You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I did an initial audit and I didn’t find anything, but we should double check. The only things CloudWatch uses are NewSessionCache, SessionCache.GetSession, AWSDatasourceSettings, AuthSettings, ReadAuthSettings, and some consts.
For reference, the key parts of supporting multi-tenancy are:
State and sensitive information should only be stored at the instance level
Code should not reference environment variables
Code should not access the file system
Notes:
CloudWatch doesn't actually use any of the pieces of grafana-aws-sdk that use sqlds.
Hosted Grafana doesn’t support non-key auth so we don’t have to handle them (slack link)
The text was updated successfully, but these errors were encountered:
No changes required to the library for CloudWatch.
CloudWatch Notes:
We could refactor LoadCloudWatchSettings to call AWSDatsourceSettings.Load
Should just use ReadAuthSettingsFromContext instead of ReadAuthSettings since we know we'll have access to the context auth settings and it removes the env variable path (even if we shouldn't end up going down it).
grafana-aws-sdk Notes:
For a longer term refactor: may make sense to move the AuthSettings to be part of AWSDatasourceSettings and add a loader that accepts a context
I considered trying to refactor the SessionCache to be more pared down for a single instance, but considering that we're going to have to replace it to move to aws-sdk-go/v2 fairly soon, I decided not to. We can't just isolate the new session part of it, since we still need the sts timeouts and handling session expiration.
I did an initial audit and I didn’t find anything, but we should double check. The only things CloudWatch uses are
NewSessionCache
,SessionCache.GetSession
,AWSDatasourceSettings
,AuthSettings
,ReadAuthSettings
, and some consts.For reference, the key parts of supporting multi-tenancy are:
Notes:
grafana-aws-sdk
that usesqlds
.The text was updated successfully, but these errors were encountered: