Skip to content

SigV4 FIPS STS endpoint config No Longer Working #805

@mohammed-uddin

Description

@mohammed-uddin

This PR: #649 was made in order to fix prometheus/prometheus#13364.

As of prometheus v3.1.0 it seems like this fix no longer works or has changed.

I used to run prometheus v2.55.1 which uses github.com/prometheus/common v0.59.1 and I specified the following

containers:
  - name: prometheus
     env:
       - name: AWS_USE_FIPS_ENDPOINT
          value: "true"

I then upgraded prometheus v.3.1.0. It uses prometeheus/common v0.61.0 which marked the sigv4 package as deprecated in #715

I've tested up to prometheus v3.4.1

And run into the following logs

"Failed to apply configuration" err="could not get SigV4 credentials: WebIdentityErr: failed to retrieve credentials\ncaused by: RequestError: send request failed\ncaused by: Post \"https://sts.us-east-1.amazonaws.com/\"

I have found that prometheus v3.0.1 which uses prometheus/common v0.60.1 is latest version that does work.

I need to upgrade prometheus but this is preventing me from upgrading to the later versions

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions