cdk-cost-analyzer 0.1.1

package/examples/monorepo/packages/data-infra/lib/data-stack.ts

@@ -0,0 +1,121 @@
+import * as cdk from 'aws-cdk-lib';
+import * as ec2 from 'aws-cdk-lib/aws-ec2';
+import * as rds from 'aws-cdk-lib/aws-rds';
+import * as elasticache from 'aws-cdk-lib/aws-elasticache';
+import * as s3 from 'aws-cdk-lib/aws-s3';
+import { Construct } from 'constructs';
+
+/**
+ * Data infrastructure stack
+ * 
+ * Creates RDS database, ElastiCache cluster, and S3 bucket for data storage
+ */
+export class DataStack extends cdk.Stack {
+  constructor(scope: Construct, id: string, props?: cdk.StackProps) {
+    super(scope, id, props);
+
+    // VPC for data resources
+    const vpc = new ec2.Vpc(this, 'DataVpc', {
+      vpcName: 'data-vpc',
+      maxAzs: 2,
+      natGateways: 1,
+    });
+
+    // Security group for database
+    const dbSecurityGroup = new ec2.SecurityGroup(this, 'DbSecurityGroup', {
+      vpc,
+      description: 'Security group for RDS database',
+      allowAllOutbound: false,
+    });
+
+    // RDS PostgreSQL Database
+    const database = new rds.DatabaseInstance(this, 'Database', {
+      engine: rds.DatabaseInstanceEngine.postgres({
+        version: rds.PostgresEngineVersion.VER_15_3,
+      }),
+      instanceType: ec2.InstanceType.of(
+        ec2.InstanceClass.T3,
+        ec2.InstanceSize.MEDIUM
+      ),
+      vpc,
+      vpcSubnets: {
+        subnetType: ec2.SubnetType.PRIVATE_WITH_EGRESS,
+      },
+      securityGroups: [dbSecurityGroup],
+      allocatedStorage: 100,
+      storageType: rds.StorageType.GP3,
+      multiAz: false,
+      databaseName: 'datadb',
+      backupRetention: cdk.Duration.days(7),
+      deleteAutomatedBackups: true,
+      removalPolicy: cdk.RemovalPolicy.DESTROY,
+      deletionProtection: false,
+    });
+
+    // Security group for cache
+    const cacheSecurityGroup = new ec2.SecurityGroup(this, 'CacheSecurityGroup', {
+      vpc,
+      description: 'Security group for ElastiCache',
+      allowAllOutbound: false,
+    });
+
+    // ElastiCache subnet group
+    const cacheSubnetGroup = new elasticache.CfnSubnetGroup(this, 'CacheSubnetGroup', {
+      description: 'Subnet group for ElastiCache',
+      subnetIds: vpc.selectSubnets({
+        subnetType: ec2.SubnetType.PRIVATE_WITH_EGRESS,
+      }).subnetIds,
+    });
+
+    // ElastiCache Redis Cluster
+    const cacheCluster = new elasticache.CfnCacheCluster(this, 'CacheCluster', {
+      cacheNodeType: 'cache.t3.micro',
+      engine: 'redis',
+      numCacheNodes: 2,
+      vpcSecurityGroupIds: [cacheSecurityGroup.securityGroupId],
+      cacheSubnetGroupName: cacheSubnetGroup.ref,
+      engineVersion: '7.0',
+    });
+
+    // S3 bucket for data storage
+    const dataBucket = new s3.Bucket(this, 'DataBucket', {
+      bucketName: `${cdk.Stack.of(this).account}-data-storage-${cdk.Stack.of(this).region}`,
+      versioned: true,
+      encryption: s3.BucketEncryption.S3_MANAGED,
+      blockPublicAccess: s3.BlockPublicAccess.BLOCK_ALL,
+      removalPolicy: cdk.RemovalPolicy.DESTROY,
+      autoDeleteObjects: true,
+      lifecycleRules: [
+        {
+          id: 'DeleteOldVersions',
+          noncurrentVersionExpiration: cdk.Duration.days(90),
+        },
+        {
+          id: 'TransitionToGlacier',
+          transitions: [
+            {
+              storageClass: s3.StorageClass.GLACIER,
+              transitionAfter: cdk.Duration.days(90),
+            },
+          ],
+        },
+      ],
+    });
+
+    // Stack outputs
+    new cdk.CfnOutput(this, 'DatabaseEndpoint', {
+      value: database.dbInstanceEndpointAddress,
+      description: 'RDS database endpoint',
+    });
+
+    new cdk.CfnOutput(this, 'CacheEndpoint', {
+      value: cacheCluster.attrRedisEndpointAddress,
+      description: 'ElastiCache Redis endpoint',
+    });
+
+    new cdk.CfnOutput(this, 'DataBucketName', {
+      value: dataBucket.bucketName,
+      description: 'S3 data bucket name',
+    });
+  }
+}

