Lightrun
question-mark
Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

[FEATURE] Add IAM authentication option

See original GitHub issue

If people want to connect to an Amazon OpenSearch Service cluster, they have to figure out how to use this client alongside some third-party signing library and/or the AWS SDK, which is non-trivial due to how we (by design) conceal the underlying HTTP requests that the client makes. We should offer IAM signing as an option, just like the OpenSearch CLI does.

Is your feature request related to a problem?

If you want to use this client with an Amazon OpenSearch Service cluster that has IAM authentication rather than basic authentication, it’s a challenge. The best solution is to use the requests_aws4auth library.

What solution would you like?

Something like how requests_aws4auth works:

awsauth = AWS4Auth(credentials.access_key, credentials.secret_key, region, service, session_token=credentials.token)

search = OpenSearch(
    hosts = [{'host': host, 'port': 443}],
    http_auth = awsauth,
    use_ssl = True,
    verify_certs = True,
    connection_class = RequestsHttpConnection
)

What alternatives have you considered?

Maintaining the status quo, which is admittedly the best of all the clients, but still suboptimal.

Do you have any additional context?

https://github.com/opensearch-project/OpenSearch/issues/1400

Issue Analytics

  • State:closed
  • Created 2 years ago
  • Reactions:4
  • Comments:6 (4 by maintainers)

github_iconTop GitHub Comments

1reaction
lizsnydercommented, Mar 22, 2022

Perfect, thanks @Shivamdhar. I’ll add a similar sample to the AWS docs.

0reactions
GuanLinZhangcommented, Nov 8, 2022
Read more comments on GitHub >

github_iconTop Results From Across the Web

[FEATURE] Add IAM authentication option #187 - GitHub
When initializing the client, accept an iam_auth option in place of the current basic auth option. If basic, accept username and password. If ......
Read more >
Enabling and disabling IAM database authentication
Enabling and disabling IAM database authentication · In the navigation pane, choose Databases. · Choose the DB instance that you want to modify....
Read more >
Manage users with IAM authentication - PostgreSQL
This page describes how to add a user or service account that uses IAM database authentication to a database and how to manage...
Read more >
How do I implement IAM authentication for APIs in API Gateway?
Find more details in the AWS Knowledge Center: http://amzn.to/2ZaCdlSJoely, an AWS Cloud Support Engineer, shows you how to implement IAM ...
Read more >
Options for providing IAM credentials - Amazon Redshift
Under App Registration > your-application-name > Authentication, add Mobile And Desktop Application. Specify the URL as http://localhost/redshift/. In the SAML ...
Read more >

github_iconTop Related Medium Post

No results found

github_iconTop Related StackOverflow Question

No results found

github_iconTroubleshoot Live Code

Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free

github_iconTop Related Reddit Thread

No results found

github_iconTop Related Hackernoon Post

No results found

github_iconTop Related Tweet

No results found

github_iconTop Related Dev.to Post

No results found

github_iconTop Related Hashnode Post

No results found
Previous page

[PROPOSAL] Plugins Python Client Interface

Next page

[FEATURE] Migration guide from elasticsearch-py