From 371423cdf524979c7ec4276f16a75fee027de9bf Mon Sep 17 00:00:00 2001 From: Adam Johnson Date: Wed, 3 Jan 2018 00:33:16 +0000 Subject: [PATCH] Reintroduce AWS credential check to cloudwatch output (#3587) --- plugins/outputs/cloudwatch/cloudwatch.go | 14 ++++++++++++++ 1 file changed, 14 insertions(+) diff --git a/plugins/outputs/cloudwatch/cloudwatch.go b/plugins/outputs/cloudwatch/cloudwatch.go index 0c087ce57..783a21416 100644 --- a/plugins/outputs/cloudwatch/cloudwatch.go +++ b/plugins/outputs/cloudwatch/cloudwatch.go @@ -9,6 +9,7 @@ import ( "github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/service/cloudwatch" + "github.com/aws/aws-sdk-go/service/sts" "github.com/influxdata/telegraf" internalaws "github.com/influxdata/telegraf/internal/config/aws" @@ -70,7 +71,20 @@ func (c *CloudWatch) Connect() error { Token: c.Token, } configProvider := credentialConfig.Credentials() + + stsService := sts.New(configProvider) + + params := &sts.GetCallerIdentityInput{} + + _, err := stsService.GetCallerIdentity(params) + + if err != nil { + log.Printf("E! cloudwatch: Cannot use credentials to connect to AWS : %+v \n", err.Error()) + return err + } + c.svc = cloudwatch.New(configProvider) + return nil }