Uploaded image for project: 'OpenShift Logging'
  1. OpenShift Logging
  2. LOG-1976

Enable STS Cloudwatch Role

XMLWordPrintable

    • Enable STS Cloudwatch Role
    • 5
    • False
    • False
    • Yellow
    • NEW
    • In Progress
    • OBSDA-59 - CloudWatch log forwarding add-on needs to support STS installations
    • OBSDA-59CloudWatch log forwarding add-on needs to support STS installations
    • VERIFIED
    • 0% To Do, 0% In Progress, 100% Done

      Goals

      The goal is allow administrators to use an STS Role for authentication to Cloudwatch in lieu of a access token and credentials.  

      Non-Goals

      Motivation

      There is a larger movement with OpenShift to improve security by depending upon a role that allows token rotation instead of static tokens that would be required to be rotated manually.

      Alternatives

      Acceptance Criteria

      • Verify CLF writes logs to CW using the STS Role instead of an access token

      Risk and Assumptions

      Documentation Considerations

      • Update the CLF documentation to include the opinionated key for the role

      Open Questions

      Additional Notes

            jcantril@redhat.com Jeffrey Cantrill
            jcantril@redhat.com Jeffrey Cantrill
            Anping Li Anping Li
            Votes:
            1 Vote for this issue
            Watchers:
            12 Start watching this issue

              Created:
              Updated:
              Resolved: