Closed cedricvanrompay-datadog closed 9 months ago
Does it have to be the user agent? Or could it be another request parameter?
Looking at the CloudTrail documentation, it seems the request parameters are recorded as well, but it's not clear if only the parameters expected by the service are included.
Would a --http-header 'X-Pipeline: foo'
parameter work for you?
Let me try and get back to you
From a quick look, it seems that:
So for now the user agent seems to be the only option for us.
I've implemented this with an environment variable setting a JVM system property. Try setting the JSIGN_OPTS
variable before invoking Jsign:
export JSIGN_OPTS=-Dhttp.agent=foo
jsign --storetype AWS --keystore eu-west-3 ...
Let me know if that works for you.
We have several CI pipelines using JSign to sign various Windows packages, and we would like to have a trace in the AWS KMS CloudTrail logs which pipeline each access comes from.
One quick and simple way of doing it would be to add this info in the user agent used by JSign when sending requests to AWS KMS.
However as of now the user agent seems to be a constant: https://github.com/ebourg/jsign/blob/14dc018bc725f902f142b67e82128849969418f4/jsign-core/src/main/java/net/jsign/jca/RESTClient.java#L69
Would is be possible to add a
--user-agent
command-line argument to overwrite the default user agent?Happy to provide the PR if needed.