I have created a custom docker custom using Grafana 7.3.4, and deployed on AWS ECS. I am accessing through a load balancer (ELB) using http ; ELB port 80 forwarded to port 3000 of ECS instance. I created custom image to include various custom settings e.g. email server which is not possible with standard grafana docker image.
However, when I try to configure a CloudWatch datasoure it is not working. In Graana log, I see this-
t=2021-01-27T18:43:12+0000 lvl=dbug msg=“Querying for data source via SQL store” logger=datasources id=15 orgId=1
t=2021-01-27T18:43:12+0000 lvl=dbug msg=“Authenticating towards AWS with an access key pair” logger=tsdb.cloudwatch region=eu-west-1
t=2021-01-27T18:43:12+0000 lvl=dbug msg=“Successfully created AWS session” logger=tsdb.cloudwatch
t=2021-01-27T18:43:12+0000 lvl=eror msg=“Metric request error” logger=context userId=2 orgId=1 uname=sysadmin error=“failed to call cloudwatch:ListMetrics: RequestError: send request failed\ncaused by: Post “https://monitoring.eu-west-1.amazonaws.com/”: x509: certificate signed by unknown authority” remote_addr=“184.108.40.206, 220.127.116.11”
t=2021-01-27T18:43:12+0000 lvl=eror msg=“Request Completed” logger=context userId=2 orgId=1 uname=sysadmin method=POST path=/api/tsdb/query status=500
It appears it could establish session using AWS Access Key and Secret used; but then call to CloudWatch API errors out due to certificate issue.
How to resolve this? Can configure my grafana docker image to skip SSL verification when calling CloudWatch API?
Thanks in advance for any help.