In order to use this module, you must configure one or more API-keys. API-keys
are stored as a list of acceptable keys under
api_keys at the root level of the ACL. For example:
default: deny api_keys: - s6aW9aAMZjDMbuhj - 6hKZsTqBru9KnVaW auth: users: ... rules: - ...
In the above example, both
6hKZsTqBru9KnVaW would be
There are several settings introduced by this module:
- A comma-separated list of host suffixes that trigger our attempt to
authenticate with Elasticsearch Service. Defaults to
- A comma-separated list of ports that trigger our SSL support. Defaults to
- An API-key which is used to authorize this client when connecting to Elasticsearch Service. API-keys are managed via the console as a list of Strings
under the root level key "api_keys". Defaults to
- Whether to accept self-signed certificates when using SSL. This is unsafe and
allows for MITM-attacks, but may be useful for testing. Defaults to
- The interval in which to send keep-alive messages. Defaults to
20s. Set to
We recommend setting
30s and setting
30s when using Elasticsearch over non-local networks (this also goes for deployments in the same Amazon EC2 region, as the connections may be routed across a regions availability zones).
Not doing so may greatly increase the number of disconnects and reconnects due to intermittent slow routers / congested networks / garbage collection and a host of other transient problems.