Reputation: 18186
Can't connect to Elasticsearch (access key & secret not being respected) when running under IIS
I'm using the ElasticClient C# class for connecting to an Elasticsearch instance hosted on AWS.
var pool = new SingleNodeConnectionPool(new Uri(Url));
var httpConnection = new AwsHttpConnection(Region);
var config = new ConnectionSettings(pool, httpConnection)
.PrettyJson()
.DisableDirectStreaming()
.DefaultTypeName(TYPE)
.DefaultIndex(INDEX);
_client = new ElasticClient(config);
For setting the access key and secret, I have a credentials file stored on my Windows computer here: C:\Users\{username}\.aws\credential. It has a "default" entry, so setting the profile name manually shouldn't be required. This is working fine when I run my ASP.NET Core web application with Launch set to Project.
However, as soon as I change to Launch: IIS...
...then the Elasticsearch connection fails. Whenever I try to execute a query, it errors:
Message=Invalid NEST response built from a unsuccessful low level call on POST: /{url1}/{url2}/_search?pretty=true&typed_keys=true
Audit trail of this API call:
- 1 BadRequest: Node: https://{url1}.us-east-1.es.amazonaws.com/ Took: 00:00:00.0090414
OriginalException: System.Net.Http.HttpRequestException: A socket operation was attempted to an unreachable network --->
System.Net.Sockets.SocketException: A socket operation was attempted to an unreachable network
The IIS website is running with an app pool set to use my Windows account. Clearly, it's ignoring the .aws credentials when running under IIS. I also tried creating profiles using the AWS Explorer Visual Studio 2017 extension, both "default" as well as a custom named one.
I tried installing the AWSSDK.Extensions.NETCore.Setup nuget package in my ASP.NET Core project, and specifying the custom named profile in appsettings.json, both like this:
"AWS": {
"Profile": "local-dev-profile",
"Region": "us-east-1"
}
And like this:
"AppSettings": {
"AWSProfileName": "local-dev-profile",
},
Neither works, I still get the same "A socket operation was attempted to an unreachable network" error. I've followed all of the AWS guides and feel like I'm doing this correctly, but it just won't work under IIS. Any help would be appreciated.
Upvotes: 0
Views: 1523
Answers (1)
Reputation: 18186
I was able to get this working, for some reason when running under IIS it doesn't pull in the access key and secret like it normally would, probably related to the magic that occurs in ASP.NET Core to run under IIS. I had to add the keys to my launchSettings.json file instead to get it to work in IIS (which gets copied as ENVIRONMENT_VARIABLES to the web.config.)
Here is what an IIS profile in launchSettings.json would look like:
"MobileApi IIS (DEV)": {
"commandName": "IIS",
"launchUrl": "{url}",
"environmentVariables": {
"AWS_SECRET_ACCESS_KEY": "{value}",
"AWS_ACCESS_KEY_ID": "{value}",
"ASPNETCORE_ENVIRONMENT": "Development"
},
"applicationUrl": "{url}"
},
Upvotes: 1
Related Questions
- ElasticSearch on local machine Windows 10 asking Username & Password
- .NET NEST client for Elasticsearch
- access elastic search using C# after setting up security
- Setting up Elasticsearch with right settings and configurations in windows servers for production use
- ElasticSearch .Net Nest issue with configuring indexSettings
- Authorization bearer token with NEST elasticsearch and C#
- ElasticSearch authentication error with ElasticCloud?
- ElasticSearch Nest Client cannot be found in .NET Core
- NEST 2.0 ElasticSearch2 and .NET C# WebAPI
- Elasticsearch.net client can't do basic search