logstash-input-kinesis 2.0.10-java → 2.0.11-java
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +3 -0
- data/README.md +7 -1
- data/lib/logstash/inputs/kinesis.rb +19 -1
- data/lib/logstash/inputs/kinesis/version.rb +1 -1
- data/logstash-input-kinesis.gemspec +1 -0
- data/spec/inputs/kinesis_spec.rb +20 -0
- data/vendor/jar-dependencies/runtime-jars/com/amazonaws/aws-java-sdk-sts/1.11.414/aws-java-sdk-sts-1.11.414.jar +0 -0
- data/vendor/jar-dependencies/runtime-jars/com/amazonaws/jmespath-java/{1.11.400/jmespath-java-1.11.400.jar → 1.11.414/jmespath-java-1.11.414.jar} +0 -0
- data/vendor/jar-dependencies/runtime-jars/logstash-input-kinesis_jars.rb +4 -2
- metadata +5 -3
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 8b73933809822a3ae0d3dd18eea38e18cba4e7370092efd22729268d290c3424
|
|
4
|
+
data.tar.gz: 003f5c0a310e31efed2644b53bfccea4ec1b2713a391c434168f1cd507350467
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: d60d1dd1700b0d219ae7b5d7c6d59d4b6f4e689a752fb2fe58cc9b218a762a1ba297eb1a91ab9ad2159071263afbac8ed983fbbeaf402836c27960a5c2548eac
|
|
7
|
+
data.tar.gz: c7c65d11674124af023a62763951630b1d3af0d63223c671c75ee44ee13292316a6555b2570f4577d6f4276e9b74b0a1240d27281b5539e97627226a8ecb2d20
|
data/CHANGELOG.md
CHANGED
|
@@ -1,3 +1,6 @@
|
|
|
1
|
+
## 2.0.11
|
|
2
|
+
- Added the ability to assume a role [#40](https://github.com/logstash-plugins/logstash-input-kinesis/pull/40)
|
|
3
|
+
|
|
1
4
|
## 2.0.10
|
|
2
5
|
- Added the ability to set additional settings exposed through KinesisClientLibConfiguration [#51](https://github.com/logstash-plugins/logstash-input-kinesis/pull/51)
|
|
3
6
|
|
data/README.md
CHANGED
|
@@ -48,7 +48,13 @@ This are the properties you can configure and what are the default values:
|
|
|
48
48
|
* **default value**: `nil`
|
|
49
49
|
* `profile`: The AWS profile name for authentication. This ensures that the `~/.aws/credentials` AWS auth provider is used. By default this is empty and the default chain will be used.
|
|
50
50
|
* **required**: false
|
|
51
|
-
|
|
51
|
+
* `role_arn`: The AWS role to assume. This can be used, for example, to access a Kinesis stream in a different AWS
|
|
52
|
+
account. This role will be assumed after the default credentials or profile credentials are created. By default
|
|
53
|
+
this is empty and a role will not be assumed.
|
|
54
|
+
* **required**: false
|
|
55
|
+
* `role_session_name`: Session name to use when assuming an IAM role. This is recorded in CloudTrail logs for example.
|
|
56
|
+
* **required**: false
|
|
57
|
+
* **default value**: `"logstash"`
|
|
52
58
|
* `initial_position_in_stream`: The value for initialPositionInStream. Accepts "TRIM_HORIZON" or "LATEST".
