using fine grained service account IAM roles in EKS
Closed this issue · 1 comments
chelomontilla commented
Hi,
I'm using service account iam roles in amazon EKS, but I'm not able to get logstash s3 working using an IAM role.
I can see the environment variables in the pod:
-
AWS_WEB_IDENTITY_TOKEN_FILE: /var/run/secrets/eks.amazonaws.com/serviceaccount/token
-
AWS_ROLE_ARN: arn:aws:iam::0123456789:role/logstash-cloudfront
The input config:
input {
s3 {
role_arn => "${AWS_ROLE_ARN}"
bucket => "logs-cloudfront"
prefix => "staging"
region => "us-west-1"
}
}
Is there anyway for the plugin to read the identity toke file?
Thanks in advance
Chaosmonkeys commented
Any updates?