-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
26 changed files
with
140 additions
and
0 deletions.
There are no files selected for viewing
Binary file added
BIN
+105 KB
...ing-started-amazon-managed-grafana-workspace/images/add-one-more-permission.png
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added
BIN
+149 KB
...tting-started-amazon-managed-grafana-workspace/images/add-permission-please.png
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added
BIN
+384 KB
...ost/getting-started-amazon-managed-grafana-workspace/images/amg-hello-world.png
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added
BIN
+160 KB
...nt/post/getting-started-amazon-managed-grafana-workspace/images/amg-options.png
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added
BIN
+129 KB
...ted-amazon-managed-grafana-workspace/images/click-continue-with-recommended.png
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added
BIN
+95.1 KB
...-amazon-managed-grafana-workspace/images/click-continue-without-recommended.png
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added
BIN
+129 KB
.../getting-started-amazon-managed-grafana-workspace/images/click-enable-click.png
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added
BIN
+148 KB
...nt/post/getting-started-amazon-managed-grafana-workspace/images/error-again.png
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added
BIN
+111 KB
...g-started-amazon-managed-grafana-workspace/images/exodia-managed-permission.png
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added
BIN
+129 KB
...amazon-managed-grafana-workspace/images/failed-with-insufficient-permission.png
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added
BIN
+147 KB
.../getting-started-amazon-managed-grafana-workspace/images/get-stuck-in-step2.png
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added
BIN
+129 KB
content/post/getting-started-amazon-managed-grafana-workspace/images/image.png
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added
BIN
+116 KB
.../getting-started-amazon-managed-grafana-workspace/images/just-click-console.png
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added
BIN
+95.5 KB
...t/post/getting-started-amazon-managed-grafana-workspace/images/my-first-amg.png
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added
BIN
+140 KB
...ed-amazon-managed-grafana-workspace/images/need-more-permission-to-ams-prom.png
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added
BIN
+103 KB
content/post/getting-started-amazon-managed-grafana-workspace/images/retry.png
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added
BIN
+135 KB
.../post/getting-started-amazon-managed-grafana-workspace/images/step1-ws-name.png
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added
BIN
+105 KB
...t/getting-started-amazon-managed-grafana-workspace/images/step2-create-user.png
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added
BIN
+140 KB
...st/getting-started-amazon-managed-grafana-workspace/images/step2-enable-sso.png
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added
BIN
+134 KB
...arted-amazon-managed-grafana-workspace/images/stern-warning-not-recommended.png
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added
BIN
+96.6 KB
...ng-started-amazon-managed-grafana-workspace/images/update-sso-configuration.png
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added
BIN
+133 KB
.../post/getting-started-amazon-managed-grafana-workspace/images/use-saml-auth.png
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added
BIN
+143 KB
...ost/getting-started-amazon-managed-grafana-workspace/images/what-to-do-next.png
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added
BIN
+131 KB
...t/getting-started-amazon-managed-grafana-workspace/images/workspace-created.png
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added