package/examples/monorepo/packages/data-infra/package.json

@@ -0,0 +1,30 @@
+{
+  "name": "data-infra",
+  "version": "1.0.0",
+  "description": "Data infrastructure CDK application",
+  "bin": {
+    "data-infra": "bin/app.js"
+  },
+  "scripts": {
+    "build": "tsc",
+    "watch": "tsc -w",
+    "test": "jest",
+    "cdk": "cdk",
+    "synth": "cdk synth",
+    "deploy": "cdk deploy",
+    "clean": "rm -rf cdk.out node_modules"
+  },
+  "devDependencies": {
+    "@types/jest": "^29.5.14",
+    "@types/node": "^22.10.2",
+    "aws-cdk": "^2.232.1",
+    "jest": "^29.7.0",
+    "ts-jest": "^29.2.5",
+    "ts-node": "^10.9.2",
+    "typescript": "^5.7.2"
+  },
+  "dependencies": {
+    "aws-cdk-lib": "^2.232.1",
+    "constructs": "^10.4.2"
+  }
+}

package/examples/monorepo/packages/data-infra/tsconfig.json

@@ -0,0 +1,11 @@
+{
+  "extends": "../../../tsconfig.json",
+  "compilerOptions": {
+    "outDir": "dist",
+    "rootDir": "."
+  },
+  "exclude": [
+    "node_modules",
+    "cdk.out"
+  ]
+}

package/examples/monorepo/packages/frontend-infra/.cdk-cost-analyzer.yml

@@ -0,0 +1,31 @@
+# CDK Cost Analyzer Configuration for Frontend Infrastructure
+
+thresholds:
+  default:
+    warning: 30   # USD per month
+    error: 100    # USD per month
+
+usageAssumptions:
+  s3:
+    storageGB: 50
+    getRequests: 100000
+    putRequests: 5000
+    dataTransferGB: 100
+
+  cloudfront:
+    dataTransferGB: 200
+    requests: 5000000
+
+synthesis:
+  appPath: .
+  outputPath: cdk.out
+
+exclusions:
+  resourceTypes:
+    - AWS::IAM::Role
+    - AWS::IAM::Policy
+    - AWS::CertificateManager::Certificate
+
+cache:
+  enabled: true
+  durationHours: 24

package/examples/monorepo/packages/frontend-infra/bin/app.ts

@@ -0,0 +1,16 @@
+#!/usr/bin/env node
+import 'source-map-support/register';
+import * as cdk from 'aws-cdk-lib';
+import { FrontendStack } from '../lib/frontend-stack';
+
+const app = new cdk.App();
+
+new FrontendStack(app, 'FrontendStack', {
+  env: {
+    account: process.env.CDK_DEFAULT_ACCOUNT,
+    region: process.env.CDK_DEFAULT_REGION || 'us-east-1',
+  },
+  description: 'Monorepo example - Frontend infrastructure (S3, CloudFront)',
+});
+
+app.synth();

package/examples/monorepo/packages/frontend-infra/cdk.json

@@ -0,0 +1,7 @@
+{
+  "app": "npx ts-node --prefer-ts-exts bin/app.ts",
+  "context": {
+    "@aws-cdk/core:enablePartitionLiterals": true,
+    "@aws-cdk/aws-lambda:recognizeLayerVersion": true
+  }
+}

