Support cross-account observability in AWS CloudWatch scaler

[jbuck]

Proposal

AWS CloudWatch supports a feature called cross-account observability which allows querying multiple source accounts from a single monitoring account, instead of needing to setup credentials for every source account. To use this feature, GetMetricData requests need to specify the AWS Account ID where the metric is located.

For KEDA this would require adding a new optional string parameter for specifying the AWS Account ID to the scaler metadata:

triggers:
  - type: aws-cloudwatch
    metadata:
      # Optional: Specify metric source AWS Account ID when using CloudWatch cross-account observability
      accountId: "012345678901"

This parameter would get plumbed through the metadata to be added to MetricDataQuery.AccountId in the scaler.

Use-Case

To use KEDA (v2.18 as of writing this issue) with multiple AWS accounts I would need to provision credentials and authentication for every metric source account. If this feature was added I could setup a single ClusterTriggerAuthentication with credentials for a single monitoring account, reducing the setup burden on myself and users of KEDA.

We currently use this cross-account observability feature with Grafana, and it's really nice that I only needed to setup a single datasource.

Is this a feature you are interested in implementing yourself?

Yes

Anything else?

I'll take a crack at creating a PR for this feature and seeing if it really is as easy to implement as I'm claiming it is :)