Add support for AWS Elasticsearch Service by signing request properly. #310
Conversation
Credentials are gathered from auth configuration, AWS access key maps to username and AWS secret maps to password configs AWS Region is infered from host name
| @@ -324,7 +324,8 @@ class HTTPElasticClient @Inject()(client: WSClient) extends ElasticClient { | |||
| val request = | |||
| authentication.foldLeft(client.url(url).withMethod(method).withHttpHeaders(headers: _*)) { | |||
| case (request, auth) => | |||
| request.withAuth(auth.username, auth.password, WSAuthScheme.BASIC) | |||
There was a problem hiding this comment.
could we keep basic auth? and possibly add aws so config would look like:
{
host = "https://some-aws-es-domain"
name = "AWS ES Cluster"
aws = {
access_key = "access"
secrety_key = "secret"
}
}
BTW, its working as expected :) but cannot be mixed with basic auth
There was a problem hiding this comment.
Agree here. Specially if the AWS credentials are gonna be provided through an instance profile
|
sorry for the very long delay. I will try to take a look at this soon 👍 |
|
This is pretty useful and deserves a separate config keyword to have both auth and aws credentials. |
|
Hey, can you help me with the build instructions for the source code. I am trying to build the source code and getting in unresolved dependencies. BTW I am new to scala. Your help is very much appreciated. |
|
+1 for this feature. @lmenezes what is missing to bump a version with this feature? |
|
|
||
| object AwsSigner { | ||
|
|
||
| def sing(method: String, url: String, headers: Seq[(String, String)], body: Option[String], secret: String, key: String) : Seq[(String, String)] = { |
There was a problem hiding this comment.
I think this method should be: sign and not sing, right?
There was a problem hiding this comment.
You are right. Should I fix it and do another PR?
There was a problem hiding this comment.
In fact, I don't know, because this PR is open for so long. Did you build a docker image from your branch? if so, could share it with us, meanwhile they don't merge your PR.
|
How would this work with the AWS credential provider chain? Like if the basic auth for cerebro differs from AWS keys, and the latter won't be provided since it might be picked up from the env vars, instance profile... https://docs.aws.amazon.com/sdk-for-java/v1/developer-guide/credentials.html |
|
this PR has been open for a very long time, whats up ? |
|
Hi, any news about it? |
|
News? |
|
credentials can be taken from the associated profile ... this endpoint is available at any EC2 instance |
Credentials are gathered from auth configuration, AWS access key maps to username and AWS secret maps to password configs
AWS Region is infered from host name