dblock
commented
11 months ago This feels like an OSB problem because the AWS service is definitely es and aoss, not aos, no?
Closed IanHoang closed 11 months ago
dblock
commented
11 months ago This feels like an OSB problem because the AWS service is definitely es and aoss, not aos, no?
IanHoang
commented
11 months ago @dblock AWS service uses es for AWS CLI still but OSB only has a check added by a contributor a few months back:
if aws_log_in_dict["service"] not in ['es', 'aoss']:
self.logger.error("Service for aws log in should be one of 'es' or 'aoss'")
raise exceptions.SystemSetupError(
"Cannot specify service as '{}'. Accepted values are 'es' or 'aoss'.".format(
aws_log_in_dict["service"])
)Since OSB relies on opensearch-py to communicate with target clusters, I believe the contributor added this check because opensearch-py might not support aos at the moment and also has the following line:
https://github.com/opensearch-project/opensearch-py/blob/84ac172ddc54b3e6c975d36221d16ec3e78a2fe9/opensearchpy/helpers/signer.py#L51
dblock
commented
11 months ago @IanHoang That default is correct, the service code is "es". Service codes are used to scope service credentials. Do you not agree?
IanHoang
commented
11 months ago @dblock You're right, thanks for calling this out! opensearch-py uses botocore, which still uses es. Closing this issue
What is the bug?
When users are using OSB to test a SigV4 authenticated opensearch cluster, they set the environment variable to
aosoraoss. However, AWSSigV4Auth class takesesinstead ofaos. This could be misleading to new OpenSearch users.Are there any plans to support
aoson top ofesandaoss?How can one reproduce the bug?
Error encountered:
What is the expected behavior?
opensearch-py should accept
aosas well on top ofesandaoss.What is your host/environment?
Occurs on MacOS, Linux and with Amazon Managed-Service Clusters
Do you have any screenshots?
N/A
Do you have any additional context?
N/A