AWS

Add a connection to AWS in the Lenses Agent.

The agent uses an AWS in three places:

  1. AWS IAM connection to MSK for Lenses itself

  2. Connecting to AWS Glue

  3. Alert channels to Cloud Watch.

provisioning.yaml
aws:
- name: my-aws-connection
  version: 1
  tags: [tag1, tag2]
  configuration:
    # Way to authenticate against AWS.Credentials Chain or Access Key
    authMode:
      value:
    # Access key ID of an AWS IAM account.
    accessKeyId:
       value:
    # Secret access key of an AWS IAM account.
    secretAccessKey:
       value:
    # AWS region to connect to. If not provided, this is deferred to client 
    # configuration.
    region:
       value:
    # Specifies the session token value that is required if you are using temporary 
    # security credentials that you retrieved directly from AWS STS operations.
    sessionToken:
       value:
    # The Amazon Resource Name (ARN) of the IAM role to assume using AWS STS
    assumeRoleArn:
       value: arn:aws:iam::[account-id]:role/[name]
    # An identifier for the assumed role session, used to uniquely distinguish
    # sessions when assuming the same role multiple times
    assumeRoleSessionName:
       value: [session-name]

Using AWS Access Key

aws:
  - name: my-aws-connection
    tags: ["tag1"]
    version: 1      
    configuration:
      authMode: 
        value: Access Key
      accessKeyId: 
        value: my-access-key-id
      secretAccessKey: 
        value: my-secret-access-key
      region: 
        value: eu-west-1

Using AWS Credentials Chain

aws:
  - name: my-aws-connection
    version: 1
    tags: []
    configuration:
      region:
        value: eu-north-1
      authMode:
        value: "Credentials Chain"

Using AWS Assume Role

aws:
  - name: my-aws-connection
    version: 1
    tags: []
    configuration:
      region:
        value: eu-north-1
      authMode:
        value: "Assume Role"
      assumeRoleArn:
        value: arn:aws:iam::[account-id]:role/[name]
      assumeRoleSessionName:
        value: [session-name]

Last updated

Was this helpful?