Is there a way to add IAM user to loki?

Hello guys :slight_smile:
I’m trying to add IAM user to loki stack, so loki can use permissions configured for that IAM user.
We have EKS cluster and I’ve deployed loki and promtail with helm chart. The problem is that loki pod cant create dynamo db table. With kubectl logs I saw which role loki pod try to use and I’ve add a policy to that role and that works now. But I don’t want to add permissions to role which is created by EKS cluster ( with terraform ). So if any has some idea, please write.
Thanks in advance.


I would suggest using Kubernetes serviceaccounts with IAM role annotations if you are using EKS. It works well. See the docs linked below.