logstash-input-s3-sns-sqs 1.4.6 → 1.4.8

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (5) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +5 -0
  3. data/lib/logstash/inputs/s3snssqs.rb +34 -12
  4. data/logstash-input-s3-sns-sqs.gemspec +1 -1
  5. metadata +2 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: b306531064b4c30538ebf2825ad8ccd3cffc1723
4
- data.tar.gz: 3166705bd066e00607cfb5f8f6e0b5d810934ef2
3
+ metadata.gz: c857f29b851808997fb7403a5a1d4e71cd786e89
4
+ data.tar.gz: f2b27edba4192969a5c6e301ac6a19c0fabbeadf
5
5
  SHA512:
6
- metadata.gz: ee7ba71f4ed496dc0cc109ea1834d0da58d112c320fb6c8a80f33ee65ab9a1f0746976be6ad32f934c4f80f9a3c0688f94a64064f44d665bbce3f3d19bb699b0
7
- data.tar.gz: b614c2c3945819b6e95052f1770920d57b83d5afb9300836e6af1375b45c93c15c7117b14fdd33372edbe746cc796e5b967dc75b131b03d9eb0e7ba73cd65797
6
+ metadata.gz: a88ef9c5d505322a0639f5b77b74364ff64a9ea503ee969fad2389b38e82fa4064d9a5de85edd8767d80b0e8e9422a576e620831d63bee1c049da6e61137ab3d
7
+ data.tar.gz: 5a3fbe6296dbaee8a3c95d93ef6ba39f849326f1a138a95b949f351e4f570201b4af9a6db59899e90ef993b900a4a8f5cbc7d9587eb0420ee4df1561b46b766a
data/CHANGELOG.md CHANGED
@@ -1,3 +1,8 @@
1
+ ## 1.4.8
2
+ - Bufix: CF Metadata events Bug #7
3
+ - Feature: use aws-role for s3 client connection.
4
+ ## 1.4.7
5
+ Remove from rubygems.org
1
6
  ## 1.4.6
2
7
  - BugFix: jRuby > 2 : No return from block
3
8
  - BugFix: No exit on gzip error
data/lib/logstash/inputs/s3snssqs.rb CHANGED
@@ -114,6 +114,12 @@ class LogStash::Inputs::S3SNSSQS < LogStash::Inputs::Threadable
114
114
  # To run in multiple threads use this
115
115
  config :consumer_threads, :validate => :number, :default => 1
116
116
  config :temporary_directory, :validate => :string, :default => File.join(Dir.tmpdir, "logstash")
117
+ # The AWS IAM Role to assume, if any.
118
+ # This is used to generate temporary credentials typically for cross-account access.
119
+ # See https://docs.aws.amazon.com/STS/latest/APIReference/API_AssumeRole.html for more information.
120
+ config :s3_role_arn, :validate => :string
121
+ # Session name to use when assuming an IAM role
122
+ config :s3_role_session_name, :validate => :string, :default => "logstash"
117
123
 
118
124
 
119
125
  attr_reader :poller
@@ -148,13 +154,7 @@ class LogStash::Inputs::S3SNSSQS < LogStash::Inputs::Threadable
148
154
  aws_sqs_client = Aws::SQS::Client.new(aws_options_hash)
149
155
  queue_url = aws_sqs_client.get_queue_url({ queue_name: @queue, queue_owner_aws_account_id: @queue_owner_aws_account_id})[:queue_url]
150
156
  @poller = Aws::SQS::QueuePoller.new(queue_url, :client => aws_sqs_client)
151
- if s3_access_key_id and s3_secret_access_key
152
- @logger.debug("Using S3 Credentials from config", :ID => aws_options_hash.merge(:access_key_id => s3_access_key_id, :secret_access_key => s3_secret_access_key) )
153
- @s3_client = Aws::S3::Client.new(aws_options_hash.merge(:access_key_id => s3_access_key_id, :secret_access_key => s3_secret_access_key))
154
- else
155
- @s3_client = Aws::S3::Client.new(aws_options_hash)
156
- end
157
-
157
+ get_s3client
158
158
  @s3_resource = get_s3object
159
159
  rescue Aws::SQS::Errors::ServiceError => e
160
160
  @logger.error("Cannot establish connection to Amazon SQS", :error => e)
@@ -277,24 +277,22 @@ class LogStash::Inputs::S3SNSSQS < LogStash::Inputs::Threadable
277
277
  # The line need to go through the codecs to replace
278
278
  # unknown bytes in the log stream before doing a regexp match or
279
279
  # you will get a `Error: invalid byte sequence in UTF-8'
280
- local_decorate(event, key, folder, metadata, bucket)
281
- queue << event
280
+ local_decorate_and_queue(event, queue, key, folder, metadata, bucket)
282
281
  end
283
282
  end
284
283
  @logger.debug("end if file #{filename}")
285
284
  #@logger.info("event pre flush", :event => event)
286
285
  # #ensure any stateful codecs (such as multi-line ) are flushed to the queue
287
286
  instance_codec.flush do |event|
288
- local_decorate(event, key, folder, metadata, bucket)
287
+ local_decorate_and_queue(event, queue, key, folder, metadata, bucket)
289
288
  @logger.debug("We´e to flush an incomplete event...", :event => event)
290
- queue << event
291
289
  end
292
290
 
