Observability on EKS Fargate
Discover how to design a production-ready metrics pipeline for Amazon EKS running on Fargate using open-source standards and AWS-managed services.
Download the whitepaper: Collecting Application Metrics on Amazon EKS Fargate
About us
We are passionate about the public cloud as well as the DevOps culture and practices!
We believe that the cloud is the new normal and we assist businesses to adopt the public cloud and DevOps practices.
This in-depth guide explains how to combine the AWS Distro for OpenTelemetry (ADOT), Amazon Managed Service for Prometheus (AMP), and AWS Identity and Access Management (IAM) Roles for Service Accounts (IRSA) to create a secure and scalable observability architecture - without relying on node-based DaemonSets that are unsupported in Fargate.
The whitepaper walks through architecture patterns, custom scraping configurations, multi-account observability strategies, IRSA trust models, and operational considerations for enterprise environments.
Ideal for platform engineers, DevOps teams, cloud architects, and security leaders building Kubernetes observability at scale.
What You’ll Learn?
• Why traditional node-based monitoring patterns do not apply to EKS Fargate
• How ADOT replaces Prometheus servers with a managed, scalable collector model
• How to forward metrics securely to AMP using SigV4 authentication
• How to customize Prometheus scraping for constrained frameworks (e.g., gateway/head pod routing)
• How to centralize metrics across multiple AWS accounts into a shared observability hub
• When to use ADOT + AMP vs. Fargate’s built-in log router to Amazon CloudWatch
• How to implement IRSA securely using OIDC federation and STS
Key AWS Services Covered
Amazon EKS
Runs containerized workloads on Fargate without managing nodes.
AWS Distro for OpenTelemetry
Scrapes, processes, and exports Prometheus-compatible metrics.
Amazon Managed Service for Prometheus
Provides a scalable, managed Prometheus backend.
AWS Identity and Access Management
Enables least-privilege access via IRSA and OIDC federation.
Amazon CloudWatch
Alternative metrics/log ingestion path via embedded metric format (EMF).
AWS Organizations
Supports centralized, multi-account observability architectures.
Ready to Standardize Kubernetes Observability on AWS?
Monitoring workloads on EKS Fargate requires a different architectural approach - one that adapts to ephemeral infrastructure, strict security boundaries, and multi-account governance.
At Several Clouds, we help organizations implement ADOT + AMP pipelines that are secure, scalable, and fully aligned with Prometheus and OpenTelemetry standards - while maintaining least-privilege IAM models and centralized visibility.
Whether you're operating a single production cluster or managing dozens across AWS accounts, this whitepaper provides the architecture patterns and security guardrails needed to build observability the right way - without sacrificing flexibility or control.
Book a meeting
Ready to unlock more value from your cloud? Whether you're exploring a migration, optimizing costs, or building with AI—we're here to help. Book a free consultation with our team and let's find the right solution for your goals.