|
|
53
59
|
* **required**: false
|
|
54
60
|
* **default value**: `"TRIM_HORIZON"`
|
|
@@ -55,6 +55,14 @@ class LogStash::Inputs::Kinesis < LogStash::Inputs::Base
|
|
|
55
55
|
# Select AWS profile for input
|
|
56
56
|
config :profile, :validate => :string
|
|
57
57
|
|
|
58
|
+
# The AWS IAM Role to assume, if any.
|
|
59
|
+
# This is used to generate temporary credentials typically for cross-account access.
|
|
60
|
+
# See https://docs.aws.amazon.com/STS/latest/APIReference/API_AssumeRole.html for more information.
|
|
61
|
+
config :role_arn, :validate => :string
|
|
62
|
+
|
|
63
|
+
# Session name to use when assuming an IAM role
|
|
64
|
+
config :role_session_name, :validate => :string, :default => "logstash"
|
|
65
|
+
|
|
58
66
|
# Select initial_position_in_stream. Accepts TRIM_HORIZON or LATEST
|
|
59
67
|
config :initial_position_in_stream, :validate => ["TRIM_HORIZON", "LATEST"], :default => "TRIM_HORIZON"
|
|
60
68
|
|
|
@@ -85,6 +93,14 @@ class LogStash::Inputs::Kinesis < LogStash::Inputs::Base
|
|
|
85
93
|
else
|
|
86
94
|
creds = com.amazonaws.auth::DefaultAWSCredentialsProviderChain.new
|
|
87
95
|
end
|
|
96
|
+
|
|
97
|
+
# If a role ARN is set then assume the role as a new layer over the credentials already created
|
|
98
|
+
unless @role_arn.nil?
|
|
99
|
+
kinesis_creds = com.amazonaws.auth::STSAssumeRoleSessionCredentialsProvider.new(creds, @role_arn, @role_session_name)
|
|
100
|
+
else
|
|
101
|
+
kinesis_creds = creds
|
|
102
|
+
end
|
|
103
|
+
|
|
88
104
|
initial_position_in_stream = if @initial_position_in_stream == "TRIM_HORIZON"
|
|
89
105
|
KCL::InitialPositionInStream::TRIM_HORIZON
|
|
90
106
|
else
|
|
@@ -94,7 +110,9 @@ class LogStash::Inputs::Kinesis < LogStash::Inputs::Base
|
|
|
94
110
|
@kcl_config = KCL::KinesisClientLibConfiguration.new(
|
|
95
111
|
@application_name,
|
|
96
112
|
@kinesis_stream_name,
|
|
97
|
-
|
|
113
|
+
kinesis_creds, # credential provider for accessing the kinesis stream
|
|
114
|
+
creds, # credential provider for creating / accessing the dynamo table
|
|
115
|
+
creds, # credential provider for cloudwatch metrics
|
|
98
116
|
worker_id).
|
|
99
117
|
withInitialPositionInStream(initial_position_in_stream).
|
|
100
118
|
withRegionName(@region)
|
|
@@ -24,6 +24,7 @@ Gem::Specification.new do |spec|
|
|
|
24
24
|
|
|
25
25
|
spec.requirements << "jar 'com.amazonaws:amazon-kinesis-client', '1.9.2'"
|
|
26
26
|
spec.requirements << "jar 'com.amazonaws:aws-java-sdk-core', '1.11.414'"
|
|
27
|
+
spec.requirements << "jar 'com.amazonaws:aws-java-sdk-sts', '1.11.414'"
|
|
27
28
|
|
|
28
29
|
spec.add_runtime_dependency "logstash-core-plugin-api", ">= 1.60", "<= 2.99"
|
|
29
30
|
|
data/spec/inputs/kinesis_spec.rb
CHANGED
|
@@ -26,6 +26,17 @@ RSpec.describe "inputs/kinesis" do
|
|
|
26
26
|
"profile" => "my-aws-profile"
|
|
27
27
|
}}
|
|
28
28
|
|
|
29
|
+
# Config hash to test assume role provider if role_arn is specified
|
|
30
|
+
let(:config_with_role_arn) {{
|
|
31
|
+
"application_name" => "my-processor",
|
|
32
|
+
