{"id":26268025,"url":"https://github.com/oslabs-beta/cloudband","last_synced_at":"2025-04-30T19:25:00.460Z","repository":{"id":65374535,"uuid":"581668075","full_name":"oslabs-beta/cloudband","owner":"oslabs-beta","description":"An open source AWS Metrics Visualizer","archived":false,"fork":false,"pushed_at":"2023-02-10T02:05:15.000Z","size":3135,"stargazers_count":50,"open_issues_count":0,"forks_count":4,"subscribers_count":2,"default_branch":"dev","last_synced_at":"2025-04-08T10:53:16.420Z","etag":null,"topics":["aws","aws-ec2","aws-lambda","cloudband","nodejs","react"],"latest_commit_sha":null,"homepage":"","language":"JavaScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/oslabs-beta.png","metadata":{"files":{"readme":"README-DeveloperGuide.md","changelog":null,"contributing":null,"funding":null,"license":"license","code_of_conduct":"CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2022-12-23T22:23:22.000Z","updated_at":"2025-01-16T21:09:59.000Z","dependencies_parsed_at":"2023-02-14T19:31:03.517Z","dependency_job_id":null,"html_url":"https://github.com/oslabs-beta/cloudband","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/oslabs-beta%2Fcloudband","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/oslabs-beta%2Fcloudband/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/oslabs-beta%2Fcloudband/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/oslabs-beta%2Fcloudband/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/oslabs-beta","download_url":"https://codeload.github.com/oslabs-beta/cloudband/tar.gz/refs/heads/dev","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":251767928,"owners_count":21640629,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["aws","aws-ec2","aws-lambda","cloudband","nodejs","react"],"created_at":"2025-03-14T04:19:09.690Z","updated_at":"2025-04-30T19:25:00.436Z","avatar_url":"https://github.com/oslabs-beta.png","language":"JavaScript","funding_links":[],"categories":[],"sub_categories":[],"readme":"\u003c!--\n*** This ReadMe used the template from https://github.com/othneildrew/Best-README-Template as an inspiration\n--\u003e\n\n\u003ca name='readme-top'\u003e\u003c/a\u003e\n\n\u003cdiv align='center'\u003e\n\u003cimg src=\"https://cloudband.s3.amazonaws.com/tk0885_geometric_minimal_cloud_Logo_line_simple_4cc0c0da-cbd9-4d57-b6c8-d892979e2c27.png\" height =\"300px\" width=\"300px\" align=\"center\"\u003e\n \u003c/a\u003e\n\u003ch1\u003eCloudband - Developer's Guide\u003c/h1\u003e\n\n\u003c/div\u003e\n\n\u003cdetails open=\"open\"\u003e\n \u003csummary\u003eTable of Contents\u003c/summary\u003e\n \u003col\u003e\n \u003cli\u003e\u003ca href=\"#aws-account-creation\"\u003eAWS Account Creation\u003c/a\u003e\u003c/li\u003e \n \u003cli\u003e\u003ca href=\"#iam-setup\"\u003eIAM Setup\u003c/a\u003e\u003c/li\u003e \n \u003cli\u003e\u003ca href=\"#streamlining-the-user-sign-up-experience\"\u003eStreamlining the User Sign-Up Experience\u003c/a\u003e\u003c/li\u003e\n \u003cli\u003e\u003ca href=\"#template-creation-and-storage\"\u003eTemplate Creation and Storage\u003c/a\u003e\u003c/li\u003e \n \u003cli\u003e\u003ca href=\"#template-storage-in-an-s3-bucket\"\u003eTemplate Storage in an S3 Bucket\u003c/a\u003e\u003c/li\u003e\n \u003cli\u003e\u003ca href=\"#stack-creation-link\"\u003eStack Creation Link\u003c/a\u003e\u003c/li\u003e\n \u003cli\u003e\u003ca href=\"#finish-setup\"\u003eFinish Setup\u003c/a\u003e\u003c/li\u003e \n \u003c/ol\u003e\n\u003c/details\u003e\n\n\n## AWS Account Creation\n\u003cp\u003eAn active AWS account is required in order to make full use of Cloudband’s features. It is highly suggested to make a new AWS account specifically for Cloudband if your use case is anything more than demoing the application.