package/examples/monorepo/packages/frontend-infra/lib/frontend-stack.ts

@@ -0,0 +1,60 @@
+import * as cdk from 'aws-cdk-lib';
+import * as s3 from 'aws-cdk-lib/aws-s3';
+import * as cloudfront from 'aws-cdk-lib/aws-cloudfront';
+import * as origins from 'aws-cdk-lib/aws-cloudfront-origins';
+import { Construct } from 'constructs';
+
+/**
+ * Frontend infrastructure stack
+ * 
+ * Creates S3 bucket for static website hosting and CloudFront distribution
+ */
+export class FrontendStack extends cdk.Stack {
+  constructor(scope: Construct, id: string, props?: cdk.StackProps) {
+    super(scope, id, props);
+
+    // S3 bucket for static website
+    const websiteBucket = new s3.Bucket(this, 'WebsiteBucket', {
+      bucketName: `${cdk.Stack.of(this).account}-frontend-${cdk.Stack.of(this).region}`,
+      websiteIndexDocument: 'index.html',
+      websiteErrorDocument: 'error.html',
+      publicReadAccess: false,
+      blockPublicAccess: s3.BlockPublicAccess.BLOCK_ALL,
+      removalPolicy: cdk.RemovalPolicy.DESTROY,
+      autoDeleteObjects: true,
+    });
+
+    // CloudFront distribution
+    const distribution = new cloudfront.Distribution(this, 'Distribution', {
+      defaultBehavior: {
+        origin: new origins.S3Origin(websiteBucket),
+        viewerProtocolPolicy: cloudfront.ViewerProtocolPolicy.REDIRECT_TO_HTTPS,
+        cachePolicy: cloudfront.CachePolicy.CACHING_OPTIMIZED,
+      },
+      defaultRootObject: 'index.html',
+      errorResponses: [
+        {
+          httpStatus: 404,
+          responseHttpStatus: 200,
+          responsePagePath: '/index.html',
+        },
+      ],
+    });
+
+    // Stack outputs
+    new cdk.CfnOutput(this, 'BucketName', {
+      value: websiteBucket.bucketName,
+      description: 'S3 bucket name',
+    });
+
+    new cdk.CfnOutput(this, 'DistributionDomain', {
+      value: distribution.distributionDomainName,
+      description: 'CloudFront distribution domain',
+    });
+
+    new cdk.CfnOutput(this, 'DistributionUrl', {
+      value: `https://${distribution.distributionDomainName}`,
+      description: 'CloudFront distribution URL',
+    });
+  }
+}

package/examples/monorepo/packages/frontend-infra/package.json

@@ -0,0 +1,30 @@
+{
+  "name": "frontend-infra",
+  "version": "1.0.0",
+  "description": "Frontend infrastructure CDK application",
+  "bin": {
+    "frontend-infra": "bin/app.js"
+  },
+  "scripts": {
+    "build": "tsc",
+    "watch": "tsc -w",
+    "test": "jest",
+    "cdk": "cdk",
+    "synth": "cdk synth",
+    "deploy": "cdk deploy",
+    "clean": "rm -rf cdk.out node_modules"
+  },
+  "devDependencies": {
+    "@types/jest": "^29.5.14",
+    "@types/node": "^22.10.2",
+    "aws-cdk": "^2.232.1",
+    "jest": "^29.7.0",
+    "ts-jest": "^29.2.5",
+    "ts-node": "^10.9.2",
+    "typescript": "^5.7.2"
+  },
+  "dependencies": {
+    "aws-cdk-lib": "^2.232.1",
+    "constructs": "^10.4.2"
+  }
+}

package/examples/monorepo/packages/frontend-infra/tsconfig.json

@@ -0,0 +1,11 @@
+{
+  "extends": "../../../tsconfig.json",
+  "compilerOptions": {
+    "outDir": "dist",
+    "rootDir": "."
+  },
+  "exclude": [
+    "node_modules",
+    "cdk.out"
+  ]
+}

package/examples/monorepo/tsconfig.json

@@ -0,0 +1,35 @@
+{
+  "compilerOptions": {
+    "target": "ES2020",
+    "module": "commonjs",
+    "lib": [
+      "es2020"
+    ],
+    "declaration": true,
+    "strict": true,
+    "noImplicitAny": true,
+    "strictNullChecks": true,
+    "noImplicitThis": true,
+    "alwaysStrict": true,
+    "noUnusedLocals": false,
+    "noUnusedParameters": false,
+    "noImplicitReturns": true,
+    "noFallthroughCasesInSwitch": false,
+    "inlineSourceMap": true,
+    "inlineSources": true,
+    "experimentalDecorators": true,
+    "strictPropertyInitialization": false,
+    "typeRoots": [
+      "./node_modules/@types"
+    ],
+    "esModuleInterop": true,
+    "skipLibCheck": true,
+    "forceConsistentCasingInFileNames": true,
+    "resolveJsonModule": true
+  },
+  "exclude": [
+    "node_modules",
+    "cdk.out",
+    "dist"
+  ]
+}

