Skip to content

aws-cloudwatch-metrics: extend permissions, update image#1343

Open
rcanavan wants to merge 1 commit into
aws:masterfrom
rcanavan:master
Open

aws-cloudwatch-metrics: extend permissions, update image#1343
rcanavan wants to merge 1 commit into
aws:masterfrom
rcanavan:master

Conversation

@rcanavan

@rcanavan rcanavan commented Jun 30, 2026

Copy link
Copy Markdown
  • aws-cloudwatch-metrics: add list + watch permissions on endpointslices

  • aws-cloudwatch-metrics: add list + watch permissions on servi

  • ces

  • aws-cloudwatch-metrics: bump image version to the latest available

  • aws-cloudwatch-metrics: bump chart version to 0.0.12

Description of changes

With recent k8s versions (we're using 1.35 here), aws-cloudwatch metrics reports the following errors:

reflector.go:166] \"Unhandled Error\" err=\"k8s.io/client-go@v0.32.3/tools/cache/reflector.go:251: Failed to watch *v1.EndpointSlice: failed to list *v1.EndpointSlice: endpointslices.discovery.k8s.io is forbidden: User \\\"system:serviceaccount:amazon-cloudwatch:aws-cw-agent\\\" cannot list resource \\\"endpointslices\\\" in API group \\\"discovery.k8s.io\\\" at the cluster scope\" logger=\"UnhandledError\"","k8":{"pod_name":"aws-cloudwatch-metrics-8d8tj","host":"...","pod_ip":"..."},"kubernetes":{"namespace_name":"amazon-cloudwatch","container_name":"aws-cloudwatch-metrics"}}

and

reflector.go:569] k8s.io/client-go@v0.32.3/tools/cache/reflector.go:251: failed to list *v1.Service: services is forbidden User "system:serviceaccount:amazon-cloudwatch:aws-cw-agent" cannot list resource "services" in API group "" in the namespace "amazon-cloudwatch"

This pull request adds the required permissions to the ClusterRole, although I'm not sure if the list/watch services permissions should be more limited.

Additionally it updates the app and image versions to the most recent image available (currently 1.300069.0b1529).

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.

* aws-cloudwatch-metrics: add list + watch permissions on endpointslices

* aws-cloudwatch-metrics: add list + watch permissions on services

* aws-cloudwatch-metrics: bump image version to the latest available

* aws-cloudwatch-metrics: bump chart version to 0.0.12
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant