feat: add tracking

This implements usage tracking of protocol and action in Azure Monitor. The feature is optional, must be configured to be enabled.
bifravst · Aug 5, 2024 · da1a4f3 · da1a4f3
1 parent a96c4af
commit da1a4f3
Show file tree

Hide file tree

Showing 5 changed files with 228 additions and 673 deletions.
diff --git a/README.md b/README.md
@@ -24,6 +24,18 @@ Install the dependencies:
 npm ci
 ```
 
+### Configure Metrics (optional)
+
+Configure the metrics for Azure Monitor logs ingestion (used for usage metrics
+tracking):
+
+```bash
+aws ssm put-parameter --name /${STACK_NAME:-rest-echo}/metrics/endpoint --type String --value "<endpoint>"
+aws ssm put-parameter --name /${STACK_NAME:-rest-echo}/metrics/dcrId --type String --value "<dcrId>"
+aws ssm put-parameter --name /${STACK_NAME:-rest-echo}/metrics/streamName --type String --value "<streamName>"
+aws ssm put-parameter --name /${STACK_NAME:-rest-echo}/metrics/secret --type SecureString --value "<secret>"
+```
+
 ### Deploy
 
 ```bash

diff --git a/cdk/resources/RESTAPI.ts b/cdk/resources/RESTAPI.ts
@@ -3,6 +3,8 @@ import {
 	aws_dynamodb as DynamoDB,
 	aws_lambda as Lambda,
 	RemovalPolicy,
+	Stack,
+	aws_iam as IAM,
 } from 'aws-cdk-lib'
 import { RetentionDays } from 'aws-cdk-lib/aws-logs'
 import { Construct } from 'constructs'
@@ -37,8 +39,17 @@ export class RESTAPI extends Construct {
 			environment: {
 				TABLE_NAME: storage.tableName,
 				NODE_NO_WARNINGS: '1',
+				STACK_NAME: Stack.of(this).stackName,
 			},
 			logRetention: RetentionDays.ONE_DAY,
+			initialPolicy: [
+				new IAM.PolicyStatement({
+					actions: ['ssm:GetParametersByPath'],
+					resources: [
+						`arn:aws:ssm:${Stack.of(this).region}:${Stack.of(this).account}:parameter/${Stack.of(this).stackName}/*`,
+					],
+				}),
+			],
 		})
 		storage.grantReadWriteData(lambda)
 		this.lambdaURL = lambda.addFunctionUrl({

diff --git a/lambda/api.js b/lambda/api.js
@@ -8,6 +8,7 @@ const {
 } = require('@aws-sdk/client-dynamodb')
 const { unmarshall } = require('@aws-sdk/util-dynamodb')
 const { randomUUID } = require('node:crypto')
+const { GetParametersByPathCommand, SSMClient } = require('@aws-sdk/client-ssm')
 
 const db = new DynamoDBClient({})
 const TableName = process.env.TABLE_NAME
@@ -16,9 +17,99 @@ const cacheHeaders = {
 	'Cache-control': 'no-cache, no-store',
 }
 
+/**
+ * The endpoint URI uses the following format, where the Data Collection
+ * Endpoint and DCR Immutable ID identify the DCE and DCR.
+ * The immutable ID is generated for the DCR when it's created.
+ * You can retrieve it from the JSON view of the DCR in the Azure portal.
+ * Stream Name refers to the stream in the DCR that should handle the custom
+ * data.
+ *
+ * @see https://learn.microsoft.com/en-us/azure/azure-monitor/logs/logs-ingestion-api-overview#rest-api-call
+ */
+const tracker = ({ endpoint, dcrId, streamName, secret, debug }) => {
+	const url = new URL(
+		`${endpoint.toString().replaceAll(/\/$/g, '')}/dataCollectionRules/${dcrId}/streams/${streamName}?api-version=2023-01-01`,
+	)
+
+	debug?.('Tracking to', url.toString())
+
+	return async (
+		/**
+		 * `https` or `http`
+		 */
+		protocol,
+		/**
+		 * The REST method, e.g. `GET`, `POST`, `PUT`, or `DELETE`
+		 */
+		method,
+	) => {
+		const ts = new Date()
+		debug?.(
+			JSON.stringify([
+				{
+					TimeGenerated: ts.toISOString(),
+					Protocol: `REST:${protocol}`,
+					Action: method,
+				},
+			]),
+		)
+		await fetch(url, {
+			method: 'POST',
+			headers: {
+				'Content-Type': 'application/json',
+				Authorization: `Bearer ${secret}`,
+			},
+			body: JSON.stringify([
+				{
+					TimeGenerated: ts.toISOString(),
+					Protocol: `REST:${protocol}`,
+					Action: method,
+				},
+			]),
+		})
+	}
+}
+
+const settingsPromise = (async () => {
+	const ssm = new SSMClient({})
+	const Path = `/${process.env.STACK_NAME ?? 'rest-echo'}/metrics/`
+	const { Parameters } = await ssm.send(
+		new GetParametersByPathCommand({
+			Path,
+			WithDecryption: true,
+		}),
+	)
+	return (Parameters ?? []).reduce(
+		(acc, { Name, Value }) => ({ ...acc, [Name.replace(Path, '')]: Value }),
+		{},
+	)
+})()
+
 module.exports = {
 	handler: async (event) => {
 		console.log(JSON.stringify({ event }))
+
+		// Metrics tracking
+		let track
+		const { endpoint, dcrId, streamName, secret } = await settingsPromise
+		if (
+			endpoint !== undefined &&
+			dcrId !== undefined &&
+			streamName !== undefined &&
+			secret !== undefined
+		) {
+			track = tracker({
+				endpoint,
+				dcrId,
+				streamName,
+				secret,
+				debug: (...args) => console.debug('[Metrics]', ...args),
+			})
+		} else {
+			console.debug(`[Metrics]`, 'disabled')
+		}
+
 		const method = event.requestContext.http.method
 		const path = event.requestContext.http.path
 		const keySegment = path.split('/')[1]
@@ -32,6 +123,7 @@ module.exports = {
 		}
 
 		console.log(JSON.stringify({ method, key }))
+		await track?.(event.headers['x-forwarded-proto'], method)
 
 		if (method === 'POST' && key === 'new') {
 			return {