secrets Manager. Use this parameter in place of `apiKey` when `flushMetricsToLogs` is `false` or `extensionLayer` is set. Remember to add the `secretsmanager:GetSecretValue` permission to the Lambda execution role. | -| `apiKeySecret` | `api_key_secret` | An [AWS CDK ISecret][16] representing a secret storing the Datadog API key in AWS Secrets Manager. Use this parameter in place of `apiKeySecretArn` to automatically grant your Lambda execution roles read access to the given secret. [See here](#automatically-grant-aws-secret-read-access-to-lambda-execution-role) for an example. **Only available in datadog-cdk-constructs-v2**. | -| `apiKmsKey` | `api_kms_key` | Datadog API Key encrypted using KMS. Use this parameter in place of `apiKey` when `flushMetricsToLogs` is `false` or `extensionLayerVersion` is set, and you are using KMS encryption. | -| `enableDatadogTracing` | `enable_datadog_tracing` | Enable Datadog tracing on your Lambda functions. Defaults to `true`. | -| `enableMergeXrayTraces` | `enable_merge_xray_traces` | Enable merging X-Ray traces on your Lambda functions. Defaults to `false`. | -| `enableDatadogLogs` | `enable_datadog_logs` | Send Lambda function logs to Datadog via the Datadog Lambda Extension. Defaults to `true`. Note: This setting has no effect on logs sent via the Datadog Forwarder. | -| `enableSourceCodeIntegration` | `enable_source_code_integration` | Enable Datadog Source Code Integration, connecting your telemetry with application code in your Git repositories. This requires the Datadog Github Integration to work, otherwise please follow the [alternative method](#alternative-methods-to-enable-source-code-integration). Learn more [here](https://docs.datadoghq.com/integrations/guide/source-code-integration/). Defaults to `true`. | -| `injectLogContext` | `inject_log_context` | When set, the Lambda layer will automatically patch console.log with Datadog's tracing ids. Defaults to `true`. | -| `logLevel` | `log_level` | When set to `debug`, the Datadog Lambda Library and Extension will log additional information to help troubleshoot issues. | -| `env` | `env` | When set along with `extensionLayerVersion`, a `DD_ENV` environment variable is added to all Lambda functions with the provided value. When set along with `forwarderArn`, an `env` tag is added to all Lambda functions with the provided value. | -| `service` | `service` | When set along with `extensionLayerVersion`, a `DD_SERVICE` environment variable is added to all Lambda functions with the provided value. When set along with `forwarderArn`, a `service` tag is added to all Lambda functions with the provided value. | -| `version` | `version` | When set along with `extensionLayerVersion`, a `DD_VERSION` environment variable is added to all Lambda functions with the provided value. When set along with `forwarderArn`, a `version` tag is added to all Lambda functions with the provided value. | -| `tags` | `tags` | A comma separated list of key:value pairs as a single string. When set along with `extensionLayerVersion`, a `DD_TAGS` environment variable is added to all Lambda functions with the provided value. When set along with `forwarderArn`, the cdk parses the string and sets each key:value pair as a tag to all Lambda functions. | -| `enableColdStartTracing` | `enable_cold_start_tracing` | Set to `false` to disable Cold Start Tracing. Used in Node.js and Python. Defaults to `true`. | -| `coldStartTraceMinDuration` | `min_cold_start_trace_duration` | Sets the minimum duration (in milliseconds) for a module load event to be traced via Cold Start Tracing. Number. Defaults to `3`. | -| `coldStartTraceSkipLibs` | `cold_start_trace_skip_libs`| Optionally skip creating Cold Start Spans for a comma-separated list of libraries. Useful to limit depth or skip known libraries. Default depends on runtime. | -| `enableProfiling` | `enable_profiling` | Enable