I am able to set up an unauthenticated subscription to a topic without issues, both using the web console and via the golang sdk.
I have tried to add basic authentication to the endpoint, however I'm seeing some strange behaviour. When I set the endpoint https://username:password@x.example.com/path via the golang sdk, the credentials I get sent are username:****! The console list of subscriptions displays the endpoint as https://username:****@x.example.com/path, so it looks like it's using the display password as the actual one?
I attempted to do the same via the console. This displays the same endpoint (with redacted password), but the subscription confirmation request sends the correct credentials through. Once the subscription is confirmed though I am able to click through it in the console and it's displayed as https://username:password@x.example.com/**** - it's redacting the path and not the password! I have not yet sent any messages via the topic as I'm not set up for it easily to know if it works ok for notification messages, and I cannot click through an unconfirmed request to see how the sdk created subscription shows.
So, I think there are 2 issues - setting basic auth credentials from the (at least golang) sdk results in invalid passwords being set, and creating it via the console redacts the wrong information, leaking the endpoint password. Has anyone else seen similar behaviour? I'm going to include the security tag as it seems to me there is an attempt being made to redact the password from the console but it's failing.
AWS公式更新しました 3年前
