From 235a22f1c864c5f921d5c4466702441229f8d9ed Mon Sep 17 00:00:00 2001
From: Rodrigue Koffi <bonclay7@users.noreply.github.com>
Date: Mon, 5 Feb 2024 22:01:28 +0100
Subject: [PATCH] Fix scraper's output

---
 examples/eks-cross-account-with-central-amp/main.tf      | 6 ++----
 examples/eks-istio/README.md                             | 1 +
 examples/eks-istio/outputs.tf                            | 5 +++++
 examples/existing-cluster-java/README.md                 | 1 +
 examples/existing-cluster-java/outputs.tf                | 5 +++++
 examples/existing-cluster-nginx/README.md                | 1 +
 examples/existing-cluster-nginx/outputs.tf               | 5 +++++
 examples/existing-cluster-with-base-and-infra/README.md  | 1 +
 examples/existing-cluster-with-base-and-infra/outputs.tf | 5 +++++
 modules/eks-monitoring/outputs.tf                        | 2 +-
 10 files changed, 27 insertions(+), 5 deletions(-)

diff --git a/examples/eks-cross-account-with-central-amp/main.tf b/examples/eks-cross-account-with-central-amp/main.tf
index d48f8cbc..1f06b119 100644
--- a/examples/eks-cross-account-with-central-amp/main.tf
+++ b/examples/eks-cross-account-with-central-amp/main.tf
@@ -43,7 +43,6 @@ module "eks_monitoring_one" {
   enable_managed_prometheus = false
 
   managed_prometheus_workspace_id       = module.managed_service_prometheus.workspace_id
-  managed_prometheus_workspace_endpoint = module.managed_service_prometheus.workspace_prometheus_endpoint
   managed_prometheus_workspace_region   = var.cluster_one.region
   managed_prometheus_cross_account_role = aws_iam_role.cross_account_amp_role.arn
   irsa_iam_additional_policies          = [aws_iam_policy.irsa_assume_role_policy_one.arn]
@@ -96,9 +95,8 @@ module "eks_monitoring_two" {
   # prevents the module to create a workspace
   enable_managed_prometheus = false
 
-  managed_prometheus_workspace_id       = module.managed_service_prometheus.workspace_id
-  managed_prometheus_workspace_endpoint = module.managed_service_prometheus.workspace_prometheus_endpoint
-  managed_prometheus_workspace_region   = var.cluster_two.region
+  managed_prometheus_workspace_id     = module.managed_service_prometheus.workspace_id
+  managed_prometheus_workspace_region = var.cluster_two.region
 
