Open rwitzel opened 7 years ago
A third-party API requires us to pass credentials (user ID and secret key) via custom HTTP headers.
At the moment there is no way to specify the credentials without allowing other users to access the credentials.
In #30 a solution is suggested (a proxy in front of the external resource) but users might try to avoid to setup additional resources.
Via environment variables one could specify the following kind of information:
accounts = [ { placeholder_prefix : "ABC", url_pattern : "https://abc.com/api/.*', USER_ID : "myUserId1", // should be encryped via AWS KMS SECRETKEY : "r73fhf83g83gdv327dv" // should be encryped via AWS KMS }, .... ]
The HTTP call in the check would look like:
response = http('https://abc.com/api/v2/status', replace_credentials_placeholder : True, headers={ 'X-ABC-INC-ACCESS-ID': 'ACCOUNTS_ABC_USER_ID', 'X-ABC-INC-SECRET-KEY': 'ACCOUNTS_ABC_SECRETKEY', })
Then ZMON's http component would replace placeholders in the URL and in the headers before doing the actual call.
Background
A third-party API requires us to pass credentials (user ID and secret key) via custom HTTP headers.
At the moment there is no way to specify the credentials without allowing other users to access the credentials.
In #30 a solution is suggested (a proxy in front of the external resource) but users might try to avoid to setup additional resources.
Suggested solution
Via environment variables one could specify the following kind of information:
The HTTP call in the check would look like:
Then ZMON's http component would replace placeholders in the URL and in the headers before doing the actual call.