mirror of
https://github.com/grafana/grafana.git
synced 2024-11-22 00:47:38 -06:00
AzureMonitor: Azure settings in Grafana server config (#33728)
* Azure cloud settings * Fix typos * Grouped Azure settings * Doc fixes * Some settings are not needed * Updated cloud name aliases
This commit is contained in:
parent
6ac43130f2
commit
81ad9769fa
@ -546,6 +546,22 @@ assume_role_enabled = true
|
||||
# Specify max no of pages to be returned by the ListMetricPages API
|
||||
list_metrics_page_limit = 500
|
||||
|
||||
#################################### Azure ###############################
|
||||
[azure]
|
||||
# Azure cloud environment where Grafana is hosted
|
||||
# Possible values are AzureCloud, AzureChinaCloud, AzureUSGovernment and AzureGermanCloud
|
||||
# Default value is AzureCloud (i.e. public cloud)
|
||||
cloud = AzureCloud
|
||||
|
||||
# Specifies whether Grafana hosted in Azure service with Managed Identity configured (e.g. Azure Virtual Machines instance)
|
||||
# If enabled, the managed identity can be used for authentication of Grafana in Azure services
|
||||
# Disabled by default, needs to be explicitly enabled
|
||||
managed_identity_enabled = false
|
||||
|
||||
# Client ID to use for user-assigned managed identity
|
||||
# Should be set for user-assigned identity and should be empty for system-assigned identity
|
||||
managed_identity_client_id =
|
||||
|
||||
#################################### SMTP / Emailing #####################
|
||||
[smtp]
|
||||
enabled = false
|
||||
|
@ -533,6 +533,22 @@
|
||||
# If true, assume role will be enabled for all AWS authentication providers that are specified in aws_auth_providers
|
||||
; assume_role_enabled = true
|
||||
|
||||
#################################### Azure ###############################
|
||||
[azure]
|
||||
# Azure cloud environment where Grafana is hosted
|
||||
# Possible values are AzureCloud, AzureChinaCloud, AzureUSGovernment and AzureGermanCloud
|
||||
# Default value is AzureCloud (i.e. public cloud)
|
||||
;cloud = AzureCloud
|
||||
|
||||
# Specifies whether Grafana hosted in Azure service with Managed Identity configured (e.g. Azure Virtual Machines instance)
|
||||
# If enabled, the managed identity can be used for authentication of Grafana in Azure services
|
||||
# Disabled by default, needs to be explicitly enabled
|
||||
;managed_identity_enabled = false
|
||||
|
||||
# Client ID to use for user-assigned managed identity
|
||||
# Should be set for user-assigned identity and should be empty for system-assigned identity
|
||||
;managed_identity_client_id =
|
||||
|
||||
#################################### SMTP / Emailing ##########################
|
||||
[smtp]
|
||||
;enabled = false
|
||||
|
@ -807,6 +807,31 @@ Use the [List Metrics API](https://docs.aws.amazon.com/AmazonCloudWatch/latest/A
|
||||
|
||||
<hr />
|
||||
|
||||
## [azure]
|
||||
|
||||
Grafana supports additional integration with Azure services when hosted in the Azure Cloud.
|
||||
|
||||
### cloud
|
||||
|
||||
Azure cloud environment where Grafana is hosted:
|
||||
|
||||
| Azure Cloud | Value |
|
||||
| ------------------------------------------------ | ---------------------- |
|
||||
| Microsoft Azure public cloud | AzureCloud (*default*) |
|
||||
| Microsoft Chinese national cloud | AzureChinaCloud |
|
||||
| US Government cloud | AzureUSGovernment |
|
||||
| Microsoft German national cloud ("Black Forest") | AzureGermanCloud |
|
||||
|
||||
### managed_identity_enabled
|
||||
|
||||
Specifies whether Grafana hosted in Azure service with Managed Identity configured (e.g. Azure Virtual Machines instance). Disabled by default, needs to be explicitly enabled.
|
||||
|
||||
### managed_identity_client_id
|
||||
|
||||
The client ID to use for user-assigned managed identity.
|
||||
|
||||
Should be set for user-assigned identity and should be empty for system-assigned identity.
|
||||
|
||||
## [auth.jwt]
|
||||
|
||||
Refer to [JWT authentication]({{< relref "../auth/jwt.md" >}}) for more information.
