AWS authentication with IAM roles for elasticsearch exporter

7 views

Skip to first unread message

kumar k

unread,

Sep 10, 2020, 8:43:55 AM9/10/20

to Prometheus Developers

Hello,

I am using elasticsearch exporter to pull metrics from VPC based AWS elastic search into prometheus.
We are restricting AWS access policy to IAM roles(instance profiles).Does elastic search exporter work well with IAM roles for authentication.
I tried to troubleshoot by installing aws-cli,but the elasticsearch exporter container doesn't allow to install any external packages.
Could you someone help on this?

{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Principal": {
"AWS": [
"arn:aws:iam::123456789:role/test1_role",
"arn:aws:iam::123456789:role/test2-role"
]
},
"Action": [
"es:ESHttpHead",
"es:ListDomainNames",
"es:DescribeElasticsearchDomain",
"es:ESHttpPost",
"es:ESHttpGet",
"es:ESHttpPatch",
"es:DescribeElasticsearchDomains",
"es:ESHttpDelete",
"es:ESHttpPut"
],
"Resource": "arn:aws🇪🇸us-east-1:123456789:domain/test-es/*"
}
]
}

Reply all

Reply to author

Forward

0 new messages