search

atomita / fluent-plugin-aws-elasticsearch-service

This repository is extends of https://github.com/uken/fluent-plugin-elasticsearch/ which made connectable to Amazon Elassticsearch Service using Aws Signers V4. Please check the requirements to connect to Amazon Elassticsearch Service without using Aws Signers V4 for before starting use. (reference https://groups.google.com/forum/#!msg/fluentd/uW87VAOqxeE/cfhenicEBAAJ)
MIT License
122 stars 49 forks source link

Does this module support AWS ES 6.0 #41

Closed davideagle closed 5 years ago

davideagle commented 6 years ago

I'm running fluent-plugin-aws-elasticsearch-service 1.0.0 and fluentd 0.14 configured against aws elasticsearch 2.3 but after upgrade it throws error_class=Elasticsearch::Transport::Transport::Errors::Forbidden error="[403] {\"Message\":\"User: arn:aws:sts::ID:assumed-role/es-dev-write/fluentd is not authorized to perform: es:ESHttpPost on resource: tf-dev-icelandair-es\"}

Same config works fine against ES 2.3

mmadsen commented 6 years ago

Having the same problem with ES 6.0.

cosmo0920 commented 5 years ago

Hi. I couldn't reproduce this issue with the following access policy and configuration:

{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Effect": "Allow",
      "Principal": {
        "AWS": "arn:aws:iam::ACCOUNT-ID:MASKED"
      },
      "Action": "es:*",
      "Resource": "arn:aws:es:REGION:ACCUNT-ID:domain/USER_DOMAIN/*"
    }
  ]
}
<match test.**>
  @type aws-elasticsearch-service
  @log_level info
  with_transporter_log true
  type_name fluentd
  logstash_format true
  include_tag_key true
  flush_interval 1s
  <endpoint>
    url https://search-USER_DOMAIN-xxxxx.REGION.es.amazonaws.com
    region ap-northeast-1
    assume_role_arn arn:aws:es:ap-northeast-1:ACCOUNT_ID:domain/USER_DOMAIN
    assume_role_session_name fluentd # Defaults to fluentd if omitted
    access_key_id USER_KEY_ID
    secret_access_key USER_SECRET_ACCESS_KEY
  </endpoint>
</match>

Gem list:

% bundle exec gem list                                                                                        (git)[master][OK]

*** LOCAL GEMS ***

aws-eventstream (1.0.1)
aws-partitions (1.136.0)
aws-sdk-core (3.46.0)
aws-sigv4 (1.0.3)
bundler (default: 1.17.2)
cool.io (1.5.3)
diff-lcs (1.3)
dig_rb (1.0.1)
elasticsearch (6.1.0)
elasticsearch-api (6.1.0)
elasticsearch-transport (6.1.0)
excon (0.62.0)
faraday (0.15.4)
faraday_middleware-aws-sigv4 (0.2.4)
fluent-plugin-aws-elasticsearch-service (2.0.0)
fluent-plugin-elasticsearch (3.1.0)
fluentd (1.3.3)
http_parser.rb (0.6.0)
jmespath (1.4.0)
msgpack (1.2.6)
multi_json (1.13.1)
multipart-post (2.0.0)
power_assert (1.1.3)
rake (10.5.0)
rspec (3.8.0)
rspec-core (3.8.0)
rspec-expectations (3.8.2)
rspec-mocks (3.8.0)
rspec-support (3.8.0)
serverengine (2.1.0)
sigdump (0.2.4)
strptime (0.2.3)
test-unit (3.3.0)
thread_safe (0.3.6)
tzinfo (1.2.5)
tzinfo-data (1.2018.9)
yajl-ruby (1.4.1)

I'm using ES 6.4 on AWS Elasticsearch Service.

cosmo0920 commented 5 years ago

I cannot reproduce this issue and confirmed that working with AWS ES 6.0. Closing.