|
||||
|
@ -13,6 +13,11 @@ import {
|
||||
SystemDateFormatSettings,
|
||||
} from '@grafana/data';
|
||||
|
||||
export interface AzureSettings {
|
||||
cloud?: string;
|
||||
managedIdentityEnabled: boolean;
|
||||
}
|
||||
|
||||
export class GrafanaBootConfig implements GrafanaConfig {
|
||||
datasources: { [str: string]: DataSourceInstanceSettings } = {};
|
||||
panels: { [key: string]: PanelPluginMeta } = {};
|
||||
@ -74,6 +79,9 @@ export class GrafanaBootConfig implements GrafanaConfig {
|
||||
customTheme?: any;
|
||||
awsAllowedAuthProviders: string[] = [];
|
||||
awsAssumeRoleEnabled = false;
|
||||
azure: AzureSettings = {
|
||||
managedIdentityEnabled: false,
|
||||
};
|
||||
|
||||
constructor(options: GrafanaBootConfig) {
|
||||
const mode = options.bootData.user.lightTheme ? 'light' : 'dark';
|
||||
|
@ -246,6 +246,10 @@ func (hs *HTTPServer) getFrontendSettingsMap(c *models.ReqContext) (map[string]i
|
||||
"expressionsEnabled": hs.Cfg.ExpressionsEnabled,
|
||||
"awsAllowedAuthProviders": hs.Cfg.AWSAllowedAuthProviders,
|
||||
"awsAssumeRoleEnabled": hs.Cfg.AWSAssumeRoleEnabled,
|
||||
"azure": map[string]interface{}{
|
||||
"cloud": hs.Cfg.Azure.Cloud,
|
||||
"managedIdentityEnabled": hs.Cfg.Azure.ManagedIdentityEnabled,
|
||||
},
|
||||
}
|
||||
|
||||
return jsonObj, nil
|
||||
|
@ -284,6 +284,9 @@ type Cfg struct {
|
||||
AWSAssumeRoleEnabled bool
|
||||
AWSListMetricsPageLimit int
|
||||
|
||||
// Azure Cloud settings
|
||||
Azure AzureSettings
|
||||
|
||||
// Auth proxy settings
|
||||
AuthProxyEnabled bool
|
||||
AuthProxyHeaderName string
|
||||
@ -900,6 +903,7 @@ func (cfg *Cfg) Load(args *CommandLineArgs) error {
|
||||
|
||||
cfg.readLDAPConfig()
|
||||
cfg.handleAWSConfig()
|
||||
cfg.readAzureSettings()
|
||||
cfg.readSessionConfig()
|
||||
cfg.readSmtpSettings()
|
||||
cfg.readQuotaSettings()
|
||||
|
62
pkg/setting/setting_azure.go
Normal file
62
pkg/setting/setting_azure.go
Normal file
@ -0,0 +1,62 @@
|
||||
package setting
|
||||
|
||||
import "strings"
|
||||
|
||||
const (
|
||||
AzurePublic = "AzureCloud"
|
||||
AzureChina = "AzureChinaCloud"
|
||||
AzureUSGovernment = "AzureUSGovernment"
|
||||
AzureGermany = "AzureGermanCloud"
|
||||
)
|
||||
|
||||
type AzureSettings struct {
|
||||
Cloud string
|
||||
ManagedIdentityEnabled bool
|
||||
ManagedIdentityClientId string
|
||||
}
|
||||
|
||||
func (cfg *Cfg) readAzureSettings() {
|
||||
azureSection := cfg.Raw.Section("azure")
|
||||
|
||||
// Cloud
|
||||
cloudName := azureSection.Key("cloud").MustString(AzurePublic)
|
||||
cfg.Azure.Cloud = normalizeAzureCloud(cloudName)
|
||||
|
||||
// Managed Identity
|
||||
cfg.Azure.ManagedIdentityEnabled = azureSection.Key("managed_identity_enabled").MustBool(false)
|
||||
cfg.Azure.ManagedIdentityClientId = azureSection.Key("managed_identity_client_id").String()
|
||||
}
|
||||
|
||||
func normalizeAzureCloud(cloudName string) string {
|
||||
switch strings.ToLower(cloudName) {
|
||||
// Public
|
||||
case "azurecloud":
|
||||
case "azurepublic":
|
||||
case "azurepubliccloud":
|
||||
case "public":
|
||||
return AzurePublic
|
||||
|
||||
// China
|
||||
case "azurechina":
|
||||
case "azurechinacloud":
|
||||
case "china":
|
||||
return AzureChina
|
||||
|
||||
// US Government
|
||||
case "azureusgovernment":
|
||||
case "azureusgovernmentcloud":
|
||||
case "usgov":
|
||||
case "usgovernment":
|
||||
return AzureUSGovernment
|
||||
|
||||
// Germany
|
||||
case "azuregermancloud":
|
||||
case "azuregermany":
|
||||
case "german":
|
||||
case "germany":
|
||||
return AzureGermany
|
||||
}
|
||||
|
||||
// Pass the name unchanged if it's not known
|
||||
return cloudName
|
||||
}
|
Loading…
Reference in New Issue
Block a user