Page History
There are 3 different ways to connect with authentication: with username/password, Azure AD or Amazon Web Services (AWS).
Step-by-step guide (Username/password)
To connect to an Elasticsearch with basic authentication you will need to encrypt your password and add the right values to the configuration.
Step-by-step guide
Follow the next steps:
- Encrypt the password.
- Locate on <saga>/bin the file saga-secure-<version>.jar
In a terminal run, in Saga's root folder.
Code Block language text title Console / Terminal / Command java -jar bin/saga-secure-<version>.jar -ep=<password> -config="config/config.json"
- Keep the generated pwd.txt file at hand, you'll need to reference it in the configuration.
- Update the configuration in <saga>/config/config.json.
Update "providers"
Saga_json "providers": [ { "name": "filesystem-provider", "type": "FileSystem", "baseDir": "./config" }, { "name": "saga-provider", "type": "Elastic", "indexName": "saga", "nodeUrls": ["http://localhost:9200"], "authentication":"none" "user": "<username>", "password": "<path_to_pwd_file>", "timestamp": "updatedAt", "exclude": [ "updatedAt", "createdAt" ] }- Notice the values of "user" and "password".
Update "solutions"
Saga_json "solutions": [ { "display": "Saga", "elasticSearch": { "nodeUrls": ["http://localhost:9200"], "indexName": "saga", "user": "<username>", "password": "<path_to_pwd_file>", "timeout": 30, "delay": 5, "retries": 3 } } ]- Again notice the values of "user" and "password".
...
- Copy Saga's encryption key file to <aspire>/bin/
- Copy pwd.txt to <aspire>/bin/ as well.
Update the Saga's config file (the one within the Aspire configuration folder) to reflect the relative path of those files:
Saga_json { "config": { "security": { "encryptionKeyFile": "./bin/saga.ek" }, "libraryJars": [ "./lib" ], ... "providers": [ { "name": "filesystem-provider", "type": "FileSystem", "baseDir": "./config" }, { "name": "saga-provider", "type": "Elastic", "indexName": "saga", "nodeUrls": [ "http://localhost:9200" ], "user": "<user>", "password": "./bin/pwd.txt", "timestamp": "updatedAt", "exclude": [ "updatedAt", "createdAt" ], "maxResults": 2000000 } ] }- Notice the values of "encryptionKeyFile" and "password".
Step-by-step guide (AWS)
To connect to an Elasticsearch with AWS authentication you will need to set your Amazon Web Services credentials locally as environmental variables or get them from the ECS or EC2 credentials.
Follow the next steps:
- Set your AWS credentials.
- Set your credentials using the AWS CLI. You can see how to do that here.
- Or, you can load credentials from you ECS or EC2 instance. With IAM roles for Amazon ECS Tasks, you can specify an IAM role that can be used by the containers in a task to access AWS resources.
Info title Note SagaElasticIndexer gets the credentials automatically by getting the credentials file. That is why you only need to specify region and service in the config file which is below this note.
- Update the configuration in <saga>/config/config.json.
Update "providers" using authentication factor as "aws".
Saga_json "providers": [ { "name": "filesystem-provider", "type": "FileSystem", "baseDir": "./config" }, { "name": "saga-provider", "type": "Elastic", "indexName": "saga", "nodeUrls": ["http://localhost:9200"], "authentication":"aws", "service": "<aws_service>", "region": "<region_where_the_aws_service_is_located>" "timestamp": "updatedAt", "exclude": [ "updatedAt", "createdAt" ] }- Notice the values of "service" and "region".
Update "solutions" using authentication factor as "aws".
Saga_json "solutions": [ { "display": "Saga", "elasticSearch": { "nodeUrls": ["http://localhost:9200"], "indexName": "saga", "authentication":"aws", "service": "<aws_service>", "region": "<region_where_the_aws_service_is_located>", "timeout": 30, "delay": 5, "retries": 3 } } ]- Again notice the values of "service" and "region".
Related articles
| Content by Label | ||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
...
Overview
Content Tools