Click the Start a free trial link to start a 15-day SaaS trial of our product and join our community as a trial user. If you are an existing customer do not start a free trial.
AppDynamics customers and established members should click the sign in button to authenticate.
Need help to understand the requirement of "api-user" (Controller local User) with administrative rights for auto instrumentation using cluster agent on EKS. We have installed the cluster agent successfully into our EKS cluster and it is reporting data properly, now we are planning to achieve auto instrumentation of all the containers/pods running. While going through the documentation I found that there is a requirement to create a local user with an administrator role.
I don't want to provide a local user with admin rights to the application team due to security concerns, Kindly suggest what else we can do here.
Also, why AppDynamics is not using "API Client" token-based authentication instead of the user?
Solved! Go to Solution.
Can you share the link to the Docs page you grabbed that screenshot from? I'll share it with the Docs team to get some clarity.
Ryan, Cisco AppDynamics Community Manager
Found something helpful? Click the Accept as Solution button to help others find answers faster.
Liked something? Click the Thumbs Up button.
Check out Observabiity in Action
new deep dive videos weekly in the Knowledge Base.
hi @Ryan.Paredez , thanks for quick response. the link I took the screenshot is Auto-Instrument Applications with the Cluster Agent (appdynamics.com).
the thing that really upsets me are:
- why username and password when appdynamics have api tokens
- why the docs says Administrator
actually the screenshot is from here Install the Cluster Agent with Helm Charts (appdynamics.com) and the information about "local Administrator access" is from here Auto-Instrument Applications with the Cluster Agent (appdynamics.com).
You can skip the step where it is asking for an Admin user. I did the agent installation without the Admin user and everything is working fine except when a container stopped working it will still appear in the tiers and node tab as a disconnected node. Either you can delete it manually or wait for some time and it will be deleted automatically (Historical and Disconnected Nodes - https://docs.appdynamics.com/appd/22.x/22.1/en/application-monitoring/administer-app-server-agents/h...)
Admin user only helps in cleaning the disconnected nodes automatically as soon as a container is stopped/deleted Cluster Agent (With Admin User) will also delete it from AppDynamics immediately that's all it does.
Yes, it's very disappointing that the product has Client API functionality where we can use API tokens for providing more secure integrations but it still asks for the User ID. The same is the case with Dexter also.
thanks a lot for the information!! I`m absolutely sure my appdynamics administrators wont be happy with a bunch of dead pods on the system. but it`s not my problem right? its a flaw on the product. I was able to instrument without administrator access as well.
> Yes, it's very disappointing that the product has Client API functionality where we can use API tokens for providing more secure integrations but it still asks for the User ID. The same is the case with Dexter also.
we surely expect more from a really really really really really really really really really really really really really really expensive product like appdynamics!