"kinesis_stream_name" => "run-specs",
|
|
33
|
+
"codec" => codec,
|
|
34
|
+
"metrics" => metrics,
|
|
35
|
+
"checkpoint_interval_seconds" => 120,
|
|
36
|
+
"region" => "ap-southeast-1",
|
|
37
|
+
"role_arn" => "arn:aws:iam::???????????:role/my-role"
|
|
38
|
+
}}
|
|
39
|
+
|
|
29
40
|
# other config with LATEST as initial_position_in_stream
|
|
30
41
|
let(:config_with_latest) {{
|
|
31
42
|
"application_name" => "my-processor",
|
|
@@ -110,6 +121,15 @@ RSpec.describe "inputs/kinesis" do
|
|
|
110
121
|
expect(kinesis_with_profile.kcl_config.get_kinesis_credentials_provider.getClass.to_s).to eq("com.amazonaws.auth.profile.ProfileCredentialsProvider")
|
|
111
122
|
end
|
|
112
123
|
|
|
124
|
+
subject!(:kinesis_with_role_arn) { LogStash::Inputs::Kinesis.new(config_with_role_arn) }
|
|
125
|
+
|
|
126
|
+
it "uses STS for accessing the kinesis stream if role_arn is specified" do
|
|
127
|
+
kinesis_with_role_arn.register
|
|
128
|
+
expect(kinesis_with_role_arn.kcl_config.get_kinesis_credentials_provider.getClass.to_s).to eq("com.amazonaws.auth.STSAssumeRoleSessionCredentialsProvider")
|
|
129
|
+
expect(kinesis_with_role_arn.kcl_config.get_dynamo_db_credentials_provider.getClass.to_s).to eq("com.amazonaws.auth.DefaultAWSCredentialsProviderChain")
|
|
130
|
+
expect(kinesis_with_role_arn.kcl_config.get_cloud_watch_credentials_provider.getClass.to_s).to eq("com.amazonaws.auth.DefaultAWSCredentialsProviderChain")
|
|
131
|
+
end
|
|
132
|
+
|
|
113
133
|
subject!(:kinesis_with_latest) { LogStash::Inputs::Kinesis.new(config_with_latest) }
|
|
114
134
|
|
|
115
135
|
it "configures the KCL" do
|
|
Binary file
|
|
Binary file
|
|
@@ -2,16 +2,17 @@
|
|
|
2
2
|
begin
|
|
3
3
|
require 'jar_dependencies'
|
|
4
4
|
rescue LoadError
|
|
5
|
+
require 'com/amazonaws/aws-java-sdk-sts/1.11.414/aws-java-sdk-sts-1.11.414.jar'
|
|
5
6
|
require 'com/fasterxml/jackson/core/jackson-databind/2.6.7.1/jackson-databind-2.6.7.1.jar'
|
|
6
7
|
require 'com/fasterxml/jackson/core/jackson-core/2.6.7/jackson-core-2.6.7.jar'
|
|
7
8
|
require 'com/fasterxml/jackson/dataformat/jackson-dataformat-cbor/2.6.7/jackson-dataformat-cbor-2.6.7.jar'
|
|
8
9
|
require 'org/apache/httpcomponents/httpclient/4.5.5/httpclient-4.5.5.jar'
|
|
9
|
-
require 'com/amazonaws/jmespath-java/1.11.400/jmespath-java-1.11.400.jar'
|
|
10
10
|
require 'com/amazonaws/aws-java-sdk-s3/1.11.400/aws-java-sdk-s3-1.11.400.jar'
|
|
11
11
|
require 'com/google/guava/guava/18.0/guava-18.0.jar'
|
|
12
12
|
require 'commons-lang/commons-lang/2.6/commons-lang-2.6.jar'
|
|
13
13
|
require 'commons-logging/commons-logging/1.1.3/commons-logging-1.1.3.jar'
|
|
14
14
|
require 'joda-time/joda-time/2.8.1/joda-time-2.8.1.jar'
|
|
15
|
+
require 'com/amazonaws/jmespath-java/1.11.414/jmespath-java-1.11.414.jar'
|
|
15
16
|
require 'software/amazon/ion/ion-java/1.0.2/ion-java-1.0.2.jar'
|
|
16
17
|
require 'com/amazonaws/amazon-kinesis-client/1.9.2/amazon-kinesis-client-1.9.2.jar'
|
|
17
18
|
require 'com/amazonaws/aws-java-sdk-kinesis/1.11.400/aws-java-sdk-kinesis-1.11.400.jar'