   managed_prometheus_cross_account_role = aws_iam_role.cross_account_amp_role.arn
   irsa_iam_additional_policies          = [aws_iam_policy.irsa_assume_role_policy_two.arn]
diff --git a/examples/eks-istio/README.md b/examples/eks-istio/README.md
index 3a88dd41..87c61684 100644
--- a/examples/eks-istio/README.md
+++ b/examples/eks-istio/README.md
@@ -54,4 +54,5 @@ View the full documentation for this example [here](https://aws-observability.gi
 | <a name="output_managed_prometheus_workspace_endpoint"></a> [managed\_prometheus\_workspace\_endpoint](#output\_managed\_prometheus\_workspace\_endpoint) | Amazon Managed Prometheus workspace endpoint |
 | <a name="output_managed_prometheus_workspace_id"></a> [managed\_prometheus\_workspace\_id](#output\_managed\_prometheus\_workspace\_id) | Amazon Managed Prometheus workspace ID |
 | <a name="output_managed_prometheus_workspace_region"></a> [managed\_prometheus\_workspace\_region](#output\_managed\_prometheus\_workspace\_region) | AWS Region |
+| <a name="output_scraper_aws_auth"></a> [scraper\_aws\_auth](#output\_scraper\_aws\_auth) | Execute this command to grand access to the managed scrapers to gain permissions on your cluster. Mandatory for the first use |
 <!-- END OF PRE-COMMIT-TERRAFORM DOCS HOOK -->
diff --git a/examples/eks-istio/outputs.tf b/examples/eks-istio/outputs.tf
index e14427e3..15359e95 100644
--- a/examples/eks-istio/outputs.tf
+++ b/examples/eks-istio/outputs.tf
@@ -22,3 +22,8 @@ output "eks_cluster_id" {
   description = "EKS Cluster Id"
   value       = module.eks_monitoring.eks_cluster_id
 }
+
+output "scraper_aws_auth" {
+  description = "Execute this command to grand access to the managed scrapers to gain permissions on your cluster. Mandatory for the first use"
+  value       = module.eks_monitoring.scraper_aws_auth
+}
diff --git a/examples/existing-cluster-java/README.md b/examples/existing-cluster-java/README.md
index 1b1e08b2..6f87ef92 100644
--- a/examples/existing-cluster-java/README.md
+++ b/examples/existing-cluster-java/README.md
@@ -237,4 +237,5 @@ terraform destroy -var-file=terraform.tfvars
 | <a name="output_managed_prometheus_workspace_endpoint"></a> [managed\_prometheus\_workspace\_endpoint](#output\_managed\_prometheus\_workspace\_endpoint) | Amazon Managed Prometheus workspace endpoint |
 | <a name="output_managed_prometheus_workspace_id"></a> [managed\_prometheus\_workspace\_id](#output\_managed\_prometheus\_workspace\_id) | Amazon Managed Prometheus workspace ID |
 | <a name="output_managed_prometheus_workspace_region"></a> [managed\_prometheus\_workspace\_region](#output\_managed\_prometheus\_workspace\_region) | AWS Region |
+| <a name="output_scraper_aws_auth"></a> [scraper\_aws\_auth](#output\_scraper\_aws\_auth) | Execute this command to grand access to the managed scrapers to gain permissions on your cluster. Mandatory for the first use |
 <!-- END OF PRE-COMMIT-TERRAFORM DOCS HOOK -->
diff --git a/examples/existing-cluster-java/outputs.tf b/examples/existing-cluster-java/outputs.tf
index e14427e3..15359e95 100644
--- a/examples/existing-cluster-java/outputs.tf
+++ b/examples/existing-cluster-java/outputs.tf
@@ -22,3 +22,8 @@ output "eks_cluster_id" {
   description = "EKS Cluster Id"
   value       = module.eks_monitoring.eks_cluster_id
 }
+
+output "scraper_aws_auth" {
+  description = "Execute this command to grand access to the managed scrapers to gain permissions on your cluster. Mandatory for the first use"
+  value       = module.eks_monitoring.scraper_aws_auth
+}
diff --git a/examples/existing-cluster-nginx/README.md b/examples/existing-cluster-nginx/README.md
index dad16832..1eb080c9 100644
--- a/examples/existing-cluster-nginx/README.md
+++ b/examples/existing-cluster-nginx/README.md
@@ -248,4 +248,5 @@ add this `managed_prometheus_region=xxx` and `managed_prometheus_workspace_id=ws
 | <a name="output_managed_prometheus_workspace_endpoint"></a> [managed\_prometheus\_workspace\_endpoint](#output\_managed\_prometheus\_workspace\_endpoint) | Amazon Managed Prometheus workspace endpoint |
