Access various AWS products such as EC2, S3, RDS and Cloudwatch to get resources such as instances, volumes, etc
AWS integration gives you ability connect with various AWS products to access AWS resources using maira commands. Maira currently supports EC2, S3, RDS and DynamoDB. More AWS products will be supported in future. Also, you can add your own integration using AWS CLI.
With RDS (mysql, postgres or mariadb drivers), you can query data from your database using standard SQL query.
To integrate with AWS, the minimum configuration you need to provide is the list or regions. The first region in the list is the default region. The rest of the configuration it loads from standard AWS environment variables or AWS configuration and credentials files. If you are using maira-agent-helm chart, you can copy these files in aws directory.
To integrate with RDS, you need to provide additional configuration for the rds host with driver selection (mysql/postgres/mariadb).
- If a password is provided in the config then Password based authentication will be done.
- If no password is provided IAM based authentication will be done.
Below is sample configuration for enabling aws integration through Helm Chart Values file
- disabled tag can be set to true to temporarily disable the service without removing the config
- tag "rds_hosts" is an optional tag which can be included if you have to work with any rds databases like mysql, postgres
Below is an example maira gateway config to enable AWS integration.
modules: - name: clutch.module.aws - name: maira_io.module.aws services: - name: clutch.service.aws typed_config: "@type": types.google.com/clutch.config.service.aws.v1.Config regions: - us-east-1 - us-west-2 - name: maira_io.service.aws typed_config: "@type": types.google.com/maira_io.config.service.maira_aws.v1.Config aws_config: regions: - us-east-1 - us-west-2 rds_hosts: mysql-host: dbName: "" endpoint: "" user: "" password: "" awsRegion: us-east-1 driver: mysql
Additional Helpful Configuration Links for using RDS integration
To use AWS IAM authentication, you have to do few things:
- Enable IAM auth for the DB - https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/UsingWithRDS.IAMDBAuth.Enabling.html
- Create an IAM user with permission for rds-db:connect action as specified here: https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/UsingWithRDS.IAMDBAuth.IAMPolicy.html
- Create a DB user with IAM auth in DB as specified in https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/UsingWithRDS.IAMDBAuth.DBAccounts.html