| Status | |
|---|---|
| Stability | beta |
| Distributions | contrib, aws, grafana, liatrio, sumo |
| Issues |   |
| Code Owners | @Aneurysm9, @erichsueh3 |
This extension provides Sigv4 authentication for making requests to AWS services. For more information on the Sigv4 process, please look here.
The configuration fields are as follows:
assume_role: Optional. Specifies the configuration needed to assume a rolearn: The Amazon Resource Name (ARN) of a role to assumesession_name: Optional. The name of a role sessionsts_region: The AWS region where STS is used to assumed the configured role- Note that if a role is intended to be assumed, and
sts_regionis not provided, thensts_regionwill default to the value forregionifregionis provided
- Note that if a role is intended to be assumed, and
region: Optional. The AWS region for the service you are exporting to for AWS Sigv4. This is differentiated fromsts_regionto handle cross region authentication- Note that an attempt will be made to obtain a valid region from the endpoint of the service you are exporting to
- List of AWS regions
service: Optional. The AWS service for AWS Sigv4- Note that an attempt will be made to obtain a valid service from the endpoint of the service you are exporting to
extensions:
sigv4auth:
assume_role:
arn: "arn:aws:iam::123456789012:role/aws-service-role/access"
sts_region: "us-east-1"
receivers:
hostmetrics:
scrapers:
memory:
exporters:
prometheusremotewrite:
endpoint: "https://aps-workspaces.us-west-2.amazonaws.com/workspaces/ws-XXX/api/v1/remote_write"
auth:
authenticator: sigv4auth
service:
extensions: [sigv4auth]
pipelines:
metrics:
receivers: [hostmetrics]
processors: []
exporters: [prometheusremotewrite]- The collector must have valid AWS credentials as used by the AWS SDK for Go