Switch to https communication for Amazon APIs by default
We should use `https` by default instead of `http` for communication between elasticsearch and AWS API. Note that it can be modified in case of trouble and fallback to the older setting using `cloud.aws.protocol: http` Closes #109.
This commit is contained in:
parent
0474a1bfea
commit
610d9a70a1
|
@ -44,19 +44,18 @@ cloud:
|
||||||
|
|
||||||
### Transport security
|
### Transport security
|
||||||
|
|
||||||
By default this plugin uses HTTP for all API calls to AWS endpoints. If you wish to configure HTTPS you can set
|
By default this plugin uses HTTPS for all API calls to AWS endpoints. If you wish to configure HTTP you can set
|
||||||
`cloud.aws.protocol` in the elasticsearch config. You can optionally override this setting per individual service
|
`cloud.aws.protocol` in the elasticsearch config. You can optionally override this setting per individual service
|
||||||
via: `cloud.aws.ec2.protocol` or `cloud.aws.s3.protocol`.
|
via: `cloud.aws.ec2.protocol` or `cloud.aws.s3.protocol`.
|
||||||
|
|
||||||
```
|
```
|
||||||
cloud:
|
cloud:
|
||||||
aws:
|
aws:
|
||||||
protocol: http
|
|
||||||
s3:
|
|
||||||
protocol: https
|
protocol: https
|
||||||
ec2:
|
s3:
|
||||||
protocol: http
|
protocol: http
|
||||||
|
ec2:
|
||||||
|
protocol: https
|
||||||
```
|
```
|
||||||
|
|
||||||
### Region
|
### Region
|
||||||
|
|
|
@ -60,7 +60,7 @@ public class AwsEc2Service extends AbstractLifecycleComponent<AwsEc2Service> {
|
||||||
}
|
}
|
||||||
|
|
||||||
ClientConfiguration clientConfiguration = new ClientConfiguration();
|
ClientConfiguration clientConfiguration = new ClientConfiguration();
|
||||||
String protocol = componentSettings.get("protocol", "http").toLowerCase();
|
String protocol = componentSettings.get("protocol", "https").toLowerCase();
|
||||||
protocol = componentSettings.get("ec2.protocol", protocol).toLowerCase();
|
protocol = componentSettings.get("ec2.protocol", protocol).toLowerCase();
|
||||||
if ("http".equals(protocol)) {
|
if ("http".equals(protocol)) {
|
||||||
clientConfiguration.setProtocol(Protocol.HTTP);
|
clientConfiguration.setProtocol(Protocol.HTTP);
|
||||||
|
|
|
@ -19,9 +19,6 @@
|
||||||
|
|
||||||
package org.elasticsearch.cloud.aws;
|
package org.elasticsearch.cloud.aws;
|
||||||
|
|
||||||
import java.util.HashMap;
|
|
||||||
import java.util.Map;
|
|
||||||
|
|
||||||
import com.amazonaws.ClientConfiguration;
|
import com.amazonaws.ClientConfiguration;
|
||||||
import com.amazonaws.Protocol;
|
import com.amazonaws.Protocol;
|
||||||
import com.amazonaws.auth.*;
|
import com.amazonaws.auth.*;
|
||||||
|
@ -36,6 +33,9 @@ import org.elasticsearch.common.inject.Inject;
|
||||||
import org.elasticsearch.common.settings.Settings;
|
import org.elasticsearch.common.settings.Settings;
|
||||||
import org.elasticsearch.common.settings.SettingsFilter;
|
import org.elasticsearch.common.settings.SettingsFilter;
|
||||||
|
|
||||||
|
import java.util.HashMap;
|
||||||
|
import java.util.Map;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
*
|
*
|
||||||
*/
|
*/
|
||||||
|
@ -88,7 +88,7 @@ public class InternalAwsS3Service extends AbstractLifecycleComponent<AwsS3Servic
|
||||||
}
|
}
|
||||||
|
|
||||||
ClientConfiguration clientConfiguration = new ClientConfiguration();
|
ClientConfiguration clientConfiguration = new ClientConfiguration();
|
||||||
String protocol = componentSettings.get("protocol", "http").toLowerCase();
|
String protocol = componentSettings.get("protocol", "https").toLowerCase();
|
||||||
protocol = componentSettings.get("s3.protocol", protocol).toLowerCase();
|
protocol = componentSettings.get("s3.protocol", protocol).toLowerCase();
|
||||||
if ("http".equals(protocol)) {
|
if ("http".equals(protocol)) {
|
||||||
clientConfiguration.setProtocol(Protocol.HTTP);
|
clientConfiguration.setProtocol(Protocol.HTTP);
|
||||||
|
|
Loading…
Reference in New Issue