IMPORTANT: No additional bug fixes or documentation updates will be released for this version. For the latest information, see the current release documentation.
Elastic Docs Elasticsearch Plugins and Integrations [6.4] Snapshot/Restore Repository Plugins S3 Repository Plugin
« Getting started with AWS Repository Settings »

Client Settingsedit

The client that you use to connect to S3 has a number of settings available. The settings have the form s3.client.CLIENT_NAME.SETTING_NAME. The default client name that is looked up by an s3 repository is default. It can be modified using the repository setting client. For example:

PUT _snapshot/my_s3_repository
{
  "type": "s3",
  "settings": {
    "bucket": "my_bucket",
    "client": "my_alternate_client"
  }
}

Most client settings can be added to the elasticsearch.yml configuration file with the exception of the secure settings, which you add to the Elasticsearch keystore. For more information about creating and updating the Elasticsearch keystore, see Secure settings.

For example, before you start the node, run these commands to add AWS access key settings to the keystore:

bin/elasticsearch-keystore add s3.client.default.access_key
bin/elasticsearch-keystore add s3.client.default.secret_key

All client secure settings of this plugin are reloadable. After you reload the settings, the internal s3 clients, used to transfer the snapshot contents, will utilize the latest settings from the keystore. Any existing s3 repositories, as well as any newly created ones, will pick up the new values stored in the keystore.

In progress snapshot/restore tasks will not be preempted by a reload of the client’s secure settings. The task will complete using the client as it was built when the operation started.

The following list contains the available client settings. Those that must be stored in the keystore are marked as "secure" and are reloadable; the other settings belong in the elasticsearch.yml file.

access_key (Secure)
An s3 access key. The secret_key setting must also be specified.
secret_key (Secure)
An s3 secret key. The access_key setting must also be specified.
session_token
An s3 session token. The access_key and secret_key settings must also be specified. (Secure)
endpoint
The s3 service endpoint to connect to. This will be automatically figured out by the s3 client based on the bucket location, but can be specified explicitly. See http://docs.aws.amazon.com/general/latest/gr/rande.html#s3_region.
protocol
The protocol to use to connect to s3. Valid values are either http or https. Defaults to https.
proxy.host
The host name of a proxy to connect to s3 through.
proxy.port
The port of a proxy to connect to s3 through.
proxy.username (Secure)
The username to connect to the proxy.host with.
proxy.password (Secure)
The password to connect to the proxy.host with.
read_timeout
The socket timeout for connecting to s3. The value should specify the unit. For example, a value of 5s specifies a 5 second timeout. The default value is 50 seconds.
max_retries
The number of retries to use when an s3 request fails. The default value is 3.
use_throttle_retries
Whether retries should be throttled (ie use backoff). Must be true or false. Defaults to true.
« Getting started with AWS Repository Settings »