BIN
+74.9 KB
.../getting-started-amazon-managed-grafana-workspace/images/you-are-not-allowe.png
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
140 changes: 140 additions & 0 deletions
140
content/post/getting-started-amazon-managed-grafana-workspace/index.md
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,140 @@ | ||
| --- | ||
| date: 2024-11-02T21:43:00+09:00 | ||
| title: "시작하세요, Amazon Managed Grafana Workspace" | ||
| tags: | ||
| - aws | ||
| - grafana | ||
| authors: | ||
| - name: kkumtree | ||
| bio: plumber for infra | ||
| email: [email protected] | ||
| launchpad: mscho7969 | ||
| github: kkumtree | ||
| profile: https://avatars.githubusercontent.com/u/52643858?v=4 | ||
| image: cover.png | ||
| draft: true # 글 초안 여부 | ||
| --- | ||
|
|
||
| [Monitoring CoreDNS in EKS with AMG](https://blog.mincloud.io/post/kans-9w-monitoring-codedns-in-eks-with-amg/)의 pre-requisite로, Amazon Managed Grafana Workspace를 간단히 만들어보았습니다. | ||
|
|
||
| 당연히 거의 4년이 다되가니 [Amazon Managed Grafana – Getting Started](https://aws.amazon.com/blogs/mt/amazon-managed-grafana-getting-started/)와는 다른 인터페이스를 확인할 수 있었습니다. | ||
|
|
||
| 현재 제 권한으로는 Organization을 생성할 수 없어서, Workspace만 생성해보았습니다. | ||
| 즉, ~~매우~~ 느슨한 권한으로 Workspace를 만들어주겠다 이것입니다. | ||
|
|
||
| ## 1. '딸깍'으로 시작하기 | ||
|
|
||
| - Getting Started with `딸깍` | ||
|
|
||
|  | ||
|
|
||
| - 이름만 짓고, 넘어가 보겠습니다. | ||
|
|
||
|  | ||
|
|
||
| - AWS ~~IIC~~ IAM Identity Center (구, AWS SSO)를 활용하겠습니다. | ||
| - ~~신경써야할게 많네요~~ | ||
|
|
||
|  | ||
|
|
||
| - 딸~깍, 유저를 만들어봅시다. | ||
|
|
||
|  | ||
|
|
||
| - YEO-EUK-SHI... 될리가 없지요. IAM Identity Center 활성화부터 해야겠네요. | ||
|
|
||
|  | ||
|
|
||
| ## 2. IAM Identity Center 활성화 시도 | ||
|
|
||
| > 보통, 이때 조금 망했다는 생각이 들기 시작하죠 | ||
| - `IAM Identity Center` 메뉴에서 Enable을 `딸깍` 합니다. | ||
|
|
||
|  | ||
|
|
||
| - `Recommended` 싫은데요! 난 다른거 할 건데요! 하면 경고 엄청 날립니다. | ||
|
|
||
|  | ||
|
|
||
| ```txt | ||
| - Users, groups, and AWS managed applications are isolated to this account instance. | ||
| - 선택지 그대로, 현재 로그인한 계정에 격리된다고 합니다. | ||
| - This account instance doesn't support granting users and groups access to - AWS accounts in an AWS organization. | ||
| - AWS Org.에 속한 계정에 권한 부여 안된다고 합니다. | ||
| - This account instance can't be upgraded to become an organization instance. | ||
| - `Recommended` 선택지로 업그레이드 안된다고 합니다. | ||
| ``` | ||
|
|
||
| - 알았어, 알았다고. 왼쪽을 선택하고 `Continue`를 `딸깍` | ||
|
|
||
|  | ||
|
|
||
| - 아 맞다, 주인님 허가 맡아야하지... | ||
|
|
||
|  | ||
|
|
||
| - 이미 경고 숙지했으니, 오른쪽 선택지로 `Continue`를 `딸깍` | ||
| - 한 5~10초 가량 소요 | ||
|
|
||
|  | ||
|
|
||
| - 이제 뭘해야할까... ~~이대로 되는 것일까...~~ | ||
|
|
||
|  | ||
|
|
||
| - 다시 시도! | ||
|
|
||
|  | ||
|
|
||
| - `UpdateSsoConfiguration` 권한 넣으라는 엄중한 지시... | ||
| - 애당초, 안되는 것 같아보이는데... | ||
|
|
||
|  | ||
|
|
||
| - 에라, Document 소환! | ||
| - Docs: [Use AWS IAM Identity Center with your Amazon Managed Grafana workspace](https://docs.aws.amazon.com/grafana/latest/userguide/authentication-in-AMG-SSO.html) | ||
|
|
||
| - 아래 권한을 제게 다 넣어보겠습니다. | ||
| - AWSGrafanaAccountAdministrator | ||
| - AWSSSOMasterAccountAdministrator | ||
| - AWSOrganizationsFullAccess | ||
| - AWSSSODirectoryAdministrator | ||
|
|
||
|  | ||
|
|
||
| - 또 안되서, 인라인 하나만 넣어보고 안되면 던져야겠습니다. | ||
|
|
||
|  | ||
|
|
||
| - 아 그냥 안되는 거였네요. 일단 넘어가야겠네요. | ||
|
|
||
|  | ||
|
|
||
| ## 3. SAML-based AMG | ||
|
|
||
| - SAML 인증으로 선택해보고 계속 생성시도 해보겠습니다. | ||
|
|
||
|  | ||
|
|
||
| - 다른 옵션은 아래와 같습니다. | ||
|
|
||
|  | ||
|
|
||
| - 경고가 아찔한데... | ||
|
|
||
|  | ||
|
|
||
| - Docs: [Amazon Managed Grafana permissions and policies for AWS data sources](https://docs.aws.amazon.com/grafana/latest/userguide/AMG-manage-permissions.html#AMG-service-managed-account) | ||
|
|
||
|  | ||
|
|
||
| - 에러는 없애지 못했지만, 워크스페이스 자체는 생성이 되었습니다. ~~찜찜~~ | ||
|
|
||
|  | ||
|
|
||
|  | ||
|
|
||
| ## 4. SAML 설정 | ||
|
|
||
| SAML해야해서 종료 |