Skip to main content

Setup AWS Managed Grafana

Grafana is built around the Amazon managed services for Grafana and Prometheus.

NOTE:

At this time, we have implemented only the EKS integrations with AWS Managed Grafana. We are open to adding ECS support. These instructions include the steps for integrated EKS with AWS Managed Grafana.

0 Vendor Components

Vendor all required components

atmos workflow vendor -f grafana

0 Deploy Grafana

Please see How to Setup Grafana for in depth documentation.

However, if you can find the summary of steps in Atmos Workflows here. You can choose to run these workflows one-by-one, or run them altogether with the following:

atmos workflow deploy -f grafana

0 Deploy all data sources

Deploy Prometheus and Loki to plat-dev, plat-staging, and plat-prod. Run the following Atmos Workflow:

atmos workflow deploy/data-sources -f grafana -s plat-use1-dev
atmos workflow deploy/data-sources -f grafana -s plat-use1-staging
atmos workflow deploy/data-sources -f grafana -s plat-use1-prod

0 Grant the Prometheus Scraper Access to EKS

After deploying the eks/prometheus-scraper component, you will need to reapply the eks/cluster component with an update to var.map_additional_iam_roles.

atmos terraform output eks/prometheus-scraper -s plat-use1-dev
atmos terraform output eks/prometheus-scraper -s plat-use1-staging
atmos terraform output eks/prometheus-scraper -s plat-use1-prod

Note the scraper_role_arn and clusterrole_username outputs and set them to rolearn and username respectively with the map_additional_iam_roles input for eks/cluster.

# stacks/orgs/acme/plat/STAGE/us-east-1/eks.yaml
components:
terraform:
eks/cluster:
vars:
map_additional_iam_roles:
# this role is used to grant the Prometheus scraper access to this cluster. See eks/prometheus-scraper
- rolearn: "arn:aws:iam::111111111111:role/AWSServiceRoleForAmazonPrometheusScraper_111111111111111"
username: "acme-plat-ue2-sandbox-prometheus-scraper"
groups: []

0 Reapply EKS Cluster

Then reapply eks/cluster:

atmos terraform apply eks/cluster -s plat-use1-dev
atmos terraform apply eks/cluster -s plat-use1-staging
atmos terraform apply eks/cluster -s plat-use1-prod

0 Deploy Grafana

Deploy the Amazon Managed Grafana workspace, API key, data-source integrations, and finally dashboards:

atmos workflow deploy/grafana -s core-use1-auto -f grafana

0 Accessing Grafana

Custom URLs

We would prefer to have a custom URL for the provisioned Grafana workspace, but at the moment it's not supported natively and implementation would be non-trivial. We will continue to monitor that Issue and consider alternatives, such as using Cloudfront.

Issue #6: Support for Custom Domains

You can access Grafana from the Grafana workspace endpoint that is output by the grafana component:

atmos terraform output grafana -s core-use1-auto

Or you can open your AWS Single-Sign-On page, navigate to the "Applications" tab, and then select "Amazon Grafana".

https://d-1111aa1a11.awsapps.com/start/