-
Type:
Bug
-
Status: Open
-
Priority:
Major
-
Resolution: Unresolved
-
Affects Version/s: 10.2-SNAPSHOT, 10.2
-
Fix Version/s: QualifiedToSchedule
-
Component/s: Infrastructure
-
Tags:
Currently we can use two strategies to authenticate Amazon ES service requests:
- IP based - Any call from that IP address will be allowed access or be denied access to the resource in question ( this works already with the current RestClient when Nuxeo and ES are in the same VPC)
- Originating Principal - you are required to include information that AWS can use to authenticate the requestor as part of every request to your Amazon ES endpoint, so we nee to sign the request using Signature Version 4. (not supported yet in Nuxeo)
We need to add support for the second strategy as there are situation where we can not implement the security strategy based only on IP restrictions. ( when Nuxeo is deployed on a OpenShift cluster for example)
- is duplicated by
-
NXP-28632 Enable request signing using the AWS SDK when using an AWS ES cluster
-
- Open
-
