unidentifieddeveloper
Add support signing requests
As per https://docs.aws.amazon.com/elasticsearch-service/latest/developerguide/es-request-signing.html do you have plans to implement this?
http://sdk.amazonaws.com/cpp/api/0.14.7/class_aws_1_1_client_1_1_a_w_s_auth_v4_signer.html
Hi! The documentation doesn't mention if it relates to the _search endpoint, which is the only endpoint we're using. It seems as if the signed requests are for putting data back into Elasticsearch which is currently not a focus.
I am running a microservice in fargate and wanted to use blaze to download the index, but i am unsure how best to setup the authentication without having to pass username/password, any suggestions?
Do you have an Elasticsearch index already? Did you try to point Blaze at it and dump it? Blaze handles basic auth but nothing more.
AWS doesn't support username:password as it is basic http auth scheme, they use a scheme which takes the url, headers, payload as its input creates an HMAC and sends it to AWS ES - https://docs.aws.amazon.com/AmazonS3/latest/API/sigv4-auth-using-authorization-header.html
So for example, from https://docs.aws.amazon.com/apigateway/api-reference/signing-requests/:
curl -X GET \
https://search-00000000000000.eu-west-1.es.amazonaws.com/_cat/indices \
-H 'Authorization: AWS4-HMAC-SHA256 Credential=111111/00000000/eu-west-1/es/aws4_request, SignedHeaders=cache-control;content-type;host;postman-token;x-amz-date, Signature=11111111116401882398f46011f14fdb9d55e012a4fb912706d67c1111111111' \
-H 'Content-Type: application/x-www-form-urlencoded' \
-H 'Host: search-00000000000001.eu-west-1.es.amazonaws.com' \
-H 'Postman-Token: 00000000-0000-4001-8006-9291e208a000' \
-H 'X-Amz-Date: 20191010T240000Z' \
-H 'cache-control: no-cache'
I'll see if I can add something which doesn't feel bloated or hard to use. What is the easiest way for me to access a protected index?