293
291
  return true
294
292
  end # def process_local_log
295
293
 
296
294
  private
297
- def local_decorate(event, key, folder, metadata, bucket)
295
+ def local_decorate_and_queue(event, queue, key, folder, metadata, bucket)
298
296
  if event_is_metadata?(event)
299
297
  @logger.debug('Event is metadata, updating the current cloudfront metadata', :event => event)
300
298
  update_metadata(metadata, event)
@@ -308,6 +306,7 @@ class LogStash::Inputs::S3SNSSQS < LogStash::Inputs::Threadable
308
306
  event.set("[@metadata][s3]", { "object_key" => key })
309
307
  event.set("[@metadata][s3]", { "bucket_name" => bucket })
310
308
  event.set("[@metadata][s3]", { "object_folder" => folder})
309
+ queue << event
311
310
  end
312
311
  end
313
312
 
@@ -367,11 +366,34 @@ class LogStash::Inputs::S3SNSSQS < LogStash::Inputs::Threadable
367
366
  end
368
367
  end
369
368
 
369
+
370
+ private
371
+ def get_s3client
372
+ if s3_access_key_id and s3_secret_access_key
373
+ @logger.debug("Using S3 Credentials from config", :ID => aws_options_hash.merge(:access_key_id => s3_access_key_id) )
374
+ @s3_client = Aws::S3::Client.new(aws_options_hash.merge(:access_key_id => s3_access_key_id, :secret_access_key => s3_secret_access_key))
375
+ elsif @s3_role_arn
376
+ @s3_client = Aws::S3::Client.new(aws_options_hash.merge!({ :credentials => s3_assume_role }))
377
+ @logger.debug("Using S3 Credentials from role", :s3client => @s3_client.inspect, :options => aws_options_hash.merge!({ :credentials => s3_assume_role }))
378
+ else
379
+ @s3_client = Aws::S3::Client.new(aws_options_hash)
380
+ end
381
+ end
382
+
370
383
  private
371
384
  def get_s3object
372
385
  s3 = Aws::S3::Resource.new(client: @s3_client)
373
386
  end
374
387
 
388
+ private
389
+ def s3_assume_role()
390
+ Aws::AssumeRoleCredentials.new(
391
+ client: Aws::STS::Client.new(region: @region),
392
+ role_arn: @s3_role_arn,
393
+ role_session_name: @s3_role_session_name
394
+ )
395
+ end
396
+
375
397
  private
376
398
  def event_is_metadata?(event)
377
399
  return false unless event.get("message").class == String
data/logstash-input-s3-sns-sqs.gemspec CHANGED
@@ -1,6 +1,6 @@
1
1
  Gem::Specification.new do |s|
2
2
  s.name = 'logstash-input-s3-sns-sqs'
3
- s.version = '1.4.6'
3
+ s.version = '1.4.8'
4
4
  s.licenses = ['Apache License (2.0)']
5
5
  s.summary = "Get logs from AWS s3 buckets as issued by an object-created event via sns -> sqs."
6
6
  s.description = "This gem is a logstash plugin required to be installed on top of the Logstash core pipeline using $LS_HOME/bin/plugin install gemname. This gem is not a stand-alone program"
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: logstash-input-s3-sns-sqs
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.4.6
4
+ version: 1.4.8
5
5
  platform: ruby
6
6
  authors:
7
7
  - Christian Herweg
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2018-03-22 00:00:00.000000000 Z
11
+ date: 2018-03-28 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  requirement: !ruby/object:Gem::Requirement