Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add support for proxy authentication for s3 and ec2 #15352

Merged
merged 1 commit into from Dec 11, 2015

Conversation

Projects
None yet
3 participants
@dadoonet
Copy link
Member

commented Dec 9, 2015

Backport of #15293 in 2.x branch

When using S3 or EC2, it was possible to use a proxy to access EC2 or S3 API but username and password were not possible to be set.

This commit adds support for this. Also, to make all that consistent, proxy settings for both plugins have been renamed:

  • from cloud.aws.proxy_host to cloud.aws.proxy.host
  • from cloud.aws.ec2.proxy_host to cloud.aws.ec2.proxy.host
  • from cloud.aws.s3.proxy_host to cloud.aws.s3.proxy.host
  • from cloud.aws.proxy_port to cloud.aws.proxy.port
  • from cloud.aws.ec2.proxy_port to cloud.aws.ec2.proxy.port
  • from cloud.aws.s3.proxy_port to cloud.aws.s3.proxy.port

New settings are proxy.username and proxy.password.

cloud:
    aws:
        protocol: https
        proxy:
            host: proxy1.company.com
            port: 8083
            username: myself
            password: theBestPasswordEver!

You can also set different proxies for ec2 and s3:

cloud:
    aws:
        s3:
            proxy:
                host: proxy1.company.com
                port: 8083
                username: myself1
                password: theBestPasswordEver1!
        ec2:
            proxy:
                host: proxy2.company.com
                port: 8083
                username: myself2
                password: theBestPasswordEver2!

Note that password is filtered with SettingsFilter.

We also fix a potential issue in S3 repository. We were supposed to accept key/secret either set under cloud.aws or cloud.aws.s3 but the actual code never implemented that.

It was:

account = settings.get("cloud.aws.access_key");
key = settings.get("cloud.aws.secret_key");

We replaced that by:

String account = settings.get(CLOUD_S3.KEY, settings.get(CLOUD_AWS.KEY));
String key = settings.get(CLOUD_S3.SECRET, settings.get(CLOUD_AWS.SECRET));

Also, we extract all settings for S3 in AwsS3Service as it's already the case for AwsEc2Service class.

Related to #15268.

Add support for proxy authentication for s3 and ec2
Backport of #15293 in 2.x branch

When using S3 or EC2, it was possible to use a proxy to access EC2 or S3 API but username and password were not possible to be set.

This commit adds support for this. Also, to make all that consistent, proxy settings for both plugins have been renamed:

* from `cloud.aws.proxy_host` to `cloud.aws.proxy.host`
* from `cloud.aws.ec2.proxy_host` to `cloud.aws.ec2.proxy.host`
* from `cloud.aws.s3.proxy_host` to `cloud.aws.s3.proxy.host`
* from `cloud.aws.proxy_port` to `cloud.aws.proxy.port`
* from `cloud.aws.ec2.proxy_port` to `cloud.aws.ec2.proxy.port`
* from `cloud.aws.s3.proxy_port` to `cloud.aws.s3.proxy.port`

New settings are `proxy.username` and `proxy.password`.

```yml
cloud:
    aws:
        protocol: https
        proxy:
            host: proxy1.company.com
            port: 8083
            username: myself
            password: theBestPasswordEver!
```

You can also set different proxies for `ec2` and `s3`:

```yml
cloud:
    aws:
        s3:
            proxy:
                host: proxy1.company.com
                port: 8083
                username: myself1
                password: theBestPasswordEver1!
        ec2:
            proxy:
                host: proxy2.company.com
                port: 8083
                username: myself2
                password: theBestPasswordEver2!
```

Note that `password` is filtered with `SettingsFilter`.

We also fix a potential issue in S3 repository. We were supposed to accept key/secret either set under `cloud.aws` or `cloud.aws.s3` but the actual code never implemented that.

It was:

```java
account = settings.get("cloud.aws.access_key");
key = settings.get("cloud.aws.secret_key");
```

We replaced that by:

```java
String account = settings.get(CLOUD_S3.KEY, settings.get(CLOUD_AWS.KEY));
String key = settings.get(CLOUD_S3.SECRET, settings.get(CLOUD_AWS.SECRET));
```

Also, we extract all settings for S3 in `AwsS3Service` as it's already the case for `AwsEc2Service` class.

Related to #15268.
@dadoonet

This comment has been minimized.

Copy link
Member Author

commented Dec 9, 2015

@imotov Could you review this please? It's the backported version of #15293 you already reviewed. Thanks!

@imotov

This comment has been minimized.

Copy link
Member

commented Dec 10, 2015

LGTM

@imotov imotov removed their assignment Dec 10, 2015

@imotov imotov removed the review label Dec 10, 2015

@dadoonet dadoonet merged commit cd788a3 into elastic:2.x Dec 11, 2015

1 check passed

CLA Commit author is a member of Elasticsearch
Details

@dadoonet dadoonet deleted the dadoonet:backport/15293-aws-proxy branch Dec 30, 2015

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.