If the password is visible from the prometheus UI or API's that is a major security issue.
If the password is present in the Prometheus configuration file, that is not a security issue because you can protect it with your operating system abilities. Can you please clarify? Thanks. Le sam. 27 mars 2021 à 13:05, Amit Das <[email protected]> a écrit : > Hi, > > I am looking for getting the metrics behind basic auth from url like > 192.16.10.8/metrics (with nginx auth). > > I see i can do that by adding username and password in the prometheus.yml > job. > > Prometheus URL is accessible to everyone internaly and can see the > password from the config. > From security perspective this is not good. > Can you please suggest the best approach to get metrics with basic auth > without leaking credentials like from prometheus url. > > Thanks > > -- > You received this message because you are subscribed to the Google Groups > "Prometheus Users" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To view this discussion on the web visit > https://groups.google.com/d/msgid/prometheus-users/429f1aa1-7f2e-40ea-9a13-4b574d05b2c6n%40googlegroups.com > <https://groups.google.com/d/msgid/prometheus-users/429f1aa1-7f2e-40ea-9a13-4b574d05b2c6n%40googlegroups.com?utm_medium=email&utm_source=footer> > . > -- You received this message because you are subscribed to the Google Groups "Prometheus Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/prometheus-users/CAFJ6V0pcw1cWZDvVkh4FY_ebwOZgF-x5nMms4u%3DSRC8-e7B3tQ%40mail.gmail.com.
