Install the EKS add-on with secure token handling

Deploy the Splunk Distribution of the OpenTelemetry Collector Amazon EKS add-on onto an Amazon EKS cluster.

  1. Subscribe to the add-on in AWS Marketplace.

    In your AWS Marketplace, ensure that:

    • You have sufficient permissions in your AWS account to enable this add-on.

    • Complete the subscription process in the AWS console. Go to the AWS Marketplace Page to add the Splunk Distribution of the OpenTelemetry Collector Amazon EKS add-on to your AWS account.

  2. Meet the following prerequisites:
    Credentials
    Make sure you have credentials for Splunk Observability Cloud or Splunk Platform.
    Destination requirements

    Splunk Observability Cloud

    Splunk Platform (Splunk Enterprise or Splunk Cloud):

  3. Add the add-on to your EKS clusters.

    You can use eksctl, the AWS Management Console, or the AWS CLI. Follow the steps in the Amazon EKS user guide.

  4. Configure the add-on with improved security.

    Create a YAML file tailored to your Splunk set-up. You can use the YAML samples below, replacing placeholder values with your specific configuration details.

    CAUTION: For security reasons, avoid including tokens or any sensitive data in the configuration file, as EKS add-on configurations are exposed within the EKS web console.
    Note: For more specific configuration information, see Install the Collector for Kubernetes using Helm.
    Splunk Observability Cloud
    YAML 
    splunkObservability:
    realm: your-splunk-realm
clusterName: your-eks-cluster-name
cloudProvider: aws
distribution: eks

secret:
    create: false
    name: splunk-otel-collector
    validateSecret: false
    Splunk Platform

    For Splunk Platform, create a splunkObservability section but set splunkObservability.accessToken and splunkObservability.realm to empty strings as in the example below.

    YAML 
    splunkPlatform:
  endpoint: http://localhost:8088/services/collector
  token: your-hec-token
clusterName: your-eks-cluster-name
cloudProvider: aws
distribution: eks

splunkObservability:
  accessToken: ""
  realm: ""
  5. Add your secret and deploy.

    Deploy the secret into the Splunk monitoring namespace by applying a YAML file, or by using the kubectl command.

    YAML

    To deploy the secret, use a distinct Kubernetes secret YAML file with sensitive tokens, separate from the add-on configuration YAML.

    Use the command:

    DEFAULT 
    kubectl apply -f splunk-otel-collector-secret.yaml

    Here's a template for the secret YAML file:

    YAML 
    apiVersion: v1
kind: Secret
metadata:
    name: splunk-otel-collector
    namespace: splunk-monitoring
type: Opaque
data:
    splunk_observability_access_token: your-splunk-access-token 
    splunk_platform_hec_token: your-hec-token  # Add this line only if using with splunkPlatform
    kubectl

    Create a secret using a kubectl command:

    For splunkObservability:

    YAML 
    kubectl create secret generic splunk-otel-collector \
    --from-literal=splunk_observability_access_token=your-splunk-access-token \
    -n splunk-monitoring

    Replace your-splunk-access-token with your actual Splunk Observability Cloud access token.

    For splunkPlatform:

    YAML 
    kubectl create secret generic splunk-otel-collector \
    --from-literal=splunk_platform_hec_token=your-hec-token \
    -n splunk-monitoring

    Replace your-hec-token with your actual Splunk Platform HEC token.

  6. Wait for the Collector to detect your secret and start running successfully.