apitech
/
grafana
mirror of https://github.com/grafana/grafana
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Add minimal IAM policy example for CloudWatch data source

Browse Source
pull/11567/head
Tim O'Guin 7 years ago
parent 041067f5f0
commit ee7943b9b2
1 changed files with 34 additions and 0 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 34
      docs/sources/features/datasources/cloudwatch.md

34
docs/sources/features/datasources/cloudwatch.md
Unescape View File

@ -43,6 +43,40 @@ server is running on AWS you can use IAM Roles and authentication will be handle
Checkout AWS docs on [IAM Roles](http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/iam-roles-for-amazon-ec2.html) Checkout AWS docs on [IAM Roles](http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/iam-roles-for-amazon-ec2.html)
## IAM Policies
Grafana needs permissions granted via IAM to be able to read from CloudWatch
and EC2. Attach these permissions to IAM roles to utilized Grafana's build-in
role support.
Here is a minimal policy example:
```json
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "AllowReadingMetricsFromCloudWatch",
"Effect": "Allow",
"Action": [
"cloudwatch:ListMetrics",
"cloudwatch:GetMetricStatistics"
],
"Resource": "*"
},
{
"Sid": "AllowReadingTagsFromEC2",
"Effect": "Allow",
"Action": [
"ec2:DescribeTags",
"ec2:DescribeInstances"
],
"Resource": "*"
}
]
}
```
### AWS credentials file ### AWS credentials file
Create a file at `~/.aws/credentials`. That is the `HOME` path for user running grafana-server. Create a file at `~/.aws/credentials`. That is the `HOME` path for user running grafana-server.

Write Preview
Loading…
Cancel
Save