the Datadog Continuous Profiler with `true`. Supported in Beta for Node.js and Python. Defaults to `false`. | -| `encodeAuthorizerContext` |`encode_authorizer_context` | When set to `true` for Lambda authorizers, the tracing context will be encoded into the response for propagation. Supported for Node.js and Python. Defaults to `true`. | -| `decodeAuthorizerContext` |`decode_authorizer_context` | When set to `true` for Lambdas that are authorized via Lambda authorizers, it will parse and use the encoded tracing context (if found). Supported for Node.js and Python. Defaults to `true`. | -| `apmFlushDeadline` | `apm_flush_deadline` | Used to determine when to submit spans before a timeout occurs, in milliseconds. When the remaining time in an AWS Lambda invocation is less than the value set, the tracer attempts to submit the current active spans and all finished spans. Supported for Node.js and Python. Defaults to `100` milliseconds. | -| `redirectHandler` | `redirect_handler` | When set to `false`, skip redirecting handler to the Datadog Lambda Library's handler. Useful when only instrumenting with Datadog Lambda Extension. Defaults to `true`. | +| npm package parameter | PyPI package parameter | Description | +| ----------------------------- | -------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| `addLayers` | `add_layers` | Whether to add the Lambda Layers or expect the user to bring their own. Defaults to `true`. When `true`, the Lambda Library version variables are also required. When `false`, you must include the Datadog Lambda library in your functions' deployment packages. | +| `pythonLayerVersion` | `python_layer_version` | Version of the Python Lambda layer to install, such as `83`. Required if you are deploying at least one Lambda function written in Python and `addLayers` is `true`. Find the latest version number [here][5]. | +| `nodeLayerVersion` | `node_layer_version` | Version of the Node.js Lambda layer to install, such as `100`. Required if you are deploying at least one Lambda function written in Node.js and `addLayers` is `true`. Find the latest version number from [here][6]. | +| `javaLayerVersion` | `java_layer_version` | Version of the Java layer to install, such as `8`. Required if you are deploying at least one Lambda function written in Java and `addLayers` is `true`. Find the latest version number in the [Serverless Java installation documentation][15]. **Note**: `extensionLayerVersion >= 25` and `javaLayerVersion >= 5` are required for the Datadog construct to instrument your Java functions properly. | +| `dotnetLayerVersion` | `dotnet_layer_version` | Version of the .NET layer to install, such as `13`. Required if you are deploying at least one Lambda function written in .NET and `addLayers` is `true`. Find the latest version number from [here][18]. | +| `extensionLayerVersion` | `extension_layer_version` | Version of the Datadog Lambda Extension layer to install, such as 5. When `extensionLayerVersion` is set, `apiKey` (or if encrypted, `apiKMSKey` or `apiKeySecretArn`) needs to be set as well. When enabled, lambda function log groups will not be subscribed by the forwarder. Learn more about the Lambda extension [here][12]. | +| `forwarderArn` | `forwarder_arn` | When set, the plugin will automatically subscribe the Datadog Forwarder to the functions' log groups. Do not set `forwarderArn` when `extensionLayerVersion` is set. | +| `createForwarderPermissions` | `createForwarderPermissions` | When set to `true`, creates a Lambda permission on the the Datadog Forwarder per log group. Since the Datadog Forwarder has permissions configured by default, this is unnecessary in most use cases. | +| `flushMetricsToLogs` | `flush_metrics_to_logs` | Send custom metrics using CloudWatch logs with the Datadog Forwarder Lambda function (recommended). Defaults to `true` . If you disable this parameter, it's required to set `apiKey` (or if encrypted, `apiKMSKey` or `apiKeySecretArn`). | +| `site` | `site` | Set which Datadog site to send data. This is only used when `flushMetricsToLogs` is `false` or `extensionLayerVersion` is set. Possible values are `datadoghq.com`, `datadoghq.eu`, `us3.datadoghq.com`, `us5.datadoghq.com`, `ap1.datadoghq.com`, and `ddog-gov.com`. The default is `datadoghq.com`. | +| `apiKey` | `api_key` | Datadog API Key, only needed when `flushMetricsToLogs` is `false` or `extensionLayerVersion` is set. For more information about getting a Datadog API key, see the [API key documentation][8]. | +| `apiKeySecretArn` | `api_key_secret_arn` | The ARN of the secret storing the Datadog API key in AWS Secrets Manager. Use this parameter in place of `apiKey` when `flushMetricsToLogs` is `false` or `extensionLayer` is set. Remember to add the `secretsmanager:GetSecretValue` permission to the Lambda execution role. | +| `apiKeySecret` | `api_key_secret` | An [AWS CDK ISecret][16] representing a secret storing the Datadog API key in AWS Secrets Manager. Use this parameter in place of `apiKeySecretArn` to automatically grant your Lambda execution roles read access to the given secret. [See here](#automatically-grant-aws-secret-read-access-to-lambda-execution-role) for an example. **Only available in datadog-cdk-constructs-v2**. | +| `apiKmsKey` | `api_kms_key` | Datadog API Key encrypted using KMS. Use this parameter in place of `apiKey` when `flushMetricsToLogs` is `false` or `extensionLayerVersion` is set, and you are using KMS encryption. | +| `enableDatadogTracing` | `enable_datadog_tracing` | Enable Datadog tracing on your Lambda functions. Defaults to `true`. | +| `enableMergeXrayTraces` | `enable_merge_xray_traces` | Enable merging X-Ray traces on your Lambda functions. Defaults to `false`. | +| `enableDatadogLogs` | `enable_datadog_logs` | Send Lambda function logs to Datadog via the Datadog Lambda Extension. Defaults to `true`. Note: This setting has no effect on logs sent via the Datadog Forwarder. | +| `enableSourceCodeIntegration` | `enable_source_code_integration` | Enable Datadog Source Code Integration, connecting your telemetry with application code in your Git repositories. This requires the Datadog Github integration to work, otherwise please follow the [alternative method](#alternative-methods-to-enable-source-code-integration). Learn more [here](https://docs.datadoghq.com/integrations/guide/source-code-integration/). Defaults to `true`. | +| `injectLogContext` | `inject_log_context` | When set, the Lambda layer will automatically patch console.log with Datadog's tracing ids. Defaults to `true`. | +| `logLevel` | `log_level` | When set to `debug`, the Datadog Lambda Library and Extension will log additional information to help troubleshoot issues. | +| `env` | `env` | When set along with `extensionLayerVersion`, a `DD_ENV` environment variable is added to all Lambda functions with the provided value. When set along with `forwarderArn`, an `env` tag is added to all Lambda functions with the provided value. | +| `service` | `service` | When set along with `extensionLayerVersion`, a `DD_SERVICE` environment variable is added to all Lambda functions with the provided value. When set along with `forwarderArn`, a `service` tag is added to all Lambda functions with the provided value. | +| `version` | `version` | When set along with `extensionLayerVersion`, a `DD_VERSION` environment variable is added to all Lambda functions with the provided value. When set along with `forwarderArn`, a `version` tag is added to all Lambda functions with the provided value. | +| `tags` | `tags` | A comma separated list of key:value pairs as a single string. When set along with `extensionLayerVersion`, a `DD_TAGS` environment