Using --web.config-file you can make Prometheus require HTTP Basic Authentication (basic_auth_users) or TLS client certificate authentication (client_auth_type, client_ca_file, client_allowed_sans).
See: https://prometheus.io/docs/prometheus/latest/configuration/https/#https-and-authentication If you want this to happen only for certain endpoints like remote_write, then you'll need to bind prometheus to 127.0.0.1 and run a reverse proxy in front of it with whatever authorization policy you want. On Monday 29 January 2024 at 10:45:12 UTC Siradj Eddine Fisli wrote: > I have two prometheus instances , one is in agent mode remote writing > metrics to the second one, i want to add authentication mechanism, also i > am using kube-prometheus-stack. is there any solution ? > also prometheus is accessible via https, i configured that using > cert-manager and letsencrypt. -- You received this message because you are subscribed to the Google Groups "Prometheus Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/prometheus-users/ef65060b-caea-4fb6-b4f2-12af9d041aa6n%40googlegroups.com.
