This is the solution for accessing your ES cluster if you have configured access policies for the domain. AWS ElasticSearch/Kibana Proxy with authentication to access your AWS ES cluster.
Forked/Enhanced version from commit 2c4374c by Santthosh Selvadurai. Also refer to Loading Credentials in Node.js from the Shared Credentials File.
Install the npm module
npm install -g aws-es-proxy-node
Make sure you have credential profile in ~/.aws/credentials
AWS_PROFILE=saml aws-es-proxy-node <cluster-endpoint>
Alternatively, you can set AWS credentials
export AWS_ACCESS_KEY_ID=XXXXXXXXXXXXXXXXXXX
export AWS_SECRET_ACCESS_KEY=XXXXXXXXXXXXXXXXXXX
export AWS_SESSION_TOKEN=XXXXXXXXXXXXXXXXXXX
aws-es-proxy-node <cluster-endpoint>
Where cluster-endpoint is a hostname (i.e. search-xxxxx.us-east-1.es.amazonaws.com, do not include the http
or https
).
Example with multiple cluster-endpoints and ports:
aws-es-proxy-node\
-e endpointe.us-east-1.es.amazonaws.com\
-e endpoint4.us-east-1.es.amazonaws.com\
-f saml\
-p 9201
Get help instruction:
aws-es-proxy-node --help
usage: index [options] <aws-es-cluster-endpoint>
Options:
-e, --endpoint the es address(es) to bind [string]
-b, --bind-address the ip address to bind to [string] [default: "127.0.0.1"]
-p, --port the port to bind to [number] [default: 9200]
-r, --region the region of the Elasticsearch cluster [string]
-u, --user the username to access the proxy [default: "lgong200"]
-a, --password the password to access the proxy
-s, --silent remove figlet banner [default: false]
-H, --health-path URI path for health check [string]
-l, --limit request limit [default: "10000kb"]
-f, --aws-profile request aws profile [default: "saml"]
--help Show help [boolean]
--version Show version number [boolean]
Forked from this Santthosh Selvadurai
Adopted from this gist. Thanks @nakedible-p