1 Answer
- Newest
- Most votes
- Most comments
0
You can use Internal master user option. WIth this, the HTTP Basic Auth for direct ES API will work with a username password as well as Cognito integration will work seamlessly. (https://docs.aws.amazon.com/elasticsearch-service/latest/developerguide/fgac.html)
With the internal master user, The rest APIs and signing request will require username and password. See below for examples :
Rest :
curl --user 'username:Password01' https://vpc-testgranular01-xxxxxx.us-west-2.es.amazonaws.com
Signed Req:
es = Elasticsearch(
hosts = [{'host': host, 'port': 443}],
http_auth = ('username','Password01'),
use_ssl = True,
verify_certs = True,
connection_class = RequestsHttpConnection
)
The Cognito Kibana will work too without any issues. However if youchoose IAM for the master user and don't enable Amazon Cognito authentication, Kibana displays a nonfunctional sign-in page and basic auth will not work.
answered 4 years ago
Relevant content
- asked 9 months ago
- asked 6 months ago
- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated 3 months ago