Using the CloudWatch Logging add-on with ROSA STS Clusters
Issue
- ROSA clusters installed using the Security Token Service (STS) workflow do not have the ability to create the long-lived IAM credentials necessary for the Logging add-on to properly authenticate with AWS CloudWatch.
-
The following message is shown in the
clusterlogforwarder
resource when installing the Logging add-on in ROSA cluster with STS:invalid: unrecognized outputs: [cloudwatch], no valid outputs
Environment
- Red Hat OpenShift Service on AWS (ROSA)
- 4
- Red Hat OpenShift Dedicated (OSD)
- 4
- AWS Security Token Service (STS)
- Logging add-on for Amazon CloudWatch
- Red Hat OpenShift Logging (RHOL)
- 5
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.