Using IAM user authentication instead of assume role arn and default ~/.aws/credentialsΒ #130
Description
Is your feature request related to a problem? Please describe
prometheus-rds-exporter is nice, and I created service accounts for several aws accounts because have other use cases, for other cases, I can use IAM user (service account) credentials to invoke boto3 APIs, so I want to reuse the credentials for prometheus-rds-exporter, however the doc is not clear enough on configuring aws credentials especially on configuring multiple aws accounts.
Describe the solution you'd like
I'd like a solution similar to ec2_sd_scrapes, I just need provide region and different endpoint and aws credentials via configuration
- job_name: 'tagged-ec2-nodes'
scrape_interval: 30s
ec2_sd_configs:
- region: us-east-1
- region: eu-central-1
- region: ap-northeast-1
- region: cn-north-1
endpoint: https://ec2.cn-north-1.amazonaws.com.cn
access_key: $AWS_CN_ACCESS_KEY_ID
secret_key: $AWS_CN_SECRET_ACCESS_KEY
port: 9100
and I see rds_exporter has such feature for multiple instances:
---
instances:
- region: us-east-1
instance: rds-aurora1
- region: us-east-1
instance: rds-mysql57
aws_access_key: AKIAIOSFODNN7EXAMPLE
aws_secret_key: wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY
aws_role_arn: arn:aws:iam::76784568345:role/my-role
disable_basic_metrics: true
disable_enhanced_metrics: false
labels:
foo: bar
baz: qux
so I am seeking a doc to provide the same configuration for prometheus-rds-exporter
Describe alternatives you've considered
if it's not yet implemented, would you please share more details on enhancement point if I want to implement such feature?
Additional context
NA