terraform - AWS - 为项目设置全球预算？

问题描述

我正在开发一个 Terraform 项目，为我公司的每位新员工创建、更新或删除 AWS 沙箱。但是，我们希望每个沙盒都有一个固定预算，并且如果可能的话，不能超过该预算。我阅读了 AWS 预算操作，但我不确定将它与我当前的代码集成的最佳方式是什么。

主文件

## this is creating a new project and I would like to set a budget of $50 for this account

resource "aws_organizations_account" "account" {
  name      = "sandbox"
  email     = "new-user+sandbox@company.com"
  role_name = "myOrganizationRole"
}

标签： terraform

您需要在新账户中创建aws_budgets_budget和aws_budgets_budget_action资源。要在新帐户中创建资源，您需要通过承担创建的管理角色为该帐户创建提供程序：

provider "aws" {
  alias   = "sandbox"
  region  = "us-east-1"
  ...
  // Specify your credentials source, same as you use for the provider you used for the aws_organizations_account resource
  ...
  assume_role {
    role_arn = "arn:aws:iam::${aws_organizations_account.account.id}:role/${aws_organizations_account.account.role_name}"
  }
}

现在您可以使用该提供程序在新沙盒帐户中创建预算资源（注意provider输入参数）：

resource "aws_budgets_budget" "example" {
  provider          = aws.sandbox
  name              = "example"
  budget_type       = "USAGE"
  limit_amount      = "10.0"
  limit_unit        = "dollars"
  time_period_start = "2006-01-02_15:04"
  time_unit         = "MONTHLY"
}

resource "aws_budgets_budget_action" "example" {
  provider           = aws.sandbox
  budget_name        = aws_budgets_budget.example.name
  ...
}

terraform - AWS - 为项目设置全球预算？

问题描述

解决方案

推荐阅读