How can we correctly configure Loki helm values file when using IRSA to access s3 bucket?

robelfesshaye · March 22, 2023, 1:45pm

We are deploying Loki using helm in our EKS cluster and in the values file (i.e. loki/values.yaml at main · grafana/loki · GitHub), there is a section where we should insert AWS access and secret keys. What would these two values be if we want to use AWS IRSA IAM roles for service accounts? We left them as null and loki is throwing WebIdentityErr: failed to retrieve credentials error. The section I am referring is:

  storage:
    bucketNames:
      chunks: BUCKET
      ruler: BUCKET
      admin: BUCKET
    type: s3
    s3:
      s3: s3://REGION/BUCKET
      endpoint: s3.REGION.amazonaws.com
      region: REGION 
      secretAccessKey: null
      accessKeyId: null
      s3ForcePathStyle: false
      insecure: false
      http_config: {}

type or paste code here

robelfesshaye · March 25, 2023, 12:52am

This issue is solved. Now IRSA for loki-scalable is working for me and everything is documented here: Loki not writing anything to AWS S3 and no failure logs · Issue #8152 · grafana/loki · GitHub

system · March 24, 2024, 12:53am

This topic was automatically closed 365 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Storing s3 accessKeyID and secretAccessKey securely Grafana Loki configuration , kubernetes , helm	10	2901	October 7, 2024
Grafana + Loki-Distributed + Promtail on EKS Configuration loki	0	696	November 9, 2023
Provide S3 credentials using environment variables Grafana Loki loki , helm	8	2008	August 6, 2024
Loki complains about S3 bucket Grafana	5	4581	April 1, 2022
S3 endpoint with simple scalable deployment with Helm Grafana Loki loki , helm	4	2097	July 11, 2023

How can we correctly configure Loki helm values file when using IRSA to access s3 bucket?

Related topics