Skip to content

Commit

Permalink
[processor/resourcedetectionprocessor] mention required permissions (#…
Browse files Browse the repository at this point in the history 
…24005)

Mention required permission in readme

Signed-off-by: Benedikt Bongartz <bongartz@klimlive.de>
  • Loading branch information
@frzifus
frzifus authored Jul 6, 2023
1 parent 751c2e1 commit fb71b6b
Showing 1 changed file with 11 additions and 0 deletions.
11 changes: 11 additions & 0 deletions processor/resourcedetectionprocessor/README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -425,6 +425,17 @@ Queries the OpenShift and Kubernetes API to retrieve the following resource attr
* cloud.region
* k8s.cluster.name

The following permissions are required:
```yaml
kind: ClusterRole
metadata:
name: otel-collector
rules:
- apiGroups: ["config.openshift.io"]
resources: ["infrastructures"]
verbs: ["get", "watch", "list"]
```

By default, the API address is determined from the environment variables `KUBERNETES_SERVICE_HOST`, `KUBERNETES_SERVICE_PORT` and the service token is read from `/var/run/secrets/kubernetes.io/serviceaccount/token`.
If TLS is not explicit disabled and no `ca_file` is configured `/var/run/secrets/kubernetes.io/serviceaccount/ca.crt` is used.
The determination of the API address, ca_file and the service token is skipped if they are set in the configuration.
Expand Down

0 comments on commit fb71b6b

Please sign in to comment.