S3 upload using EC2 metadata credentials


I have installed Grafana version 4.1.1 on an AWS EC2 instance. I want to configure the grafana server to upload images to S3 (for alerts & chat), and I want to avoid configuring in a SecretKey & AccessKey (instead having grafana pick it up from the Ec2Metadata service).

From looking at the s3uploader code, I can see that it already includes the use of a ChainCredential construct to chain the StaticProvider → EnvProvider → Ec2RoleProvider.

Doesnt this mean that if the AccessKey and SecretKey are not provided the authentication should chain down to using the EC2RoleProvider?

What I am observing though is:

  1. if I do not specify the Secret & Access keys, then the image upload fails indicating that those configurations are not provided
  2. if I give an incorrect value for the Secret & Access key, then the authentication to AWS fails indicating invalid access key.

My question: How do I force/specify grafana to use the Ec2MetadataProvider to authenticate to AWS?


Strange, if you leave those options emtpy you get an error?


4.1.1 doesn’t support EC2RoleProvider.

Please try 4.2.0.