\u003c/p\u003e\n\n## IAM Setup\n\n\u003cp\u003eIn order for the Cloudband application to pull a user’s metrics, we will need to create an IAM user to programmatically access that user’s AWS.\u003c/p\u003e\n\n\u003cp\u003eOn your AWS account, do the following:\u003c/p\u003e\n\n\u003cp\u003e1. Create an IAM user called cloudband-user with programmatic access (no need for this user to be able to sign in to the AWS console)\u003c/p\u003e\n\n\u003cp\u003e2. Attach the following policies directly to cloudband-user:\u003c/p\u003e\n\n\u003cul\u003e\n \u003cli\u003eAdministratorAccess\u003c/li\u003e\n \u003cli\u003eAmazonEC2FullAccess\u003c/li\u003e\n \u003cli\u003eAmazonS3FullAccessAWS\u003c/li\u003e\n \u003cli\u003eAWSLambda_FullAccess\u003c/li\u003e\n \u003cli\u003eAWSLambdaRole\u003c/li\u003e\n \u003cli\u003eAWSSecurityHubFullAccess\u003c/li\u003e\n \u003cli\u003eCloudWatchFullAccess\u003c/li\u003e\n \u003cli\u003eCloudWatchLogsFullAccess\u003c/li\u003e\n\u003c/ul\u003e\n\n\u003cp\u003e3. Create an access key for cloudband-user. Keep the access key and secret access key in your records - this will be used in the .env file in the Cloudband application.\u003c/p\u003e\n\n\u003cp align=\"right\"\u003e(\u003ca href=\"#readme-top\"\u003eback to top\u003c/a\u003e)\u003c/p\u003e\n\n\n## Streamlining the User Sign-Up Experience\n\u003cp\u003eIf a user wants to allow cloudband-user to pull metrics from their account, they must create a role on their account. This role will specify that cloudband-user can access their account as well as specifying exactly what cloudband-user can do once they have gained access. An AWS Service called CloudFormation will be used to automate the creation of this role on a user’s account and streamline the user sign-up experience.\u003c/p\u003e\n\n\n## Template Creation and Storage\n\u003cp\u003eIn order to allow the use of CloudFormation to automate the creation of a role, we must first provide the instruction of what that role can do. This comes in the form of a template. Create a yaml file (extension is .yml) with the following content (\u003cb\u003ereplacing the Principal / AWS ARN with the cloudband-user’s ARN \u0026 replacing the sts:External Id with the external ID that you generate via https://www.uuidgenerator.net/)\u003c/b\u003e:\u003c/p\u003e\n\n\u003cdetails\u003e\n \n```\nDescription: 'CloudFormation stack'\nResources:\n CloudbandDelegationRole:\n Type: 'AWS::IAM::Role'\n Properties:\n AssumeRolePolicyDocument:\n Version: 2012-10-17\n Statement:\n - Effect: Allow\n Principal:\n AWS:\n - arn:aws:iam::635533801215:user/cloudband-user\n Action:\n - 'sts:AssumeRole'\n Condition:\n StringEquals:\n 'sts:ExternalId': 92a98196-9090-11ed-a1eb-0242ac120002\n Path: /\n RoleName: CloudbandDelegationRole\n Policies:\n - PolicyName: Resources\n PolicyDocument:\n Version: 2012-10-17\n Statement:\n - Effect: Allow\n Action: 'apigateway:GET'\n Resource: '*'\n - Effect: Allow\n Action: 'apigateway:HEAD'\n Resource: '*'\n - Effect: Allow\n Action: 'apigateway:OPTIONS'\n Resource: '*'\n - Effect: Allow\n Action: 'appsync:get*'\n Resource: '*'\n - Effect: Allow\n Action: 'appsync:list*'\n Resource: '*'\n - Effect: Allow\n Action: 'athena:list*'\n Resource: '*'\n - Effect: Allow\n Action: 'athena:batchGet*'\n Resource: '*'\n - Effect: Allow\n Action: 'athena:getNamedQuery'\n Resource: '*'\n - Effect: Allow\n Action: 'athena:getQueryExecution'\n Resource: '*'\n - Effect: Allow\n Action: 'athena:getQueryExecution'\n Resource: '*'\n - Effect: Allow\n Action: 'autoscaling:describe*'\n Resource: '*'\n - Effect: Allow\n Action: 'batch:describe*'\n Resource: '*'\n - Effect: Allow\n Action: 'cloudformation:describe*'\n Resource: '*'\n - Effect: Allow\n Action: 'cloudformation:get*'\n Resource: '*'\n - Effect: Allow\n Action: 'cloudformation:list*'\n Resource: '*'\n - Effect: Allow\n Action: 'cloudfront:get*'\n Resource: '*'\n - Effect: Allow\n Action: 'cloudfront:list*'\n Resource: '*'\n - Effect: Allow\n Action: 'cloudwatch:describe*'\n Resource: '*'\n - Effect: Allow\n Action: 'cloudwatch:list*'\n Resource: '*'\n - Effect: Allow\n Action: 'dax:describe*'\n Resource: '*'\n - Effect: Allow\n Action: 'dax:list*'\n Resource: '*'\n - Effect: Allow\n Action: 'discovery:describe*'\n Resource: '*'\n - Effect: Allow\n Action: 'discovery:list*'\n Resource: '*'\n - Effect: Allow\n Action: 'dynamodb:describe*'\n Resource: '*'\n - Effect: Allow\n Action: 'dynamodb:list*'\n Resource: '*'\n - Effect: Allow\n Action: 'ec2:describe*'\n Resource: '*'\n - Effect: Allow\n Action: 'ecs:describe*'\n Resource: '*'\n - Effect: Allow\n Action: 'ecs:list*'\n Resource: '*'\n - Effect: Allow\n Action: 'ecr:describe*'\n Resource: '*'\n - Effect: Allow\n Action: 'ecr:get*'\n Resource: '*'\n - Effect: Allow\n Action: 'ecr:list*'\n Resource: '*'\n - Effect: Allow\n Action: 'eks:describe*'\n Resource: '*'\n - Effect: Allow\n Action: 'eks:list*'\n Resource: '*'\n - Effect: Allow\n Action: 'elasticache:describe*'\n Resource: '*'\n - Effect: Allow\n Action: 'elasticache:list*'\n Resource: '*'\n - Effect: Allow\n Action: 'elasticloadbalancing:describe*'\n Resource: '*'\n - Effect: Allow\n Action: 'es:describe*'\n Resource: '*'\n - Effect: Allow\n Action: 'es:list*'\n Resource: '*'\n - Effect: Allow\n Action: 'events:describe*'\n Resource: '*'\n - Effect: Allow\n Action: 'events:list*'\n Resource: '*'\n - Effect: Allow\n Action: 'firehose:describe*'\n Resource: '*'\n - Effect: Allow\n Action: 'firehose:list*'\n Resource: '*'\n - Effect: Allow\n Action: 'glacier:describe*'\n Resource: '*'\n - Effect: Allow\n Action: 'glacier:getDataRetrievalPolicy'\n Resource: '*'\n - Effect: Allow\n Action: 'glacier:getVaultAccessPolicy'\n Resource: '*'\n - Effect: Allow\n Action: 'glacier:getVaultLock'\n Resource: '*'\n - Effect: Allow\n Action: 'glacier:getVaultNotifications'\n Resource: '*'\n - Effect: Allow\n Action: 'glacier:listTagsForVault'\n Resource: '*'\n - Effect: Allow\n Action: 'glacier:listVaults'\n Resource: '*'\n - Effect: Allow\n Action: 'iot:describe*'\n Resource: '*'\n - Effect: Allow\n Action: 'iot:get*'\n Resource: '*'\n - Effect: Allow\n Action: 'iot:list*'\n Resource: '*'\n - Effect: Allow\n Action: 'kinesis:describe*'\n Resource: '*'\n - Effect: Allow\n Action: 'kinesis:list*'\n Resource: '*'\n - Effect: Allow\n Action: 'kinesisanalytics:describe*'\n Resource: '*'\n - Effect: Allow\n Action: 'kinesisanalytics:list*'\n Resource: '*'\n - Effect: Allow\n Action: 'lambda:listFunctions'\n Resource: '*'\n - Effect: Allow\n Action: 'lambda:listTags'\n Resource: '*'\n - Effect: Allow\n Action: 'rds:describe*'\n Resource: '*'\n - Effect: Allow\n Action: 'rds:list*'\n Resource: '*'\n - Effect: Allow\n Action: 'route53:list*'\n Resource: '*'\n - Effect: Allow\n Action: 'route53:get*'\n Resource: '*'\n - Effect: Allow\n Action: 's3:getBucket*'\n Resource: '*'\n - Effect: Allow\n Action: 's3:list*'\n Resource: '*'\n - Effect: Allow\n Action: 'sdb:domainMetadata'\n Resource: '*'\n - Effect: Allow\n Action: 'sdb:get*'\n Resource: '*'\n - Effect: Allow\n Action: 'sdb:list*'\n Resource: '*'\n - Effect: Allow\n Action: 'sns:get*'\n Resource: '*'\n - Effect: Allow\n Action: 'sns:list*'\n Resource: '*'\n - Effect: Allow\n Action: 'sqs:get*'\n Resource: '*'\n - Effect: Allow\n Action: 'sqs:list*'\n Resource: '*'\n - Effect: Allow\n Action: 'states:describe*'\n Resource: '*'\n - Effect: Allow\n Action: 'states:get*'\n Resource: '*'\n - Effect: Allow\n Action: 'states:list*'\n Resource: '*'\n - Effect: Allow\n Action: 'tag:get*'\n Resource: '*'\n - PolicyName: Logs\n PolicyDocument:\n Version: 2012-10-17\n Statement:\n - Effect: Allow\n Action: 'logs:deleteSubscriptionFilter'\n Resource: '*'\n - Effect: Allow\n Action: 'logs:describeLogStreams'\n Resource: '*'\n - Effect: Allow\n Action: 'logs:describeSubscriptionFilters'\n Resource: '*'\n - Effect: Allow\n Action: 'logs:filterLogEvents'\n Resource: '*'\n - Effect: Allow\n Action: 'logs:putSubscriptionFilter'\n Resource: '*'\n - Effect: Allow\n Action: 'logs:startQuery'\n Resource: '*'\n - Effect: Allow\n Action: 'logs:stopQuery'\n Resource: '*'\n - PolicyName: Metrics\n PolicyDocument:\n Version: 2012-10-17\n Statement:\n - Effect: Allow\n Action: 'cloudwatch:get*'\n Resource: '*'\n - PolicyName: Traces\n PolicyDocument:\n Version: 2012-10-17\n Statement:\n - Effect: Allow\n Action: 'xray:batch*'\n Resource: '*'\n - Effect: Allow\n Action: 'xray:get*'\n Resource: '*'\n\nParameters:\n ExternalId:\n Description: 'The external ID for the Cloudband delegation role'\n Type: String\n\nOutputs:\n Version:\n Description: Cloudband CF template version\n Value: 2020-02-06\n CloudbandDelegationRoleArn:\n Description: 'The ARN for the Cloudband delegation role'\n Value: !GetAtt\n - CloudbandDelegationRole\n - Arn\n```\n \n\u003c/details\u003e\n\n\n## Template Storage in an S3 Bucket\n\n\u003cp\u003eThe template must be stored on our AWS account. The simplest way to do this is to create an S3 bucket and upload the template yaml file with the following steps:\u003c/p\u003e\n\n\u003col\u003e\n \u003cli\u003eNavigate to the AWS Service called S3.\u003c/li\u003e\n \u003cli\u003eSelect Create Bucket.\u003c/li\u003e\n \u003cli\u003eName the bucket \"cloudband\".\u003c/li\u003e\n \u003cli\u003eUnselect \"Block all public access\".\u003c/li\u003e\n \u003cli\u003eCreate bucket.\u003c/li\u003e\n \u003cli\u003eAdd to bucket policy the text below step 8.\u003c/li\u003e \n \u003cli\u003eClick upload and upload your created yaml file template.\u003c/li\u003e\n \u003cli\u003eIn the list of objects in your S3 bucket, check off the Cloudband Template and click Copy URL.\u003c/li\u003e\n \u003c/ol\u003e\n \n```\n\n{\n \"Version\": \"2008-10-17\",\n \"Statement\": [\n {\n \"Sid\": \"AllowPublicRead\",\n \"Effect\": \"Allow\",\n \"Principal\": {\n \"AWS\": \"*\"\n },\n \"Action\": \"s3:GetObject\",\n \"Resource\": \"arn:aws:s3:::cloudband/*\"\n }\n ]\n}\n\n```\n\n\n## Stack Creation Link:\n\n\u003cp\u003eUse the following link to allow your user to automatically create a stack. This link can be attached to the “Create New Stack” button found in the codebase (in InputToken.jsx - line 42). Add in your template URL, region, and external id into the link to ensure the stack is properly configured.\u003c/p\u003e\n\n```\n\nhttps://console.aws.amazon.com/cloudformation/home?region=\u003cYOUR-REGION\u003e#/stacks/quickcreate?stackName=cloudband-permission\u0026param_ExternalId=\u003cYOUR-EXTERNALID\u003e\u0026templateURL=\u003cYOUR-TEMPLATE-S3-URL\u003e\n\n```\n\n\n## Finish Setup:\n\nContinue following the main [README](https://github.com/oslabs-beta/cloudband/blob/dev/README.md).\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Foslabs-beta%2Fcloudband","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Foslabs-beta%2Fcloudband","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Foslabs-beta%2Fcloudband/lists"}