The plugin will default to using
credentials for authentication. These can be overridden by, in increasing
order of precedence, system properties
AWS_SECRET_KEY, or the
elasticsearch config using
if you wish to set credentials specifically for s3
cloud: aws: access_key: AKVAIQBF2RECL7FJWGJQ secret_key: vExyMThREXeRMm/b/LRzEB8jWwvzQeXgjqMX+6br
By default this plugin uses HTTPS for all API calls to AWS endpoints. If you wish to configure HTTP you can set
cloud.aws.protocol in the elasticsearch config. You can optionally override this setting per individual service
cloud: aws: protocol: https s3: protocol: http ec2: protocol: https
In addition, a proxy can be configured with the
(note that protocol can be
cloud: aws: protocol: https proxy: host: proxy1.company.com port: 8083 username: myself password: theBestPasswordEver!
You can also set different proxies for
cloud: aws: s3: proxy: host: proxy1.company.com port: 8083 username: myself1 password: theBestPasswordEver1! ec2: proxy: host: proxy2.company.com port: 8083 username: myself2 password: theBestPasswordEver2!
cloud.aws.region can be set to a region and will automatically use the relevant settings for both
You can specifically set it for s3 only using
The available values are:
us-east-1) for US East (N. Virginia)
us-west-1) for US West (N. California)
us-west-2for US West (Oregon)
ap-south-1for Asia Pacific (Mumbai)
ap-southeast-1) for Asia Pacific (Singapore)
ap-southeast-2for Asia Pacific (Sydney)
ap-northeast-1) for Asia Pacific (Tokyo)
ap-northeast-2) for Asia Pacific (Seoul)
eu-west-1) for EU (Ireland)
eu-central-1) for EU (Frankfurt)
sa-east-1) for South America (São Paulo)
cn-north-1) for China (Beijing)
If you are using a S3 compatible service, they might be using an older API to sign the requests.
You can set your compatible signer API using
cloud.aws.s3.signer) with the right
signer to use.
If you are using a compatible S3 service which do not support Version 4 signing process, you may need to
S3SignerType, which is Signature Version 2.