Skip to content
This repository was archived by the owner on Feb 4, 2026. It is now read-only.

aws-samples/centralize-rds-recommendations-across-accounts

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

4 Commits
asset
asset
 
 
template
template
 
 
CODE_OF_CONDUCT.md
CODE_OF_CONDUCT.md
 
 
CONTRIBUTING.md
CONTRIBUTING.md
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 

Repository files navigation

title centralize amazon rds recommendations
author hai tran
date 16/10/2024

Architecture

arch

This respository provide a sample code to deploy a solution for collecting and centralizing Amazon RDS recommendations from service owner accounts within an organization. The deployment leverages CloudFormation stack set.

  1. The Lambda function in the monitoring account assume role in a service owner account.

  2. The Lambda function call Amazon RDS DescribeDBRecommendations.

  3. The Lambda function send recommendations in json format to a S3 bucket.

Deploy

We use the CloudFormation stack set to deploy an IAM role with trusted policy into multiple accounts (service owner account) within an organization unit. Then the Lambda function in the monitoring account will assume this role to get Amazon RDS recommendations from each service owner account. Let following the below steps to deploy the solution:

Step 1. Let clone this repository.

git clone https://github.com/aws-samples/centralize-rds-recommendations-across-accounts.git
cd centralize-rds-recommendations-across-accounts/template/

Step 2. Deploy a Lambda function in monitoring account.

aws cloudformation create-stack \
 --stack-name cf-lambda-for-centralize-rds-recommendations \
 --template-body file://cf-lambda.yaml \
 --parameters '{"TargetAccountIds":"<TARGET_ACOCUNT_ID_1>,<TARGET_ACCOUNT_ID_2>"}'
 --capabilities CAPABILITY_NAMED_IAM

Step 3. Create a CloudFormation stack-set in management account.

aws cloudformation create-stack-set \
 --stack-set-name cf-iam-role-for-centralize-rds-recommendations \
 --permission-model SERVICE_MANAGED \
 --auto-deployment '{"Enabled":true,"RetainStacksOnAccountRemoval":false}' \
 --template-body file://cf-iam-role.yaml \
 --parameters '{"ParameterKey": "ServiceRoleArn", "ParameterValue": "arn:aws:iam::<MONITOR_ACCOUNT_ID>:role/LambdaGetRDSRecommendationsRole"}' \
 --capabilities CAPABILITY_NAMED_IAM

Step 4. Create stack instances targeting accounts within an organization unit.

aws cloudformation create-stack-instances \
 --stack-set-name cf-iam-role-for-centralize-rds-recommendations \
 --deployment-targets '{"OrganizationalUnitIds":["<OU_ID>"]}' \
 --regions ap-southeast-1 \
 --operation-preferences FailureToleranceCount=0,MaxConcurrentCount=1

About

This repository provides sample CloudFormation templates and a Lambda function to centralize Amazon RDS recommendations across accounts in an organization for the DBA team of enterprise organizations.

Topics

amazon-rds amazon-rds-recommendationas

Resources

Readme

License

MIT-0 license

Code of conduct

Code of conduct

Contributing

Contributing

Security policy

Security policy
Activity
Custom properties

Stars

3 stars

Watchers

2 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Generated from amazon-archives/__template_MIT-0