Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add api key auth #3

Open
wants to merge 2 commits into
base: master
Choose a base branch
from
Open

Add api key auth #3

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
0dadcbd
New auth type API_KEY_AUTH
WustmannMatthias Nov 15, 2022
caf2349
Update README.rst
WustmannMatthias Nov 15, 2022
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 2 additions & 2 deletions README.rst
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -109,8 +109,8 @@ The constructors takes the following parameters:
[{'host':'host1','port':9200}, {'host':'host2','port':9200}]


- auth_type: The authentication currently support ElasticECSHandler.AuthType = NO_AUTH, BASIC_AUTH, KERBEROS_AUTH
- auth_details: When ElasticECSHandler.AuthType.BASIC_AUTH is used this argument must contain a tuple of string with the user and password that will be used to authenticate against the Elasticsearch servers, for example ('User','Password')
- auth_type: The authentication currently support ElasticECSHandler.AuthType = NO_AUTH, BASIC_AUTH, KERBEROS_AUTH or API_KEY_AUTH
- auth_details: When ElasticECSHandler.AuthType.BASIC_AUTH or ElasticECSHandler.AuthType.API_KEY_AUTH are used this argument must contain a tuple of string with the user and password that will be used to authenticate against the Elasticsearch servers, for example ('User','Password')
- aws_access_key: When ``ElasticECSHandler.AuthType.AWS_SIGNED_AUTH`` is used this argument must contain the AWS key id of the the AWS IAM user
- aws_secret_key: When ``ElasticECSHandler.AuthType.AWS_SIGNED_AUTH`` is used this argument must contain the AWS secret key of the the AWS IAM user
- aws_region: When ``ElasticECSHandler.AuthType.AWS_SIGNED_AUTH`` is used this argument must contain the AWS region of the the AWS Elasticsearch servers, for example ``'us-east'``
Expand Down
19 changes: 15 additions & 4 deletions elasticecslogging/handlers.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -49,6 +49,7 @@ class AuthType(Enum):
BASIC_AUTH = 1
KERBEROS_AUTH = 2
AWS_SIGNED_AUTH = 3
API_KEY_AUTH = 4

class IndexNameFrequency(Enum):
""" Index type supported
Expand Down Expand Up @@ -164,17 +165,17 @@ def __init__(self,
:param hosts: The list of hosts that elasticsearch clients will connect. The list can be provided
in the format ```[{'host':'host1','port':9200}, {'host':'host2','port':9200}]``` to
make sure the client supports failover of one of the instertion nodes
:param auth_details: When ```ElasticECSHandler.AuthType.BASIC_AUTH``` is used this argument must contain
a tuple of string with the user and password that will be used to authenticate against
the Elasticsearch servers, for example```('User','Password')
:param auth_details: When ```ElasticECSHandler.AuthType.BASIC_AUTH``` or ```ElasticECSHandler.AuthType.API_KEY_AUTH```
are used this argument must contain a tuple of string with the user and password
that will be used to authenticate against the Elasticsearch servers, for example```('User','Password')
:param aws_access_key: When ```ElasticECSHandler.AuthType.AWS_SIGNED_AUTH``` is used this argument must contain
the AWS key id of the the AWS IAM user
:param aws_secret_key: When ```ElasticECSHandler.AuthType.AWS_SIGNED_AUTH``` is used this argument must contain
the AWS secret key of the the AWS IAM user
:param aws_region: When ```ElasticECSHandler.AuthType.AWS_SIGNED_AUTH``` is used this argument must contain
the AWS region of the the AWS Elasticsearch servers, for example```'us-east'
:param auth_type: The authentication type to be used in the connection ```ElasticECSHandler.AuthType```
Currently, NO_AUTH, BASIC_AUTH, KERBEROS_AUTH are supported
Currently, NO_AUTH, BASIC_AUTH, KERBEROS_AUTH and API_KEY_AUTH are supported
You can pass a str instead of the enum value. It is useful if you are using a config file for
configuring the logging module.
:param use_ssl: A boolean that defines if the communications should use SSL encrypted communication
Expand Down Expand Up @@ -301,6 +302,16 @@ def __get_es_client(self):
)
return self._client

if self.auth_type == ElasticECSHandler.AuthType.API_KEY_AUTH:
if self._client is None:
return Elasticsearch(hosts=self.hosts,
api_key=self.auth_details,
use_ssl=self.use_ssl,
verify_certs=self.verify_certs,
connection_class=RequestsHttpConnection,
serializer=self.serializer)
return self._client

raise ValueError("Authentication method not supported")

def test_es_source(self):
Expand Down