Commit f302209c authored by Rucha Deshpande's avatar Rucha Deshpande
Browse files

Read ES credentials from secrets manager

commit 05065157 
Author: Rucha Deshpande <deshruch@amazon.com> 
Date: Thu Jun 03 2021 14:02:49 GMT-0500 (Central Daylight Time) 

    bug fix


commit e10bb09c 
Author: Rucha Deshpande <deshruch@amazon.com> 
Date: Thu Jun 03 2021 13:57:29 GMT-0500 (Central Daylight Time) 

    read ES credentials from Secrets Manager
parent fc63e8f8
......@@ -14,6 +14,9 @@
package org.opengroup.osdu.search.provider.aws.persistence;
import lombok.AccessLevel;
import lombok.Getter;
import lombok.Setter;
import org.opengroup.osdu.core.common.model.tenant.TenantInfo;
import javax.annotation.PostConstruct;
......@@ -24,6 +27,7 @@ import org.opengroup.osdu.core.common.model.search.ClusterSettings;
import org.opengroup.osdu.core.common.provider.interfaces.IElasticRepository;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.stereotype.Component;
import org.opengroup.osdu.core.aws.secrets.SecretsManager;
@Component
public class ElasticRepositoryImpl implements IElasticRepository {
......@@ -51,27 +55,32 @@ public class ElasticRepositoryImpl implements IElasticRepository {
@Value("${aws.elasticsearch.host}")
String hostParameter;
@Value("${aws.elasticsearch.username}")
String usernameParameter;
@Value("${ aws.elasticsearch.credentials.secret}")
String elasticCredentialsSecret;
@Value("${aws.region}")
private String amazonRegion;
@Value("${aws.elasticsearch.password}")
String passwordParameter;
@Value("${aws.ssm}")
String ssmEnabledString;
private ParameterStorePropertySource ssm;
@PostConstruct
private void postConstruct() {
if( Boolean.parseBoolean(ssmEnabledString)) {
SSMConfig ssmConfig = new SSMConfig();
ssm = ssmConfig.amazonSSM();
host = ssm.getProperty(hostParameter).toString();
port = Integer.parseInt(ssm.getProperty(portParameter).toString());
username = ssm.getProperty(usernameParameter).toString();
password = ssm.getProperty(passwordParameter).toString();
port = Integer.parseInt(ssm.getProperty(portParameter).toString());
}
SecretsManager sm = new SecretsManager();
username = sm.getSecret(elasticCredentialsSecret,amazonRegion,"username");
password = sm.getSecret(elasticCredentialsSecret,amazonRegion,"password");
//elastic expects username:password format
usernameAndPassword = String.format("%s:%s", username, password);
......
......@@ -14,6 +14,7 @@
package org.opengroup.osdu.search.provider.aws.service;
import org.opengroup.osdu.core.aws.secrets.SecretsManager;
import org.opengroup.osdu.core.aws.ssm.ParameterStorePropertySource;
import org.opengroup.osdu.core.aws.ssm.SSMConfig;
import org.opengroup.osdu.core.common.model.search.ClusterSettings;
......@@ -52,27 +53,31 @@ public class ElasticSettingServiceImpl implements IElasticSettingService {
@Value("${aws.elasticsearch.host}")
String hostParameter;
@Value("${aws.elasticsearch.username}")
String usernameParameter;
@Value("${ aws.elasticsearch.credentials.secret}")
String elasticCredentialsSecret;
@Value("${aws.elasticsearch.password}")
String passwordParameter;
@Value("${aws.region}")
private String amazonRegion;
@Value("${aws.ssm}")
String ssmEnabledString;
private ParameterStorePropertySource ssm;
@PostConstruct
private void postConstruct() {
if( Boolean.parseBoolean(ssmEnabledString)) {
SSMConfig ssmConfig = new SSMConfig();
ssm = ssmConfig.amazonSSM();
host = ssm.getProperty(hostParameter).toString();
port = Integer.parseInt(ssm.getProperty(portParameter).toString());
username = ssm.getProperty(usernameParameter).toString();
password = ssm.getProperty(passwordParameter).toString();
port = Integer.parseInt(ssm.getProperty(portParameter).toString());
}
SecretsManager sm = new SecretsManager();
username = sm.getSecret(elasticCredentialsSecret,amazonRegion,"username");
password = sm.getSecret(elasticCredentialsSecret,amazonRegion,"password");
//elastic expects username:password format
usernameAndPassword = String.format("%s:%s", username, password);
......
......@@ -56,8 +56,7 @@ aws.ssm.prefix=/osdu/${ENVIRONMENT}
aws.elasticsearch.host=${aws.ssm.prefix}/elasticsearch/end-point
aws.elasticsearch.port=${aws.ssm.prefix}/elasticsearch/end-point-port
aws.elasticsearch.username=${aws.ssm.prefix}/elasticsearch/username
aws.elasticsearch.password=${aws.ssm.prefix}/elasticsearch/password
aws.elasticsearch.credentials.secret=${aws.ssm.prefix}/elasticsearch/credentials
server.ssl.enabled=${SSL_ENABLED:true}
server.ssl.key-store-type=PKCS12
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment