Skip to content

Commit

Permalink
release 23.6.0
Browse files Browse the repository at this point in the history 
Signed-off-by: Markus Blaschke <[email protected]>
  • Loading branch information
@mblaschke
mblaschke committed Jun 12, 2023
1 parent 1ba2eb0 commit 479f861
Showing 1 changed file with 9 additions and 40 deletions.
49 changes: 9 additions & 40 deletions README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,24 +5,24 @@
[![Quay.io](https://img.shields.io/badge/Quay.io-webdevops%2Fazure--keyvault--exporter-blue)](https://quay.io/repository/webdevops/azure-keyvault-exporter)
[![Artifact Hub](https://img.shields.io/endpoint?url=https://artifacthub.io/badge/repository/azure-keyvault-exporter)](https://artifacthub.io/packages/search?repo=azure-keyvault-exporter)

Prometheus exporter for Azure Keyvaults which exports general information and dates (created, updated, notBefore, expiry) for secrets, keys and certificates.
Prometheus exporter for Azure KeyVaults which exports general information and dates (created, updated, notBefore, expiry) for secrets, keys and certificates.

## Configuration

Normally no configuration is needed but can be customized using environment variables.

```
Usage:
azure-keyvault-exporter [OPTIONS]
Application Options:
--log.debug debug mode [$LOG_DEBUG]
--log.trace trace mode [$LOG_TRACE]
--log.devel development mode [$LOG_DEVEL]
--log.json Switch log output to json format [$LOG_JSON]
--azure.environment= Azure environment name (default: AZUREPUBLICCLOUD) [$AZURE_ENVIRONMENT]
--azure.subscription= Azure subscription ID (space delimiter) [$AZURE_SUBSCRIPTION_ID]
--azure.resourcegroup= Azure ResourceGroup [$AZURE_RESOURCEGROUP]
--azure.resource-tag= Azure Resource tags (space delimiter) (default: owner) [$AZURE_RESOURCE_TAG]
--keyvault.filter= Filter KeyVaults via ResourceGraph kusto filter, query: 'resource | ${filter} | project id' [$KEYVAULT_FILTER]
--cache.path= Cache path (to folder, file://path... or azblob://storageaccount.blob.core.windows.net/containername)
[$CACHE_PATH]
--scrape.time= Default scrape time (time.duration) (default: 5m) [$SCRAPE_TIME]
--scrape.concurrency= Defines who many Keyvaults can be scraped at the same time (default: 10) [$SCRAPE_CONCURRENCY]
--server.bind= Server address (default: :8080) [$SERVER_BIND]
Expand Down Expand Up @@ -53,44 +53,13 @@ for Azure API authentication (using ENV vars) see following documentations:

### ResourceTags handling

Tag can be dynamically added to metrics and processed though filters

format is: `tagname?filter1` or `tagname?filter1&filter2`

| Tag filter | Description |
|------------|-----------------------------|
| `toLower` | Lowercasing Azure tag value |
| `toUpper` | Uppercasing Azure tag value |
see [armclient tagmanager documentation](https://github.com/webdevops/go-common/blob/main/azuresdk/README.md#tag-manager)

### AzureTracing metrics

(with 22.2.0 and later)

Azuretracing metrics collects latency and latency from azure-sdk-for-go and creates metrics and is controllable using
environment variables (eg. setting buckets, disabling metrics or disable autoreset).

| Metric | Description |
|------------------------------------------|----------------------------------------------------------------------------------------|
| `azurerm_api_ratelimit` | Azure ratelimit metrics (only on /metrics, resets after query due to limited validity) |
| `azurerm_api_request_*` | Azure request count and latency as histogram |

#### Settings
see [armclient tracing documentation](https://github.com/webdevops/go-common/blob/main/azuresdk/README.md#azuretracing-metrics)

| Environment variable | Example | Description |
|------------------------------------------|------------------------------------|----------------------------------------------------------------|
| `METRIC_AZURERM_API_REQUEST_BUCKETS` | `1, 2.5, 5, 10, 30, 60, 90, 120` | Sets buckets for `azurerm_api_request` histogram metric |
| `METRIC_AZURERM_API_REQUEST_ENABLE` | `false` | Enables/disables `azurerm_api_request_*` metric |
| `METRIC_AZURERM_API_REQUEST_LABELS` | `apiEndpoint, method, statusCode` | Controls labels of `azurerm_api_request_*` metric |
| `METRIC_AZURERM_API_RATELIMIT_ENABLE` | `false` | Enables/disables `azurerm_api_ratelimit` metric |
| `METRIC_AZURERM_API_RATELIMIT_AUTORESET` | `false` | Enables/disables `azurerm_api_ratelimit` autoreset after fetch |
### Caching

see [prometheus collector cache documentation](https://github.com/webdevops/go-common/blob/main/prometheus/README.md#caching)

| `azurerm_api_request` label | Status | Description |
|-----------------------------|--------------------|----------------------------------------------------------------------------------------------------------|
| `apiEndpoint` | enabled by default | hostname of endpoint (max 3 parts) |
| `routingRegion` | enabled by default | detected region for API call, either routing region from Azure Management API or Azure resource location |
| `subscriptionID` | enabled by default | detected subscriptionID |
| `tenantID` | enabled by default | detected tenantID (extracted from jwt auth token) |
| `resourceProvider` | enabled by default | detected Azure Management API provider |
| `method` | enabled by default | HTTP method |
| `statusCode` | enabled by default | HTTP status code |

0 comments on commit 479f861

Please sign in to comment.