Add ability to configure lookup credentials for multiple AWS accounts #52
Comments
|
Hello, I agree that would be nice to have lookups for multiple AWS accounts. As far I can see, this plugin should be developed taking into account that it's very common to run Graylog inside AWS infrastructure and also that is very common to have more than one AWS account you would like to collect logs from, without forget that there are multiple ways to implement the authentication process (secret keys, cross accounts, IAM roles...) Right now, the lookup processor is configured at same level that the generic settings for the plugin. |
|
👍 from me.
Just noticed @radykal-com's comment on #57 which addresses my use-case:
|
|
We have a single cluster of graylog servers ingesting logs from multiple AWS accounts, so if we leave the key fields blank and it uses an IAM role, I would imagine it's still only going to use the role for the account where the graylog server is and only look up instance details from that account - is that correct? In which case, it doesn't solve the original issue, which is looking up details for logs from other AWS accounts. |
|
Exactly, the plugin doesn't support right now to run instances lookup in multiple accounts. |
The detail lookups configuration for this plugin only provides the option to enter credentials for a single AWS account. I am currently collecting logs from kinesis streams in multiple accounts but the detail lookup only works for one of the accounts, which means I can only filter/stream on entity types for a single AWS account.
It would be useful to have this feature as maintaining multiple AWS accounts is now a common use case.
The text was updated successfully, but these errors were encountered: