We have an Account A where prometheus along with prometheus-ecs-discovery are installed and working properly. We need to achieve monitoring in different accounts (B,C,D ...) from account A and I guess -config.role-arn would help us to do so.
It only worked for us between account A and other account B. Could not find a way to monitor C and D.
What I need to achieve is the following:
"command": [
"-config.write-to=/etc/prometheus/data/ecs_file_sd.yml",
"-config.role-arn=arn:aws:iam::Account_A_ID:role/ecs-discover-role"]
ecs-discover-role is trusted on account B, C and D however it's not able to see the clusters and if I pass the arn of a remote cluster B it would output and error InvalidParameterException InvalidParameterException: Identifier is Account_A_ID
It just work if I pass the -config.role-arn=arn:aws:iam::Account_B_ID:role/service-role so it's assumed buy the role in Account A and by this I can pass the arn of the remote cluster of account B and it would be able to discover it and update the ecs_file_sd
We have an Account A where prometheus along with prometheus-ecs-discovery are installed and working properly. We need to achieve monitoring in different accounts (B,C,D ...) from account A and I guess
-config.role-arnwould help us to do so.It only worked for us between account A and other account B. Could not find a way to monitor C and D.
What I need to achieve is the following:
ecs-discover-roleis trusted on account B, C and D however it's not able to see the clusters and if I pass the arn of a remote cluster B it would output and error InvalidParameterException InvalidParameterException: Identifier is Account_A_IDIt just work if I pass the
-config.role-arn=arn:aws:iam::Account_B_ID:role/service-roleso it's assumed buy the role in Account A and by this I can pass the arn of the remote cluster of account B and it would be able to discover it and update theecs_file_sd