Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Cross account prometheus monitoring not working as expected. #95

Open
AbbasHallal opened this issue Nov 28, 2023 · 0 comments
Open

Cross account prometheus monitoring not working as expected. #95

AbbasHallal opened this issue Nov 28, 2023 · 0 comments

Comments

@AbbasHallal
Copy link

AbbasHallal commented Nov 28, 2023

We have an Account A where prometheus along with prometheus-ecs-discovery are installed and working properly. We need to achieve monitoring in different accounts (B,C,D ...) from account A and I guess -config.role-arn would help us to do so.

It only worked for us between account A and other account B. Could not find a way to monitor C and D.

What I need to achieve is the following:

"command": [
               "-config.write-to=/etc/prometheus/data/ecs_file_sd.yml",
               "-config.role-arn=arn:aws:iam::Account_A_ID:role/ecs-discover-role"]

ecs-discover-role is trusted on account B, C and D however it's not able to see the clusters and if I pass the arn of a remote cluster B it would output and error InvalidParameterException InvalidParameterException: Identifier is Account_A_ID

It just work if I pass the -config.role-arn=arn:aws:iam::Account_B_ID:role/service-role so it's assumed buy the role in Account A and by this I can pass the arn of the remote cluster of account B and it would be able to discover it and update the ecs_file_sd

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

1 participant