search

jertel / elastalert2

ElastAlert 2 is a continuation of the original yelp/elastalert project. Pull requests are appreciated!
https://elastalert2.readthedocs.org
Apache License 2.0
914 stars 287 forks source link

Compatibility with pod identities #1419

Closed lpshruthi closed 6 months ago

lpshruthi commented 6 months ago

Does it allow the use of iam oles and pod identities? i created a role with pod identity association and included the service account name in the deployment my config looks like

[profile opensearchrole] role_arn = arn:aws:iam::227837763243:role/k8s-stage-com-sixt-tool-elastalert source_profile = default

and i am mounting the configuration as a volume.

i get errored out: Traceback (most recent call last): File "/usr/local/bin/elastalert-create-index", line 8, in sys.exit(main()) ^^^^^^ File "/usr/local/lib/python3.11/site-packages/elastalert/create_index.py", line 215, in main http_auth = auth(host=host, ^^^^^^^^^^^^^^^ File "/usr/local/lib/python3.11/site-packages/elastalert/auth.py", line 59, in call refreshable_credential=session.get_credentials(), ^^^^^^^^^^^^^^^^^^^^^^^^^ File "/usr/local/lib/python3.11/site-packages/boto3/session.py", line 203, in get_credentials return self._session.get_credentials() ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ File "/usr/local/lib/python3.11/site-packages/botocore/session.py", line 509, in get_credentials ).load_credentials() ^^^^^^^^^^^^^^^^^^ File "/usr/local/lib/python3.11/site-packages/botocore/credentials.py", line 2035, in load_credentials creds = provider.load() ^^^^^^^^^^^^^^^ File "/usr/local/lib/python3.11/site-packages/botocore/credentials.py", line 1898, in load return self._retrieve_or_fail() ^^^^^^^^^^^^^^^^^^^^^^^^ File "/usr/local/lib/python3.11/site-packages/botocore/credentials.py", line 1907, in _retrieve_or_fail creds = fetcher() ^^^^^^^^^ File "/usr/local/lib/python3.11/site-packages/botocore/credentials.py", line 1925, in fetch_creds response = self._fetcher.retrieve_full_uri( ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ File "/usr/local/lib/python3.11/site-packages/botocore/utils.py", line 2861, in retrieve_full_uri self._validate_allowed_url(full_url) File "/usr/local/lib/python3.11/site-packages/botocore/utils.py", line 2868, in _validate_allowed_url raise ValueError( ValueError: Unsupported host '169.254.170.23'. Can only retrieve metadata from these hosts: 169.254.170.2, localhost, 127.0.0.1

jertel commented 6 months ago

See #11 -- this should have been created as a discussion.