New to Linkerd. I was deploying Helm charts that were using linkerd-viz release stable-2.12.x and I was able to access the provided Prometheus server without a problem. Now, if I deploy any Helm chart that is using linkerd-viz release stable-2.13.x, I get a 403 Forbidden error when trying to access the provided Prometheus server.
As additional info, the control-plane is running stable-2.13.5.
I’m assuming this is some sort of new/changed authorization policy, but have no clue as to what I should modify or add. Any assistance would be greatly appreciated. Thanks.
By default, Linkerd-viz’s Prometheus is locked down so that it can only be accessed by the metrics-api service account:
You can create more AuthorizationPolicy resources to allow access from other service accounts or subnets. For more details on how AuthorizationPolicies work, see: Authorization Policy | Linkerd