|
|
@@ -26,16 +27,17 @@ rescue LoadError
|
|
|
26
27
|
end
|
|
27
28
|
|
|
28
29
|
if defined? Jars
|
|
30
|
+
require_jar 'com.amazonaws', 'aws-java-sdk-sts', '1.11.414'
|
|
29
31
|
require_jar 'com.fasterxml.jackson.core', 'jackson-databind', '2.6.7.1'
|
|
30
32
|
require_jar 'com.fasterxml.jackson.core', 'jackson-core', '2.6.7'
|
|
31
33
|
require_jar 'com.fasterxml.jackson.dataformat', 'jackson-dataformat-cbor', '2.6.7'
|
|
32
34
|
require_jar 'org.apache.httpcomponents', 'httpclient', '4.5.5'
|
|
33
|
-
require_jar 'com.amazonaws', 'jmespath-java', '1.11.400'
|
|
34
35
|
require_jar 'com.amazonaws', 'aws-java-sdk-s3', '1.11.400'
|
|
35
36
|
require_jar 'com.google.guava', 'guava', '18.0'
|
|
36
37
|
require_jar 'commons-lang', 'commons-lang', '2.6'
|
|
37
38
|
require_jar 'commons-logging', 'commons-logging', '1.1.3'
|
|
38
39
|
require_jar 'joda-time', 'joda-time', '2.8.1'
|
|
40
|
+
require_jar 'com.amazonaws', 'jmespath-java', '1.11.414'
|
|
39
41
|
require_jar 'software.amazon.ion', 'ion-java', '1.0.2'
|
|
40
42
|
require_jar 'com.amazonaws', 'amazon-kinesis-client', '1.9.2'
|
|
41
43
|
require_jar 'com.amazonaws', 'aws-java-sdk-kinesis', '1.11.400'
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: logstash-input-kinesis
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 2.0.
|
|
4
|
+
version: 2.0.11
|
|
5
5
|
platform: java
|
|
6
6
|
authors:
|
|
7
7
|
- Brian Palmer
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date:
|
|
11
|
+
date: 2019-01-04 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -99,7 +99,8 @@ files:
|
|
|
99
99
|
- vendor/jar-dependencies/runtime-jars/com/amazonaws/aws-java-sdk-kinesis/1.11.400/aws-java-sdk-kinesis-1.11.400.jar
|
|
100
100
|
- vendor/jar-dependencies/runtime-jars/com/amazonaws/aws-java-sdk-kms/1.11.400/aws-java-sdk-kms-1.11.400.jar
|
|
101
101
|
- vendor/jar-dependencies/runtime-jars/com/amazonaws/aws-java-sdk-s3/1.11.400/aws-java-sdk-s3-1.11.400.jar
|
|
102
|
-
- vendor/jar-dependencies/runtime-jars/com/amazonaws/
|
|
102
|
+
- vendor/jar-dependencies/runtime-jars/com/amazonaws/aws-java-sdk-sts/1.11.414/aws-java-sdk-sts-1.11.414.jar
|
|
103
|
+
- vendor/jar-dependencies/runtime-jars/com/amazonaws/jmespath-java/1.11.414/jmespath-java-1.11.414.jar
|
|
103
104
|
- vendor/jar-dependencies/runtime-jars/com/fasterxml/jackson/core/jackson-annotations/2.6.0/jackson-annotations-2.6.0.jar
|
|
104
105
|
- vendor/jar-dependencies/runtime-jars/com/fasterxml/jackson/core/jackson-core/2.6.7/jackson-core-2.6.7.jar
|
|
105
106
|
- vendor/jar-dependencies/runtime-jars/com/fasterxml/jackson/core/jackson-databind/2.6.7.1/jackson-databind-2.6.7.1.jar
|
|
@@ -138,6 +139,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
138
139
|
requirements:
|
|
139
140
|
- jar 'com.amazonaws:amazon-kinesis-client', '1.9.2'
|
|
140
141
|
- jar 'com.amazonaws:aws-java-sdk-core', '1.11.414'
|
|
142
|
+
- jar 'com.amazonaws:aws-java-sdk-sts', '1.11.414'
|
|
141
143
|
rubyforge_project:
|
|
142
144
|
rubygems_version: 2.6.13
|
|
143
145
|
signing_key:
|