README
¶
#aws-auth-proxy
##Installation
pre-reqs:
- go1.5
- glide package manager
#requires go1.5
export GO15VENDOREXPERIMENT=1
mkdir -p $GOPATH/src/github.com/coreos
cd $GOPATH/src/github.com/coreos
git clone https://github.com/coreos/aws-auth-proxy
cd aws-auth-proxy
glide install
go build github.com/coreos/aws-auth-proxy
Example
# aws elasticsearch example
./aws-auth-proxy \
-access-key=xxx \
-secret-key=xxxx \
-service-name=es \
-region-name=<your-aws-region> \
-upstream-host=<your-aws-elastic-search-endpoint> \
-upstream-scheme=https \
-listen-address=":9200"
Docker Example - Without Secrets
docker run -e "SECRETS=s3://bucket/secrets.sh" \
pocket/aws-auth-proxy \
aws-auth-proxy \
-access-key=$AWS_ACCESSKEY_ID \
-secret-key="$AWS_SECRET_ACCESS_KEY" \
-service-name=es \
-region-name=us-east-1 \
-upstream-host=search-pegasus-tsnviyopp6ai5z5nxlnzued2ea.us-east-1.es.amazonaws.com \
-upstream-scheme=https \
-listen-address=":9200"
Docker Example - With Secrets
Secrets: s3://pocket-ecs-staging/pegasus-elasticsearch-proxy/secrets.sh
export AWS_ACCESSKEY_ID=foo
export AWS_SECRET_ACCESS_KEY=bar
export AWS_SERVICE_NAME=es
export AWS_REGION=us-west-2
export UPSTREAM_HOST=search-pegasus-tsnviyopp6ai5z5nxlnzued2ea.us-east-1.es.amazonaws.com
export UPSTREAM_SCHEME=https
export LISTEN_PORT=9200
Command:
docker run -e "s3://pocket-ecs-staging/pegasus-elasticsearch-proxy/secrets.sh" pocket/aws-auth-proxy
Command with local AWS credentials:
docker run -it -v "$HOME/.aws:/root/.aws" -e "SECRETS=s3://pocket-ecs-staging/pegasus-elasticsearch-proxy/secrets.sh" auth-proxy pocket/aws-auth-proxy
Your proxied elasticsearch endpoint is now here: http://localhost:9200
No more securing elastic search endpoints with IP addresses!
Documentation
¶
There is no documentation for this package.
Source Files
Click to show internal directories.
Click to hide internal directories.