Getting UnauthorizedOperation error

[genieai-vikas]

Thank you for the project. I deployed as per your documentation but got this error

caller=ec2.go:170 component="discovery manager scrape" discovery=ec2 msg="Refresh failed" err="could not describe instances: UnauthorizedOperation: You are not authorized to perform this operation.\n\tstatus code: 403, request id:

Could you let me know how to solve this issue please.

This is my prometheus.yml

global:
  scrape_interval: 5s
  external_labels:
    monitor: 'devopsage-monitor'
scrape_configs:
  - job_name: 'prometheus'
    static_configs:
    - targets: ['localhost:9090'] ## IP Address of the localhost
  - job_name: 'ec2_aws_node_exporter_discovery'
    ec2_sd_configs:
      - port: 9100 # referred to nodeExporter exposed port
        # role_arn: arn:aws:iam::637677790xxx:role/ecsInstanceRole
        filters:
        - name: tag:monitoring
          values:
          - prometheus
  - job_name: ecs_CAdvisor
    ec2_sd_configs:
      - port: 9200 # referred to cAdvisor exposed port
        # role_arn: arn:aws:iam::637677790xxx:role/ecsInstanceRole
        filters:
        - name: tag:monitoring
          values:
          - prometheus

[santosh-at-github]

Looks like the IAM Role used here do not have sufficient permission for describe instances due to which you are seeing above error. Deploy the project again (if you have removed it) and the take a look at your CloudTrail log, look for API with error code UnauthorizedOperation and see which component is generating the API and it is assuming which role and the provide necessary permission to that role. That should fix the issue.