Security in Prometheus exporter #2400
Labels
area:sdk
Related to the SDK
help wanted
Extra attention is needed
spec:metrics
Related to the specification/metrics directory
triage:deciding:community-feedback
What are you trying to achieve?
In the current spec for the Prometheus exporter https://github.com/open-telemetry/opentelemetry-specification/blob/main/specification/metrics/sdk_exporters/prometheus.md, it doesn't mention anything about securing the metrics endpoint.
When using the automatic instrumentation opentelemetry-javaagent.jar and the Prometheus exporter is enabled, the metrics endpoint (e.g. http://localhost:9464/) is not protected.
What did you expect to see?
There should be an option to use https and have the metrics endpoint protected by
Additional context.
Add any other context about the problem here. If you followed an existing documentation, please share the link to it.
The text was updated successfully, but these errors were encountered: