Using different Cloudwatch Endpoints

Does Grafana support the use of different endpoints for Security Token Service and CloudWatch in order to configure the CloudWatch data source for non-public AWS cloud (aka C2S)?

monitoring.us-east-1.amazonaws.com
https://sts.amazonaws.com/

Any solution to this?

Hello,

I’m facing the same need.

My Grafana server is in a non internet facing VPC.

I’m trying to monitor several AWS accounts by creating several Cloudwatch data source using custom role ARNs to assume for each account.

The problem is that the request goes to sts.amazonaws.com directly, preventing the possibility to use STS regional endpoints (like sts.eu-west-1.amazonaws.com using STS VPC endpoints).

If I configure the proxy settings to allow initial call to pass (and adding NO_PROXY=169.254.169.254), then it would workd but ideally, we don’t need to go through internet.

Thank you