Switch to https communication for Amazon APIs by default

We should use `https` by default instead of `http` for communication between elasticsearch and AWS API.

Note that it can be modified in case of trouble and fallback to the older setting using `cloud.aws.protocol: http`

Closes #109.
This commit is contained in:
David Pilato 2014-08-05 12:28:46 +02:00
parent 0474a1bfea
commit 610d9a70a1
3 changed files with 9 additions and 10 deletions

View File

@ -44,19 +44,18 @@ cloud:
### Transport security ### Transport security
By default this plugin uses HTTP for all API calls to AWS endpoints. If you wish to configure HTTPS you can set By default this plugin uses HTTPS for all API calls to AWS endpoints. If you wish to configure HTTP you can set
`cloud.aws.protocol` in the elasticsearch config. You can optionally override this setting per individual service `cloud.aws.protocol` in the elasticsearch config. You can optionally override this setting per individual service
via: `cloud.aws.ec2.protocol` or `cloud.aws.s3.protocol`. via: `cloud.aws.ec2.protocol` or `cloud.aws.s3.protocol`.
``` ```
cloud: cloud:
aws: aws:
protocol: http
s3:
protocol: https protocol: https
ec2: s3:
protocol: http protocol: http
ec2:
protocol: https
``` ```
### Region ### Region

View File

@ -60,7 +60,7 @@ public class AwsEc2Service extends AbstractLifecycleComponent<AwsEc2Service> {
} }
ClientConfiguration clientConfiguration = new ClientConfiguration(); ClientConfiguration clientConfiguration = new ClientConfiguration();
String protocol = componentSettings.get("protocol", "http").toLowerCase(); String protocol = componentSettings.get("protocol", "https").toLowerCase();
protocol = componentSettings.get("ec2.protocol", protocol).toLowerCase(); protocol = componentSettings.get("ec2.protocol", protocol).toLowerCase();
if ("http".equals(protocol)) { if ("http".equals(protocol)) {
clientConfiguration.setProtocol(Protocol.HTTP); clientConfiguration.setProtocol(Protocol.HTTP);

View File

@ -19,9 +19,6 @@
package org.elasticsearch.cloud.aws; package org.elasticsearch.cloud.aws;
import java.util.HashMap;
import java.util.Map;
import com.amazonaws.ClientConfiguration; import com.amazonaws.ClientConfiguration;
import com.amazonaws.Protocol; import com.amazonaws.Protocol;
import com.amazonaws.auth.*; import com.amazonaws.auth.*;
@ -36,6 +33,9 @@ import org.elasticsearch.common.inject.Inject;
import org.elasticsearch.common.settings.Settings; import org.elasticsearch.common.settings.Settings;
import org.elasticsearch.common.settings.SettingsFilter; import org.elasticsearch.common.settings.SettingsFilter;
import java.util.HashMap;
import java.util.Map;
/** /**
* *
*/ */
@ -88,7 +88,7 @@ public class InternalAwsS3Service extends AbstractLifecycleComponent<AwsS3Servic
} }
ClientConfiguration clientConfiguration = new ClientConfiguration(); ClientConfiguration clientConfiguration = new ClientConfiguration();
String protocol = componentSettings.get("protocol", "http").toLowerCase(); String protocol = componentSettings.get("protocol", "https").toLowerCase();
protocol = componentSettings.get("s3.protocol", protocol).toLowerCase(); protocol = componentSettings.get("s3.protocol", protocol).toLowerCase();
if ("http".equals(protocol)) { if ("http".equals(protocol)) {
clientConfiguration.setProtocol(Protocol.HTTP); clientConfiguration.setProtocol(Protocol.HTTP);