kubernetes logs to aws elasticsearch using fluentd

6/24/2019

I want to configure fluentd to collect Kubernetes logs and send to aws elasticsearch and enable cross account authentication like EKS cluster in one AWS account and Elasticsearch in another AWS account.

I am able to connect to elasticsearch in the same AWS account as EKS cluster but not able to connect to elasticsearch from EKS cluster in different account. its throwing 403 error, when I use assumerole in the match pattern its throwing access denied error

     url "#{ENV['AWS_ELASTICSEARCH_URL']}"
     region "#{ENV['AWS_REGION']}"
     assume_role_arn "#{ENV['AWS_ASSUME_ROLE_ARN']}"
     assume_role_session_name "#{ENV['AWS_ASSUME_ROLE_NAME']}"
   </endpoint>

with assume role - error_class=Aws::STS::Errors::AccessDenied error="Access denied"

without assume role - [403] forbidden

-- user2416
aws-elasticsearch
fluentd
kubernetes

0 Answers