The plugin will default to using
credentials for authentication. These can be overridden by, in increasing
order of precedence, system properties
AWS_SECRET_KEY, or the
elasticsearch config using
cloud: aws: access_key: AKVAIQBF2RECL7FJWGJQ secret_key: vExyMThREXeRMm/b/LRzEB8jWwvzQeXgjqMX+6br
By default this plugin uses HTTPS for all API calls to AWS endpoints. If you wish to configure HTTP you can set
cloud.aws.protocol in the elasticsearch config. You can optionally override this setting per individual service
cloud: aws: protocol: https s3: protocol: http ec2: protocol: https
In addition, a proxy can be configured with the
(note that protocol can be
cloud: aws: protocol: https proxy: host: proxy1.company.com port: 8083 username: myself password: theBestPasswordEver!
You can also set different proxies for
cloud: aws: s3: proxy: host: proxy1.company.com port: 8083 username: myself1 password: theBestPasswordEver1! ec2: proxy: host: proxy2.company.com port: 8083 username: myself2 password: theBestPasswordEver2!
cloud.aws.region can be set to a region and will automatically use the relevant settings for both
The available values are:
If you are using a compatible EC2 or S3 service, they might be using an older API to sign the requests.
You can set your compatible signer API using
with the right signer to use.
If you are using a compatible S3 service which do not support Version 4 signing process, you may need to use
cloud.aws.s3.signer, which is Signature Version 2.