AWS
Add a connection to AWS in the Lenses Agent.
The agent uses an AWS in three places:
AWS IAM connection to MSK for Lenses itself
Connecting to AWS Glue
Alert channels to Cloud Watch.
If the Agent is deployed on an EC2 Instance or has access to AWS credentials in the default AWS toolchain that can be used instead.
See JSON schema for support.
Environment variables are supported; escape the dollar sign
sslKeystorePassword:
value: "\${ENV_VAR_NAME}"Names must match be alphanumeric or dash non-empty string.
aws:
- name: my-aws-connection
version: 1
tags: [tag1, tag2]
configuration:
# Way to authenticate against AWS.Credentials Chain or Access Key
authMode:
value:
# Access key ID of an AWS IAM account.
accessKeyId:
value:
# Secret access key of an AWS IAM account.
secretAccessKey:
value:
# AWS region to connect to. If not provided, this is deferred to client
# configuration.
region:
value:
# Specifies the session token value that is required if you are using temporary
# security credentials that you retrieved directly from AWS STS operations.
sessionToken:
value:
# The Amazon Resource Name (ARN) of the IAM role to assume using AWS STS
assumeRoleArn:
value: arn:aws:iam::[account-id]:role/[name]
# An identifier for the assumed role session, used to uniquely distinguish
# sessions when assuming the same role multiple times
assumeRoleSessionName:
value: [session-name]Using AWS Access Key
aws:
- name: my-aws-connection
tags: ["tag1"]
version: 1
configuration:
authMode:
value: Access Key
accessKeyId:
value: my-access-key-id
secretAccessKey:
value: my-secret-access-key
region:
value: eu-west-1Using AWS Credentials Chain
aws:
- name: my-aws-connection
version: 1
tags: []
configuration:
region:
value: eu-north-1
authMode:
value: "Credentials Chain"Using AWS Assume Role
aws:
- name: my-aws-connection
version: 1
tags: []
configuration:
region:
value: eu-north-1
authMode:
value: "Assume Role"
assumeRoleArn:
value: arn:aws:iam::[account-id]:role/[name]
assumeRoleSessionName:
value: [session-name]Last updated
Was this helpful?