variable is added to all Lambda functions with the provided value. When set along with `forwarderArn`, the cdk parses the string and sets each key:value pair as a tag to all Lambda functions. | +| `enableColdStartTracing` | `enable_cold_start_tracing` | Set to `false` to disable Cold Start Tracing. Used in Node.js and Python. Defaults to `true`. | +| `coldStartTraceMinDuration` | `min_cold_start_trace_duration` | Sets the minimum duration (in milliseconds) for a module load event to be traced via Cold Start Tracing. Number. Defaults to `3`. | +| `coldStartTraceSkipLibs` | `cold_start_trace_skip_libs` | Optionally skip creating Cold Start Spans for a comma-separated list of libraries. Useful to limit depth or skip known libraries. Default depends on runtime. | +| `enableProfiling` | `enable_profiling` | Enable the Datadog Continuous Profiler with `true`. Supported in Beta for Node.js and Python. Defaults to `false`. | +| `encodeAuthorizerContext` | `encode_authorizer_context` | When set to `true` for Lambda authorizers, the tracing context will be encoded into the response for propagation. Supported for Node.js and Python. Defaults to `true`. | +| `decodeAuthorizerContext` | `decode_authorizer_context` | When set to `true` for Lambdas that are authorized via Lambda authorizers, it will parse and use the encoded tracing context (if found). Supported for Node.js and Python. Defaults to `true`. | +| `apmFlushDeadline` | `apm_flush_deadline` | Used to determine when to submit spans before a timeout occurs, in milliseconds. When the remaining time in an AWS Lambda invocation is less than the value set, the tracer attempts to submit the current active spans and all finished spans. Supported for Node.js and Python. Defaults to `100` milliseconds. | +| `redirectHandler` | `redirect_handler` | When set to `false`, skip redirecting handler to the Datadog Lambda Library's handler. Useful when only instrumenting with Datadog Lambda Extension. Defaults to `true`. | **Note**: Using the parameters above may override corresponding function level `DD_XXX` environment variables. + ### Tracing Enable X-Ray Tracing on your Lambda functions. For more information, see [CDK documentation][9]. @@ -285,6 +328,7 @@ class NestedStack extends cdk.NestedStack { Add tags to your constructs. We recommend setting an `env` and `service` tag to tie Datadog telemetry together. For more information see [official AWS documentation][10] and [CDK documentation][11]. ## Automatically grant AWS secret read access to Lambda execution role + **Only available in datadog-cdk-constructs-v2** To automatically grant your Lambda execution roles read access to a given secret, pass in `apiKeySecret` in place of `apiKeySecretArn` when initializing the Datadog construct. @@ -309,7 +353,6 @@ The Datadog CDK construct takes in a list of lambda functions and installs the D While Lambda function based log groups are handled by the `addLambdaFunctions` method automatically, the construct has an additional function `addForwarderToNonLambdaLogGroups` which subscribes the forwarder to any additional log groups of your choosing. - ## Resources to learn about CDK - [CDK TypeScript Workshop](https://cdkworkshop.com/20-typescript.html) diff --git a/examples/go-stack/.gitignore b/examples/go-stack/.gitignore new file mode 100644 index 00000000..f29e2876 --- /dev/null +++ b/examples/go-stack/.gitignore @@ -0,0 +1,20 @@ +# Binaries for programs and plugins +*.exe +*.exe~ +*.dll +*.so +*.dylib +app + +# Test binary, built with `go test -c` +*.test + +# Output of the go coverage tool, specifically when used with LiteIDE +*.out + +# go.sum should be committed +!go.sum + +# CDK asset staging directory +.cdk.staging +cdk.out diff --git a/examples/go-stack/README.md b/examples/go-stack/README.md new file mode 100644 index 00000000..ec51cee2 --- /dev/null +++ b/examples/go-stack/README.md @@ -0,0 +1,18 @@ +# Datadog CDK Go Example + +Use this example Go stack to try out the [datadog-cdk-constructs](https://github.com/DataDog/datadog-cdk-constructs) v2 library. It contains Node, Python, and Go Lambda functions. + +## Getting Started + +1. Get a Datadog API key to send monitoring data ([Datadog API keys documentation](https://docs.datadoghq.com/account_management/api-app-keys/#add-an-api-key-or-client-token)). +1. Run `export DD_API_KEY=` to set the Datadog API key in your shell session. +1. Run `cdk synth` to synthesize the CloudFormation template. +1. Run `cdk diff` to see the resource and permission changes that are made. +1. Run `cdk deploy` to deploy the stack to AWS. +1. Invoke your Lambda functions and look for them in [Datadog Serverless Monitoring](https://app.datadoghq.com/functions?cloud=aws). + +![Image 2023-11-02 at 11 44 22 AM](https://github.com/DataDog/datadog-cdk-constructs/assets/35278470/9c7b7b15-27ff-4de1-8f54-f5c352f1774b) + +## Resources + +This demo project was created and modified from [Tutorial: Create your first AWS CDK app](https://docs.aws.amazon.com/cdk/v2/guide/hello_world.html) diff --git a/examples/go-stack/app.go b/examples/go-stack/app.go new file mode 100644 index 00000000..89e09fb0 --- /dev/null +++ b/examples/go-stack/app.go @@ -0,0 +1,94 @@ +package main + +import ( + "os" + + "github.com/DataDog/datadog-cdk-constructs-go/ddcdkconstruct" + "github.com/aws/aws-cdk-go/awscdk/v2" + "github.com/aws/aws-cdk-go/awscdk/v2/awslambda" + "github.com/aws/constructs-go/constructs/v10" + "github.com/aws/jsii-runtime-go" +) + +type AppStackProps struct { + awscdk.StackProps +} + +func NewAppStack(scope constructs.Construct, id string, props *AppStackProps) awscdk.Stack { + var sprops awscdk.StackProps + if props != nil { + sprops = props.StackProps + } + stack := awscdk.NewStack(scope, &id, &sprops) + + myFunction := awslambda.NewFunction(stack, jsii.String("HelloWorldFunction"), &awslambda.FunctionProps{ + Runtime: awslambda.Runtime_NODEJS_20_X(), // Provide any supported Node.js runtime + Handler: jsii.String("index.handler"), + Code: awslambda.Code_FromInline(jsii.String(` + exports.handler = async function(event) { + return { + statusCode: 200, + body: JSON.stringify('Hello World!'), + }; + }; + `)), + }) + + // Define the Lambda function URL resource + myFunctionUrl := myFunction.AddFunctionUrl(&awslambda.FunctionUrlOptions{ + AuthType: awslambda.FunctionUrlAuthType_NONE, + }) + + // Define a CloudFormation output for your URL + awscdk.NewCfnOutput(stack, jsii.String("myFunctionUrlOutput"), &awscdk.CfnOutputProps{ + Value: myFunctionUrl.Url(), + }) + + // Set up Datadog integration + datadog := ddcdkconstruct.NewDatadog( + stack, + jsii.String("Datadog"), + &ddcdkconstruct.DatadogProps{ + NodeLayerVersion: jsii.Number(113), + PythonLayerVersion: jsii.Number(97), + JavaLayerVersion: jsii.Number(21), + DotnetLayerVersion: jsii.Number(15), + AddLayers: jsii.Bool(true), + ExtensionLayerVersion: jsii.Number(62), + FlushMetricsToLogs: jsii.Bool(true), + Site: jsii.String("datadoghq.com"), + ApiKey: jsii.String(os.Getenv("DD_API_KEY")), + EnableDatadogTracing: jsii.Bool(true), + EnableMergeXrayTraces: jsii.Bool(true), + EnableDatadogLogs: jsii.Bool(true), + InjectLogContext: jsii.Bool(true), + LogLevel: jsii.String("debug"), + }) + datadog.AddLambdaFunctions(&[]interface{}{myFunction}, nil) + + return stack +} + +func main() { + defer jsii.Close() + + app := awscdk.NewApp(nil) + + NewAppStack(app, "AppStack", &AppStackProps{ + awscdk.StackProps{ + Env: env(), + }, + }) + + app.Synth(nil) +} + +// env determines the AWS environment (account+region) in which our stack is to +// be deployed. For more information see: https://docs.aws.amazon.com/cdk/latest/guide/environments.html +func env() *awscdk.Environment { + env := awscdk.Environment{ + Account: jsii.String("425362996713"), + Region: jsii.String("us-east-1"), + } + return &env +} diff --git a/examples/go-stack/cdk.json b/examples/go-stack/cdk.json new file mode 100644 index 00000000..5ae1f8cc --- /dev/null +++ b/examples/go-stack/cdk.json @@ -0,0 +1,68 @@ +{ + "app": "go mod download && go run app.go", + "watch": { + "include": [ + "**" + ], + "exclude": [ + "README.md", + "cdk*.json", + "go.mod", + "go.sum", + "**/*test.go" + ] + }, + "context": { + "@aws-cdk/aws-lambda:recognizeLayerVersion": true, + "@aws-cdk/core:checkSecretUsage": true, + "@aws-cdk/core:target-partitions": [ + "aws", + "aws-cn" + ], + "@aws-cdk-containers/ecs-service-extensions:enableDefaultLogDriver": true, + "@aws-cdk/aws-ec2:uniqueImdsv2TemplateName": true, + "@aws-cdk/aws-ecs:arnFormatIncludesClusterName": true, + "@aws-cdk/aws-iam:minimizePolicies": true, + "@aws-cdk/core:validateSnapshotRemovalPolicy": true, + "@aws-cdk/aws-codepipeline:crossAccountKeyAliasStackSafeResourceName": true, + "@aws-cdk/aws-s3:createDefaultLoggingPolicy": true, + "@aws-cdk/aws-sns-subscriptions:restrictSqsDescryption": true, + "@aws-cdk/aws-apigateway:disableCloudWatchRole": true, + "@aws-cdk/core:enablePartitionLiterals": true, + "@aws-cdk/aws-events:eventsTargetQueueSameAccount": true, + "@aws-cdk/aws-ecs:disableExplicitDeploymentControllerForCircuitBreaker": true, + "@aws-cdk/aws-iam:importedRoleStackSafeDefaultPolicyName": true, + "@aws-cdk/aws-s3:serverAccessLogsUseBucketPolicy": true, + "@aws-cdk/aws-route53-patters:useCertificate": true, + "@aws-cdk/customresources:installLatestAwsSdkDefault": false, + "@aws-cdk/aws-rds:databaseProxyUniqueResourceName": true, + "@aws-cdk/aws-codedeploy:removeAlarmsFromDeploymentGroup": true, + "@aws-cdk/aws-apigateway:authorizerChangeDeploymentLogicalId": true, + "@aws-cdk/aws-ec2:launchTemplateDefaultUserData": true, + "@aws-cdk/aws-secretsmanager:useAttachedSecretResourcePolicyForSecretTargetAttachments": true, + "@aws-cdk/aws-redshift:columnId": true, + "@aws-cdk/aws-stepfunctions-tasks:enableEmrServicePolicyV2": true, + "@aws-cdk/aws-ec2:restrictDefaultSecurityGroup": true, + "@aws-cdk/aws-apigateway:requestValidatorUniqueId": true, + "@aws-cdk/aws-kms:aliasNameRef": true, + "@aws-cdk/aws-autoscaling:generateLaunchTemplateInsteadOfLaunchConfig": true, + "@aws-cdk/core:includePrefixInUniqueNameGeneration": true, + "@aws-cdk/aws-efs:denyAnonymousAccess": true, + "@aws-cdk/aws-opensearchservice:enableOpensearchMultiAzWithStandby": true, + "@aws-cdk/aws-lambda-nodejs:useLatestRuntimeVersion": true, + "@aws-cdk/aws-efs:mountTargetOrderInsensitiveLogicalId": true, + "@aws-cdk/aws-rds:auroraClusterChangeScopeOfInstanceParameterGroupWithEachParameters": true, + "@aws-cdk/aws-appsync:useArnForSourceApiAssociationIdentifier": true, + "@aws-cdk/aws-rds:preventRenderingDeprecatedCredentials": true, + "@aws-cdk/aws-codepipeline-actions:useNewDefaultBranchForCodeCommitSource": true, + "@aws-cdk/aws-cloudwatch-actions:changeLambdaPermissionLogicalIdForLambdaAction": true, + "@aws-cdk/aws-codepipeline:crossAccountKeysDefaultValueToFalse": true, + "@aws-cdk/aws-codepipeline:defaultPipelineTypeToV2": true, + "@aws-cdk/aws-kms:reduceCrossAccountRegionPolicyScope": true, + "@aws-cdk/aws-eks:nodegroupNameAttribute": true, + "@aws-cdk/aws-ec2:ebsDefaultGp3Volume": true, + "@aws-cdk/aws-ecs:removeDefaultDeploymentAlarm": true, + "@aws-cdk/custom-resources:logApiResponseDataPropertyTrueDefault": false, + "@aws-cdk/aws-stepfunctions-tasks:ecsReduceRunTaskPermissions": true + } +} diff --git a/examples/go-stack/go.mod b/examples/go-stack/go.mod new file mode 100644 index 00000000..5e6d729c --- /dev/null +++ b/examples/go-stack/go.mod @@ -0,0 +1,26 @@ +module app + +go 1.18 + +require ( + github.com/DataDog/datadog-cdk-constructs-go/ddcdkconstruct v1.13.0 + github.com/aws/aws-cdk-go/awscdk/v2 v2.151.0 + github.com/aws/constructs-go/constructs/v10 v10.3.0 + github.com/aws/jsii-runtime-go v1.102.0 +) + +require ( + github.com/Masterminds/semver/v3 v3.2.1 // indirect + github.com/cdklabs/awscdk-asset-awscli-go/awscliv1/v2 v2.2.202 // indirect + github.com/cdklabs/awscdk-asset-kubectl-go/kubectlv20/v2 v2.1.2 // indirect + github.com/cdklabs/awscdk-asset-node-proxy-agent-go/nodeproxyagentv6/v2 v2.0.3 // indirect + github.com/fatih/color v1.17.0 // indirect + github.com/mattn/go-colorable v0.1.13 // indirect + github.com/mattn/go-isatty v0.0.20 // indirect + github.com/yuin/goldmark v1.4.13 // indirect + golang.org/x/lint v0.0.0-20210508222113-6edffad5e616 // indirect + golang.org/x/mod v0.19.0 // indirect + golang.org/x/sync v0.7.0 // indirect + golang.org/x/sys v0.22.0 // indirect + golang.org/x/tools v0.23.0 // indirect +) diff --git a/examples/go-stack/go.sum b/examples/go-stack/go.sum new file mode 100644 index 00000000..985d94ea --- /dev/null +++ b/examples/go-stack/go.sum @@ -0,0 +1,48 @@ +github.com/DataDog/datadog-cdk-constructs-go/ddcdkconstruct v1.13.0 h1:AOgs4MEGLb0gmkEdBx2HC7BrUtrpM46tyET+cJ7t80M= +github.com/DataDog/datadog-cdk-constructs-go/ddcdkconstruct v1.13.0/go.mod h1:8Z+S8e9EMZov5IaSD06SqgjIQWvgTeQbfrG2zWZLXL8= +github.com/Masterminds/semver/v3 v3.2.1 h1:RN9w6+7QoMeJVGyfmbcgs28Br8cvmnucEXnY0rYXWg0= +github.com/Masterminds/semver/v3 v3.2.1/go.mod h1:qvl/7zhW3nngYb5+80sSMF+FG2BjYrf8m9wsX0PNOMQ= +github.com/aws/aws-cdk-go/awscdk/v2 v2.151.0 h1:VvUQxNej+CQRWJ4cNBRD74iM7h2zg2gz0bsrm+cSD+g= +github.com/aws/aws-cdk-go/awscdk/v2 v2.151.0/go.mod h1:lpJq6B2AsZbjSvlJbLmCwjKwuT7voQc3xmFjEbJOTdA= +github.com/aws/constructs-go/constructs/v10 v10.3.0 h1:LsjBIMiaDX/vqrXWhzTquBJ9pPdi02/H+z1DCwg0PEM= +github.com/aws/constructs-go/constructs/v10 v10.3.0/go.mod h1:GgzwIwoRJ2UYsr3SU+JhAl+gq5j39bEMYf8ev3J+s9s= +github.com/aws/jsii-runtime-go v1.102.0 h1:ioz2f1eLB6+bb/z0LcflDc4ize/a02DI+OzzgNkAgrg= +github.com/aws/jsii-runtime-go v1.102.0/go.mod h1:ZlLvPqSh0zXs0jw+hhoFSa9lq5kXRqInl1/raLZY964= +github.com/cdklabs/awscdk-asset-awscli-go/awscliv1/v2 v2.2.202 h1:VixXB9DnHN8oP7pXipq8GVFPjWCOdeNxIaS/ZyUwTkI= +github.com/cdklabs/awscdk-asset-awscli-go/awscliv1/v2 v2.2.202/go.mod h1:iPUti/SWjA3XAS3CpnLciFjS8TN9Y+8mdZgDfSgcyus= +github.com/cdklabs/awscdk-asset-kubectl-go/kubectlv20/v2 v2.1.2 h1:k+WD+6cERd59Mao84v0QtRrcdZuuSMfzlEmuIypKnVs= +github.com/cdklabs/awscdk-asset-kubectl-go/kubectlv20/v2 v2.1.2/go.mod h1:CvFHBo0qcg8LUkJqIxQtP1rD/sNGv9bX3L2vHT2FUAo= +github.com/cdklabs/awscdk-asset-node-proxy-agent-go/nodeproxyagentv6/v2 v2.0.3 h1:8NLWOIVaxAtpUXv5reojlAeDP7R8yswm9mDONf7F/3o= +github.com/cdklabs/awscdk-asset-node-proxy-agent-go/nodeproxyagentv6/v2 v2.0.3/go.mod h1:ZjFqfhYpCLzh4z7ChcHCrkXfqCuEiRlNApDfJd6plts= +github.com/fatih/color v1.17.0 h1:GlRw1BRJxkpqUCBKzKOw098ed57fEsKeNjpTe3cSjK4= +github.com/fatih/color v1.17.0/go.mod h1:YZ7TlrGPkiz6ku9fK3TLD/pl3CpsiFyu8N92HLgmosI= +github.com/mattn/go-colorable v0.1.13 h1:fFA4WZxdEF4tXPZVKMLwD8oUnCTTo08duU7wxecdEvA= +github.com/mattn/go-colorable v0.1.13/go.mod h1:7S9/ev0klgBDR4GtXTXX8a3vIGJpMovkB8vQcUbaXHg= +github.com/mattn/go-isatty v0.0.16/go.mod h1:kYGgaQfpe5nmfYZH+SKPsOc2e4SrIfOl2e/yFXSvRLM= +github.com/mattn/go-isatty v0.0.20 h1:xfD0iDuEKnDkl03q4limB+vH+GxLEtL/jb4xVJSWWEY= +github.com/mattn/go-isatty v0.0.20/go.mod h1:W+V8PltTTMOvKvAeJH7IuucS94S2C6jfK/D7dTCTo3Y= +github.com/yuin/goldmark v1.4.13 h1:fVcFKWvrslecOb/tg+Cc05dkeYx540o0FuFt3nUVDoE= +github.com/yuin/goldmark v1.4.13/go.mod h1:6yULJ656Px+3vBD8DxQVa3kxgyrAnzto9xy5taEt/CY= +golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= +golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= +golang.org/x/lint v0.0.0-20210508222113-6edffad5e616 h1:VLliZ0d+/avPrXXH+OakdXhpJuEoBZuwh1m2j7U6Iug= +golang.org/x/lint v0.0.0-20210508222113-6edffad5e616/go.mod h1:3xt1FjdF8hUf6vQPIChWIBhFzV8gjjsPE/fR3IyQdNY= +golang.org/x/mod v0.1.1-0.20191105210325-c90efee705ee/go.mod h1:QqPTAvyqsEbceGzBzNggFXnrqF1CaUcvgkdR5Ot7KZg= +golang.org/x/mod v0.19.0 h1:fEdghXQSo20giMthA7cd28ZC+jts4amQ3YMXiP5oMQ8= +golang.org/x/mod v0.19.