Reputation: 41
How session.credentials() is useful for setting a connection in AWS?
I am using AWS Lambda to insert data into Amazon Elasticsearch Service.
To establish a connection with the Elasticsearch instance I am using boto3.session.get_credentials(). I wanted to understand how that can works as security measurement? Should not Elasticsearch instance have password or fixed access_key or something?
credentials = boto3.Session().get_credentials()
awsauth = AWS4Auth(credentials.access_key, credentials.secret_key, region, service, session_token=credentials.token)
es = Elasticsearch(
host=host,
port=portOfElasticsearch,
connection_class=RequestsHttpConnection,
http_auth=awsauth
)
Upvotes: 0
Views: 457
Answers (1)
Reputation: 4476
AWS Elasticsearch solution has some customization that allow authentication via IAM.
This means you will validate your connection using some IAM policy that allow you to connect on Elasticsearch.
That is why you have this: http_auth=awsauth
This code: boto3.session.get_credentials() get the current credential associated with your Lambda.
You didn't mention, but probably you have some role associated with your Lamda. This role has permission to connect on Elasticsearch.
Upvotes: 1
Related Questions
- AWS Session/Credentials/Auth
- Authentication and user creation on lambda serverless
- How to ssh into EC2 instance from lambda function
- When does a new python session in AWS is created?
- Authentication and aws lambda function
- What is difference in AWS lambda and AWS lambda proxy?
- How should I pass my s3 credentials to Python lambda function on AWS?
- AWS Lambda & MySQL Connection Handling
- How to (properly) use external credentials in an AWS Lambda function?
- How to setup AWS Credentials in Python