From d1e102fc8e5f675318afebe2d884309c8005f22f Mon Sep 17 00:00:00 2001 From: Tom McLaughlin Date: Fri, 19 Sep 2025 12:56:00 -0400 Subject: [PATCH 1/2] Update to new Datadog CFN template --- cfn-parameters.json | 3 ++- stacksets-shipping-template.yaml | 25 ++++++++++++--------- stacksets/datadog-integration/stackset.yaml | 4 +++- template.yaml | 20 +++++++++-------- 4 files changed, 30 insertions(+), 22 deletions(-) diff --git a/cfn-parameters.json b/cfn-parameters.json index f33898c..212ff46 100644 --- a/cfn-parameters.json +++ b/cfn-parameters.json @@ -8,5 +8,6 @@ "DatadogApiKey": $secrets.DATADOG_API_KEY, "DatadogAppKey": $secrets.DATADOG_APP_KEY, "DataDogLogsDestinationArn": $secrets.DATADOG_LOGS_DESTINATION_ARN, - "DatadogSite": "us5.datadoghq.com" + "DatadogSite": "us5.datadoghq.com", + "DatadogTemplateUrl": $vars.DATADOG_TEMPLATE_URL } \ No newline at end of file diff --git a/stacksets-shipping-template.yaml b/stacksets-shipping-template.yaml index 051b299..198ba66 100644 --- a/stacksets-shipping-template.yaml +++ b/stacksets-shipping-template.yaml @@ -13,6 +13,8 @@ Parameters: Type: String ObservabilityOu: Type: String + DatadogTemplateUrl: + Type: String DatadogSite: Type: String DatadogApiKey: @@ -28,17 +30,18 @@ Parameters: Type: String Resources: -# DatadogIntegrationStackSet: -# Type: AWS::Serverless::Application -# Properties: -# Location: "./stacksets/datadog-integration/stackset.yaml" -# Parameters: -# DeploymentOrgId: !Ref AwsOrgRootId -# TargetRegions: !Ref TargetRegions -# DatadogApiKey: !Ref DatadogApiKey -# DatadogAppKey: !Ref DatadogAppKey -# DatadogSite: !Ref DatadogSite -# DisableMetricCollection: 'false' + DatadogIntegrationStackSet: + Type: AWS::Serverless::Application + Properties: + Location: "./stacksets/datadog-integration/stackset.yaml" + Parameters: + DeploymentOrgId: !Ref AwsOrgRootId + TargetRegions: !Ref TargetRegions + DatadogTemplateUrl: !Ref DatadogTemplateUrl + DatadogApiKey: !Ref DatadogApiKey + DatadogAppKey: !Ref DatadogAppKey + DatadogSite: !Ref DatadogSite + DisableMetricCollection: 'false' LogShippingStackSet: Type: AWS::Serverless::Application diff --git a/stacksets/datadog-integration/stackset.yaml b/stacksets/datadog-integration/stackset.yaml index 940091f..391923d 100644 --- a/stacksets/datadog-integration/stackset.yaml +++ b/stacksets/datadog-integration/stackset.yaml @@ -7,6 +7,8 @@ Parameters: Type: CommaDelimitedList TargetRegions: Type: CommaDelimitedList + DatadogTemplateUrl: + Type: String DatadogSite: Type: String DatadogApiKey: @@ -51,4 +53,4 @@ Resources: FailureToleranceCount: 1 MaxConcurrentCount: 5 PermissionModel: SERVICE_MANAGED - TemplateURL: https://datadog-cloudformation-template.s3.amazonaws.com/aws/main_organizations.yaml + TemplateURL: !Ref DatadogTemplateUrl diff --git a/template.yaml b/template.yaml index c93ca12..e6c139e 100644 --- a/template.yaml +++ b/template.yaml @@ -11,6 +11,8 @@ Parameters: Type: String ObservabilityOu: Type: String + DatadogTemplateUrl: + Type: String DatadogSite: Type: String DatadogApiKey: @@ -26,15 +28,15 @@ Parameters: Type: String Resources: -# DatadogIntegrationStack: -# Type: AWS::Serverless::Application -# Properties: -# Location: "https://datadog-cloudformation-template.s3.amazonaws.com/aws/main_organizations.yaml" -# Parameters: -# DatadogApiKey: !Ref DatadogApiKey -# DatadogAppKey: !Ref DatadogAppKey -# DatadogSite: !Ref DatadogSite -# DisableMetricCollection: 'false' + DatadogIntegrationStack: + Type: AWS::Serverless::Application + Properties: + Location: !Ref DatadogTemplateUrl + Parameters: + DatadogApiKey: !Ref DatadogApiKey + DatadogAppKey: !Ref DatadogAppKey + DatadogSite: !Ref DatadogSite + DisableMetricCollection: 'false' LogShippingStack: Type: AWS::Serverless::Application From 3bb816f5d60e4461f257655526b7d50bff5f3fdf Mon Sep 17 00:00:00 2001 From: Tom McLaughlin Date: Fri, 19 Sep 2025 14:20:27 -0400 Subject: [PATCH 2/2] Fix build failure Due to a limitation in AWS SAM's `package` command in `template.yaml` the `DatadogIntegrationStack` `Location` parameter must be kept in sync manually with the `DatadogTemplateUrl` value. --- README.md | 4 ++++ template.yaml | 4 +++- 2 files changed, 7 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index e80047b..51249e6 100644 --- a/README.md +++ b/README.md @@ -35,3 +35,7 @@ This solution deploys a set of AWS resources across your AWS Organization to ena - **`stacksets/metrics/stackset.yaml`**, **`stacksets/metrics/oam-link-template.yaml`**, and **`stacksets/metrics/cw-cross-account-sharing-template.yaml`**: Deploy OAM Links and cross-account sharing roles to enable metric sharing from member accounts to the central account. - **`stacksets/datadog-shipping/stackset.yaml`** and related templates: Deploy resources in the central account to receive logs/metrics and forward them to Datadog. - **Root-level templates** (e.g., `template.yaml`, `stacksets-shipping-template.yaml`): Compose and orchestrate the deployment of the above stacksets and templates for a full organization-wide rollout. + +## Datadog template Updates + +Due to a limitation in AWS SAM's `package` command in `template.yaml` the `DatadogIntegrationStack` `Location` parameter must be kept in sync manually with the `DatadogTemplateUrl` value. \ No newline at end of file diff --git a/template.yaml b/template.yaml index e6c139e..eb66758 100644 --- a/template.yaml +++ b/template.yaml @@ -11,6 +11,8 @@ Parameters: Type: String ObservabilityOu: Type: String + # WARNING: due to a limitation of AWS SAM's `package` command the DatadogIntegrationStack + # Location parameter must be kept in sync manually. DatadogTemplateUrl: Type: String DatadogSite: @@ -31,7 +33,7 @@ Resources: DatadogIntegrationStack: Type: AWS::Serverless::Application Properties: - Location: !Ref DatadogTemplateUrl + Location: "https://datadog-cloudformation-template-quickstart.s3.amazonaws.com/aws/v4.1.3/main_orgnizations.yaml" Parameters: DatadogApiKey: !Ref DatadogApiKey DatadogAppKey: !Ref DatadogAppKey