Status | |
---|---|
Stability | beta |
Distributions | contrib |
Issues | |
Code Owners | @Aneurysm9, @erichsueh3 |
This extension provides Sigv4 authentication for making requests to AWS services. For more information on the Sigv4 process, please look here.
The configuration fields are as follows:
assume_role
: Optional. Specifies the configuration needed to assume a rolearn
: The Amazon Resource Name (ARN) of a role to assumesession_name
: Optional. The name of a role sessionsts_region
: The AWS region where STS is used to assumed the configured role- Note that if a role is intended to be assumed, and
sts_region
is not provided, thensts_region
will default to the value forregion
ifregion
is provided
- Note that if a role is intended to be assumed, and
region
: Optional. The AWS region for the service you are exporting to for AWS Sigv4. This is differentiated fromsts_region
to handle cross region authentication- Note that an attempt will be made to obtain a valid region from the endpoint of the service you are exporting to
- List of AWS regions
service
: Optional. The AWS service for AWS Sigv4- Note for supported services an attempt will be made to obtain a valid service from the endpoint of the service you are exporting to. Supported services include - workspaces, es, logs and traces.
extensions:
sigv4auth:
assume_role:
arn: "arn:aws:iam::123456789012:role/aws-service-role/access"
sts_region: "us-east-1"
receivers:
hostmetrics:
scrapers:
memory:
exporters:
prometheusremotewrite:
endpoint: "https://aps-workspaces.us-west-2.amazonaws.com/workspaces/ws-XXX/api/v1/remote_write"
auth:
authenticator: sigv4auth
service:
extensions: [sigv4auth]
pipelines:
metrics:
receivers: [hostmetrics]
processors: []
exporters: [prometheusremotewrite]
- The collector must have valid AWS credentials as used by the AWS SDK for Go