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c= +golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= +golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= +golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.7.0 h1:YsImfSBoP9QPYL0xyKJPq0gcaJdG3rInoqxTWbfQu9M= +golang.org/x/sync v0.7.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk= +golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= +golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20220811171246-fbc7d0a398ab/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.22.0 h1:RI27ohtqKCnwULzJLqkv897zojh5/DwS/ENaMzUOaWI= +golang.org/x/sys v0.22.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= +golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= +golang.org/x/tools v0.0.0-20200130002326-2f3ba24bd6e7/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= +golang.org/x/tools v0.23.0 h1:SGsXPZ+2l4JsgaCKkx+FQ9YZ5XEtA1GZYuoDjenLjvg= +golang.org/x/tools v0.23.0/go.mod h1:pnu6ufv6vQkll6szChhK3C3L/ruaIv5eBeztNG8wtsI= +golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= diff --git a/examples/python-stack/README.md b/examples/python-stack/README.md index c2478631..dbd5e0ba 100644 --- a/examples/python-stack/README.md +++ b/examples/python-stack/README.md @@ -1,10 +1,10 @@ # Datadog CDK Python Example -Use this example Python stack to try out the [datadog-cdk-constructs](https://github.com/DataDog/datadog-cdk-constructs) v2 library. It contains Node, Python and Go Lambda functions. +Use this example Python stack to try out the [datadog-cdk-constructs](https://github.com/DataDog/datadog-cdk-constructs) v2 library. It contains Node, Python, and Go Lambda functions. ## Getting Started -1. Get a Datadog API key to be used to send monitoring data ([Datadog API keys documentation](https://docs.datadoghq.com/account_management/api-app-keys/#add-an-api-key-or-client-token)). +1. Get a Datadog API key to send monitoring data ([Datadog API keys documentation](https://docs.datadoghq.com/account_management/api-app-keys/#add-an-api-key-or-client-token)). 1. Run `export DD_API_KEY=` to set the Datadog API key in your shell session. 1. Run `virtualenv env` to create a virtual environment. 1. Run `source env/bin/activate` to activate the virtual environment. diff --git a/examples/typescript-stack/README.md b/examples/typescript-stack/README.md index 66230713..70c9ea63 100644 --- a/examples/typescript-stack/README.md +++ b/examples/typescript-stack/README.md @@ -1,10 +1,10 @@ # Datadog CDK TypeScript Example -Use this example TypeScript stack to try out the [datadog-cdk-constructs](https://github.com/DataDog/datadog-cdk-constructs) v2 library. It contains Node, Python and Go Lambda functions. +Use this example TypeScript stack to try out the [datadog-cdk-constructs](https://github.com/DataDog/datadog-cdk-constructs) v2 library. It contains Node, Python, and Go Lambda functions. ## Getting Started -1. Get a Datadog API key to be used to send monitoring data ([Datadog API keys documentation](https://docs.datadoghq.com/account_management/api-app-keys/#add-an-api-key-or-client-token)). +1. Get a Datadog API key to send monitoring data ([Datadog API keys documentation](https://docs.datadoghq.com/account_management/api-app-keys/#add-an-api-key-or-client-token)). 1. Run `export DD_API_KEY=` to set the Datadog API key in your shell session. 1. Run `yarn` install dependencies. 1. Update the layer versions in [lib/cdk-typescript-stack.ts](https://github.com/DataDog/datadog-cdk-constructs/blob/d2f1f60b7e0594ae77dd76a7f5964bee651e8022/examples/typescript-stack/lib/cdk-typescript-stack.ts#L66-L68) with the latest releases: