Learner here. I have these AWS multi-accounts with multi-vpcs to monitor.
I would like to know how can I use alertmanager to send alerts out if it runs in a VPC without internet access? This VPC has a filtering proxy though, or because it runs within AWS maybe we can exfiltrate via SNS or something.
Do you have any recommendations?
I am still in the design phase… After reading a lot, it seems that the best in my scenario would be:
- One Prometheus per VPC (to be close from the resources)
- Alert manager on each prometheus sending to Opsgenie (but some VPC don’t have internet)
- Thanos to ship metrics in S3 for long storage and single pain of glass for metrics
- No need for Prometheus federation because Thanos aggregate metrics
If anyone has good documentation about multi-accounts architecture, I am happy to read