package/examples/multi-stack/.cdk-cost-analyzer.yml

@@ -0,0 +1,72 @@
+# CDK Cost Analyzer Configuration for Multi-Stack Application
+# This file configures cost thresholds and usage assumptions for cost analysis
+
+# Cost thresholds for pipeline enforcement
+# Note: Thresholds apply to total cost across all stacks
+thresholds:
+  default:
+    warning: 100   # USD per month - displays warning but passes pipeline
+    error: 500     # USD per month - fails pipeline, requires review
+
+# Custom usage assumptions for cost estimation
+# Adjust these values to match your expected application usage
+usageAssumptions:
+  # NAT Gateway usage (Networking Stack)
+  natGateway:
+    dataProcessedGB: 500  # Monthly data processed through NAT Gateway
+
+  # Application Load Balancer usage (Compute Stack)
+  alb:
+    newConnectionsPerSecond: 50
+    activeConnectionsPerMinute: 5000
+    processedBytesGB: 1000
+
+  # VPC Endpoint usage (Networking Stack)
+  vpcEndpoint:
+    dataProcessedGB: 100  # Monthly data processed through interface endpoints
+
+  # ECS usage (Compute Stack)
+  ecs:
+    taskCount: 2
+    cpuUnits: 512
+    memoryMB: 1024
+    hoursPerMonth: 730
+
+  # RDS usage (Storage Stack)
+  rds:
+    instanceClass: db.t3.medium
+    storageGB: 100
+    backupRetentionDays: 7
+    multiAZ: false
+
+  # ElastiCache usage (Storage Stack)
+  elasticache:
+    nodeType: cache.t3.micro
+    numNodes: 2
+    engineType: redis
+
+  # S3 usage (Storage Stack)
+  s3:
+    storageGB: 500
+    getRequests: 100000
+    putRequests: 10000
+    dataTransferGB: 100
+
+# CDK synthesis configuration (optional)
+synthesis:
+  appPath: .                 # Path to CDK application
+  outputPath: cdk.out        # CDK synthesis output directory
+
+# Resource exclusions (optional)
+# Exclude specific resource types from cost analysis
+exclusions:
+  resourceTypes:
+    - AWS::IAM::Role         # IAM roles have no direct cost
+    - AWS::IAM::Policy       # IAM policies have no direct cost
+    - AWS::EC2::SecurityGroup  # Security groups have no direct cost
+    - AWS::Logs::LogGroup    # CloudWatch Logs analyzed separately
+
+# Cache configuration
+cache:
+  enabled: true              # Enable pricing data caching
+  durationHours: 24          # Cache duration in hours

