-
-
Notifications
You must be signed in to change notification settings - Fork 559
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
feat: Add support for existing IAM role for enhanced monitoring #79
Conversation
@antonbabenko I rebased this using the latest master. Does this PR make sense? Thanks, |
Sorry to comment on this PR but we need this in place for also another reason as explained in #93 . Running enhanced monitoring in AWS CHINA with this module is impossible because the role policy is hardcoded with a specific partition and the role is not injectable. This PR would be a good workaround while we wait for a partition implementation. |
Rebased this again, would you be able to give this an eye @antonbabenko? 🙏 and 🙇. |
We need this as well because we have restrictions on IAM roles in our org that this module doesn't satisfy. Being able to supply our own IAM role for things would be great. |
Rebased again, and updated commit title to pass semantic check. |
Great! v2.24.0 has been just released. |
I'm going to lock this pull request because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues. If you have found a problem that seems related to this change, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further. |
Description
Add support for using an existing IAM role to send RDS enhanced monitoring metrics to CloudWatch Logs.
Background:
If the module is used for provisioning multiple clusters in the same account, it will create one monitoring role for each, which isn't really necessary as they're identical - attaching the same AWS managed policy -
AmazonRDSEnhancedMonitoringRole
.Also, when enabling via the console, from the docs:
Testing:
Added the below to an existing cluster:
Generated these changes: