All Apps and Add-ons

add-on for AWS: how to change the STS endpoint when adding an account in private subnet?

hyugma
Explorer

Hi Experts,

Question: Anyone know how to change the STS endpoint to private VPCe Interface address when adding an account to ADD-ON for AWS during setup?  

I am trying to deploy Splunk on a VM in private subnet (no route to the internet) in a VPC in AWS, and to index data on S3 (and more later). Currently, I have set up VPC endpoint (interface) for S3 and STS, and confirmed those 2 endpoints are accessible from the VM via an account from awscli.

When I tried to add an account in add-on Account setup, add-on actually tried to talk STS through public STS which the private network does not have route to. 
I would like to change add-on configuration to have the addon talk to private STS VPCe address to complete the setup/adding an account.

If there is another way to have splunk run in a private subnet, I would like to know about it.

Any comment would be appreciated..
Thank you! 

Labels (2)
0 Karma
1 Solution

hyugma
Explorer
0 Karma
Get Updates on the Splunk Community!

Index This | I am a number, but when you add ‘G’ to me, I go away. What number am I?

March 2024 Edition Hayyy Splunk Education Enthusiasts and the Eternally Curious!  We’re back with another ...

What’s New in Splunk App for PCI Compliance 5.3.1?

The Splunk App for PCI Compliance allows customers to extend the power of their existing Splunk solution with ...

Extending Observability Content to Splunk Cloud

Register to join us !   In this Extending Observability Content to Splunk Cloud Tech Talk, you'll see how to ...