package/examples/multi-stack/.gitlab-ci.yml

@@ -0,0 +1,184 @@
+# GitLab CI/CD Pipeline with Multi-Stack CDK Cost Analysis
+# This pipeline runs cost analysis on merge requests for multi-stack applications
+
+stages:
+  - build
+  - test
+  - cost-analysis
+  - deploy
+
+variables:
+  AWS_REGION: us-east-1
+  CDK_APP_PATH: examples/multi-stack
+  NODE_VERSION: "18"
+
+# Install dependencies for the application
+build:
+  stage: build
+  image: node:${NODE_VERSION}
+  script:
+    - echo "Installing dependencies..."
+    - npm ci
+    - cd ${CDK_APP_PATH}
+    - npm ci
+  cache:
+    key: ${CI_COMMIT_REF_SLUG}
+    paths:
+      - node_modules/
+      - ${CDK_APP_PATH}/node_modules/
+  artifacts:
+    paths:
+      - node_modules/
+      - ${CDK_APP_PATH}/node_modules/
+    expire_in: 1 hour
+
+# Run application tests
+test:
+  stage: test
+  image: node:${NODE_VERSION}
+  dependencies:
+    - build
+  script:
+    - cd ${CDK_APP_PATH}
+    - npm test
+  only:
+    - merge_requests
+    - main
+
+# Analyze infrastructure cost changes for merge requests
+# Handles multi-stack applications automatically
+cost-analysis:
+  stage: cost-analysis
+  image: node:${NODE_VERSION}
+  dependencies:
+    - build
+  before_script:
+    # Install CDK Cost Analyzer globally
+    - npm install -g cdk-cost-analyzer
+    # Verify AWS credentials are configured
+    - |
+      if [ -z "$AWS_ACCESS_KEY_ID" ] || [ -z "$AWS_SECRET_ACCESS_KEY" ]; then
+        echo "ERROR: AWS credentials not configured"
+        echo "Please configure AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY as CI/CD variables"
+        exit 1
+      fi
+  script:
+    - echo "Analyzing infrastructure cost changes across all stacks..."
+    - cd ${CDK_APP_PATH}
+    # Run cost analysis with automatic CDK synthesis
+    # The tool automatically detects and analyzes all stacks
+    - |
+      cdk-cost-analyzer pipeline \
+        --base-branch ${CI_MERGE_REQUEST_TARGET_BRANCH_NAME} \
+        --target-branch ${CI_MERGE_REQUEST_SOURCE_BRANCH_NAME} \
+        --cdk-app-path . \
+        --region ${AWS_REGION} \
+        --format markdown \
+        --post-to-gitlab
+  cache:
+    key: pricing-cache
+    paths:
+      - .cdk-cost-analyzer-cache/
+  artifacts:
+    reports:
+      # Store cost analysis report as artifact
+      dotenv: cost-analysis.env
+    paths:
+      - cost-report.md
+    expire_in: 30 days
+  timeout: 15m  # Multi-stack analysis may take longer
+  only:
+    - merge_requests
+  allow_failure: false  # Fail pipeline if cost threshold exceeded
+
+# Deploy all stacks to production (requires manual approval)
+deploy:all:
+  stage: deploy
+  image: node:${NODE_VERSION}
+  dependencies:
+    - build
+  before_script:
+    - npm install -g aws-cdk
+  script:
+    - cd ${CDK_APP_PATH}
+    - echo "Deploying all stacks to production..."
+    - cdk deploy --all --require-approval never
+  only:
+    - main
+  when: manual
+  environment:
+    name: production
+    action: start
+
+# Deploy individual stacks (useful for targeted updates)
+deploy:networking:
+  stage: deploy
+  image: node:${NODE_VERSION}
+  dependencies:
+    - build
+  before_script:
+    - npm install -g aws-cdk
+  script:
+    - cd ${CDK_APP_PATH}
+    - echo "Deploying networking stack..."
+    - cdk deploy NetworkingStack --require-approval never
+  only:
+    - main
+  when: manual
+  environment:
+    name: production/networking
+    action: start
+
+deploy:compute:
+  stage: deploy
+  image: node:${NODE_VERSION}
+  dependencies:
+    - build
+  before_script:
+    - npm install -g aws-cdk
+  script:
+    - cd ${CDK_APP_PATH}
+    - echo "Deploying compute stack..."
+    - cdk deploy ComputeStack --require-approval never
+  only:
+    - main
+  when: manual
+  environment:
+    name: production/compute
+    action: start
+
+deploy:storage:
+  stage: deploy
+  image: node:${NODE_VERSION}
+  dependencies:
+    - build
+  before_script:
+    - npm install -g aws-cdk
+  script:
+    - cd ${CDK_APP_PATH}
+    - echo "Deploying storage stack..."
+    - cdk deploy StorageStack --require-approval never
+  only:
+    - main
+  when: manual
+  environment:
+    name: production/storage
+    action: start
+
+# Deploy to development environment automatically
+deploy:dev:
+  stage: deploy
+  image: node:${NODE_VERSION}
+  dependencies:
+    - build
+  before_script:
+    - npm install -g aws-cdk
+  script:
+    - cd ${CDK_APP_PATH}
+    - echo "Deploying all stacks to development environment..."
+    - cdk deploy --all --require-approval never
+  only:
+    - develop
+  environment:
+    name: development
+    action: start