Our AWS environment has many accounts; we need to configure AWS access by assuming roles.
Our AWS environment consists of a landing zone with many accounts. We need to monitor resources across all accounts, but for security reasons we cannot have a user with access keys in each account. We could have a single user in a dedicated monitoring account, but not in all accounts.
To avoid having to use a user in each account, we want to use the assume role process so that, from a central monitoring account, (either via a user or by using the IAM role attached to the EC2 instance where the monitoring tool is deployed) we can assume monitoring roles in other accounts and retrieve monitoring metrics.
In the current setup, we have only found configurations that require one user per account, and we need to understand where we can configure the roles required to perform the assume role process.
Miguel Angel Blanco Sanz
shared this idea
Hi there,
Great news! Your idea has been approved and moved to the next stage on Paessler.
Before we can commit to developing this idea, we need more input from the community. Your idea has the potential to significantly impact our users, and getting broader feedback will help us understand its full scope and prioritize it effectively.
Here's how you can help:
- Share your idea: Encourage other Paessler users to view, comment on, and vote for your idea.
- Elaborate on your suggestion: Add more details, use cases, or examples to your idea description.
- Engage with comments: Respond to questions and suggestions from other users.
The more engagement your idea receives, the better its chances of being fully implemented.
Thanks for your continued collaboration in making Paessler even better!
Best regards,
The Paessler Product Team