From 610d9a70a19a546134882c2e30efbcf98a62249a Mon Sep 17 00:00:00 2001
From: David Pilato <david@pilato.fr>
Date: Tue, 5 Aug 2014 12:28:46 +0200
Subject: [PATCH] Switch to https communication for Amazon APIs by default

We should use `https` by default instead of `http` for communication between elasticsearch and AWS API.

Note that it can be modified in case of trouble and fallback to the older setting using `cloud.aws.protocol: http`

Closes #109.
---
 README.md                                                | 9 ++++-----
 .../java/org/elasticsearch/cloud/aws/AwsEc2Service.java  | 2 +-
 .../elasticsearch/cloud/aws/InternalAwsS3Service.java    | 8 ++++----
 3 files changed, 9 insertions(+), 10 deletions(-)

diff --git a/README.md b/README.md
index 76440f6b6b1..a90e0b158bc 100644
--- a/README.md
+++ b/README.md
@@ -44,19 +44,18 @@ cloud:
 
 ### Transport security
 
-By default this plugin uses HTTP for all API calls to AWS endpoints. If you wish to configure HTTPS you can set 
+By default this plugin uses HTTPS for all API calls to AWS endpoints. If you wish to configure HTTP you can set 
 `cloud.aws.protocol` in the elasticsearch config. You can optionally override this setting per individual service 
 via: `cloud.aws.ec2.protocol` or `cloud.aws.s3.protocol`. 
 
 ```
 cloud:
     aws:
-        protocol: http
+        protocol: https
         s3: 
-            protocol: https
-        ec2: 
             protocol: http
-
+        ec2: 
+            protocol: https
 ```
 
 ### Region
diff --git a/src/main/java/org/elasticsearch/cloud/aws/AwsEc2Service.java b/src/main/java/org/elasticsearch/cloud/aws/AwsEc2Service.java
index 6499ee0e29f..fc5093625b7 100644
--- a/src/main/java/org/elasticsearch/cloud/aws/AwsEc2Service.java
+++ b/src/main/java/org/elasticsearch/cloud/aws/AwsEc2Service.java
@@ -60,7 +60,7 @@ public class AwsEc2Service extends AbstractLifecycleComponent<AwsEc2Service> {
         }
 
         ClientConfiguration clientConfiguration = new ClientConfiguration();
-        String protocol = componentSettings.get("protocol", "http").toLowerCase();
+        String protocol = componentSettings.get("protocol", "https").toLowerCase();
         protocol = componentSettings.get("ec2.protocol", protocol).toLowerCase();
         if ("http".equals(protocol)) {
             clientConfiguration.setProtocol(Protocol.HTTP);
diff --git a/src/main/java/org/elasticsearch/cloud/aws/InternalAwsS3Service.java b/src/main/java/org/elasticsearch/cloud/aws/InternalAwsS3Service.java
index 94ec05c1c44..3759ba969e5 100644
--- a/src/main/java/org/elasticsearch/cloud/aws/InternalAwsS3Service.java
+++ b/src/main/java/org/elasticsearch/cloud/aws/InternalAwsS3Service.java
@@ -19,9 +19,6 @@
 
 package org.elasticsearch.cloud.aws;
 
-import java.util.HashMap;
-import java.util.Map;
-
 import com.amazonaws.ClientConfiguration;
 import com.amazonaws.Protocol;
 import com.amazonaws.auth.*;
@@ -36,6 +33,9 @@ import org.elasticsearch.common.inject.Inject;
 import org.elasticsearch.common.settings.Settings;
 import org.elasticsearch.common.settings.SettingsFilter;
 
+import java.util.HashMap;
+import java.util.Map;
+
 /**
  *
  */
@@ -88,7 +88,7 @@ public class InternalAwsS3Service extends AbstractLifecycleComponent<AwsS3Servic
         }
 
         ClientConfiguration clientConfiguration = new ClientConfiguration();
-        String protocol = componentSettings.get("protocol", "http").toLowerCase();
+        String protocol = componentSettings.get("protocol", "https").toLowerCase();
         protocol = componentSettings.get("s3.protocol", protocol).toLowerCase();
         if ("http".equals(protocol)) {
             clientConfiguration.setProtocol(Protocol.HTTP);