 | <a name="output_managed_prometheus_workspace_id"></a> [managed\_prometheus\_workspace\_id](#output\_managed\_prometheus\_workspace\_id) | Amazon Managed Prometheus workspace ID |
 | <a name="output_managed_prometheus_workspace_region"></a> [managed\_prometheus\_workspace\_region](#output\_managed\_prometheus\_workspace\_region) | AWS Region |
+| <a name="output_scraper_aws_auth"></a> [scraper\_aws\_auth](#output\_scraper\_aws\_auth) | Execute this command to grand access to the managed scrapers to gain permissions on your cluster. Mandatory for the first use |
 <!-- END OF PRE-COMMIT-TERRAFORM DOCS HOOK -->
diff --git a/examples/existing-cluster-nginx/outputs.tf b/examples/existing-cluster-nginx/outputs.tf
index e14427e3..15359e95 100644
--- a/examples/existing-cluster-nginx/outputs.tf
+++ b/examples/existing-cluster-nginx/outputs.tf
@@ -22,3 +22,8 @@ output "eks_cluster_id" {
   description = "EKS Cluster Id"
   value       = module.eks_monitoring.eks_cluster_id
 }
+
+output "scraper_aws_auth" {
+  description = "Execute this command to grand access to the managed scrapers to gain permissions on your cluster. Mandatory for the first use"
+  value       = module.eks_monitoring.scraper_aws_auth
+}
diff --git a/examples/existing-cluster-with-base-and-infra/README.md b/examples/existing-cluster-with-base-and-infra/README.md
index a2a22630..c2ae5a58 100644
--- a/examples/existing-cluster-with-base-and-infra/README.md
+++ b/examples/existing-cluster-with-base-and-infra/README.md
@@ -65,4 +65,5 @@ View the full documentation for this example [here](https://aws-observability.gi
 | <a name="output_managed_prometheus_workspace_endpoint"></a> [managed\_prometheus\_workspace\_endpoint](#output\_managed\_prometheus\_workspace\_endpoint) | Amazon Managed Prometheus workspace endpoint |
 | <a name="output_managed_prometheus_workspace_id"></a> [managed\_prometheus\_workspace\_id](#output\_managed\_prometheus\_workspace\_id) | Amazon Managed Prometheus workspace ID |
 | <a name="output_managed_prometheus_workspace_region"></a> [managed\_prometheus\_workspace\_region](#output\_managed\_prometheus\_workspace\_region) | AWS Region |
+| <a name="output_scraper_aws_auth"></a> [scraper\_aws\_auth](#output\_scraper\_aws\_auth) | Execute this command to grand access to the managed scrapers to gain permissions on your cluster. Mandatory for the first use |
 <!-- END OF PRE-COMMIT-TERRAFORM DOCS HOOK -->
diff --git a/examples/existing-cluster-with-base-and-infra/outputs.tf b/examples/existing-cluster-with-base-and-infra/outputs.tf
index e14427e3..15359e95 100644
--- a/examples/existing-cluster-with-base-and-infra/outputs.tf
+++ b/examples/existing-cluster-with-base-and-infra/outputs.tf
@@ -22,3 +22,8 @@ output "eks_cluster_id" {
   description = "EKS Cluster Id"
   value       = module.eks_monitoring.eks_cluster_id
 }
+
+output "scraper_aws_auth" {
+  description = "Execute this command to grand access to the managed scrapers to gain permissions on your cluster. Mandatory for the first use"
+  value       = module.eks_monitoring.scraper_aws_auth
+}
diff --git a/modules/eks-monitoring/outputs.tf b/modules/eks-monitoring/outputs.tf
index aec2981d..3af53a0a 100644
--- a/modules/eks-monitoring/outputs.tf
+++ b/modules/eks-monitoring/outputs.tf
@@ -30,5 +30,5 @@ output "managed_prometheus_workspace_region" {
 
 output "scraper_aws_auth" {
   description = "Execute this command to grand access to the managed scrapers to gain permissions on your cluster. Mandatory for the first use"
-  value       = "eksctl create iamidentitymapping --cluster ${var.eks_cluster_id} --region ${local.managed_prometheus_workspace_region} --arn ${aws_prometheus_scraper.this.role_arn} --username aps-collector-user"
+  value       = "eksctl create iamidentitymapping --cluster ${var.eks_cluster_id} --region ${local.managed_prometheus_workspace_region} --arn ${replace(aws_prometheus_scraper.this.role_arn, "aws-service-role/scraper.aps.amazonaws.com/", "")} --username aps-collector-user"
 }