Search in sources :

Example 1 with FileCertificateProvider

use of com.amazon.dataprepper.plugins.certificate.file.FileCertificateProvider in project data-prepper by opensearch-project.

the class CertificateProviderFactory method getCertificateProvider.

public CertificateProvider getCertificateProvider() {
    // ACM Cert for SSL takes preference
    if (oTelMetricsSourceConfig.useAcmCertForSSL()) {
        LOG.info("Using ACM certificate and private key for SSL/TLS.");
        final AwsCredentialsProvider credentialsProvider = AwsCredentialsProviderChain.builder().addCredentialsProvider(DefaultCredentialsProvider.create()).build();
        final ClientOverrideConfiguration clientConfig = ClientOverrideConfiguration.builder().retryPolicy(RetryMode.STANDARD).build();
        final AcmClient awsCertificateManager = AcmClient.builder().region(Region.of(oTelMetricsSourceConfig.getAwsRegion())).credentialsProvider(credentialsProvider).overrideConfiguration(clientConfig).build();
        return new ACMCertificateProvider(awsCertificateManager, oTelMetricsSourceConfig.getAcmCertificateArn(), oTelMetricsSourceConfig.getAcmCertIssueTimeOutMillis(), oTelMetricsSourceConfig.getAcmPrivateKeyPassword());
    } else if (oTelMetricsSourceConfig.isSslCertAndKeyFileInS3()) {
        LOG.info("Using S3 to fetch certificate and private key for SSL/TLS.");
        final AwsCredentialsProvider credentialsProvider = AwsCredentialsProviderChain.builder().addCredentialsProvider(DefaultCredentialsProvider.create()).build();
        final S3Client s3Client = S3Client.builder().region(Region.of(oTelMetricsSourceConfig.getAwsRegion())).credentialsProvider(credentialsProvider).build();
        return new S3CertificateProvider(s3Client, oTelMetricsSourceConfig.getSslKeyCertChainFile(), oTelMetricsSourceConfig.getSslKeyFile());
    } else {
        LOG.info("Using local file system to get certificate and private key for SSL/TLS.");
        return new FileCertificateProvider(oTelMetricsSourceConfig.getSslKeyCertChainFile(), oTelMetricsSourceConfig.getSslKeyFile());
    }
}
Also used : FileCertificateProvider(com.amazon.dataprepper.plugins.certificate.file.FileCertificateProvider) AcmClient(software.amazon.awssdk.services.acm.AcmClient) ACMCertificateProvider(com.amazon.dataprepper.plugins.certificate.acm.ACMCertificateProvider) ClientOverrideConfiguration(software.amazon.awssdk.core.client.config.ClientOverrideConfiguration) AwsCredentialsProvider(software.amazon.awssdk.auth.credentials.AwsCredentialsProvider) S3CertificateProvider(com.amazon.dataprepper.plugins.certificate.s3.S3CertificateProvider) S3Client(software.amazon.awssdk.services.s3.S3Client)

Example 2 with FileCertificateProvider

use of com.amazon.dataprepper.plugins.certificate.file.FileCertificateProvider in project data-prepper by opensearch-project.

the class CertificateProviderFactory method getCertificateProvider.

public CertificateProvider getCertificateProvider() {
    // ACM Cert for SSL takes preference
    if (oTelTraceSourceConfig.useAcmCertForSSL()) {
        LOG.info("Using ACM certificate and private key for SSL/TLS.");
        final AwsCredentialsProvider credentialsProvider = AwsCredentialsProviderChain.builder().addCredentialsProvider(DefaultCredentialsProvider.create()).build();
        final ClientOverrideConfiguration clientConfig = ClientOverrideConfiguration.builder().retryPolicy(RetryMode.STANDARD).build();
        final AcmClient awsCertificateManager = AcmClient.builder().region(Region.of(oTelTraceSourceConfig.getAwsRegion())).credentialsProvider(credentialsProvider).overrideConfiguration(clientConfig).build();
        return new ACMCertificateProvider(awsCertificateManager, oTelTraceSourceConfig.getAcmCertificateArn(), oTelTraceSourceConfig.getAcmCertIssueTimeOutMillis(), oTelTraceSourceConfig.getAcmPrivateKeyPassword());
    } else if (oTelTraceSourceConfig.isSslCertAndKeyFileInS3()) {
        LOG.info("Using S3 to fetch certificate and private key for SSL/TLS.");
        final AwsCredentialsProvider credentialsProvider = AwsCredentialsProviderChain.builder().addCredentialsProvider(DefaultCredentialsProvider.create()).build();
        final S3Client s3Client = S3Client.builder().region(Region.of(oTelTraceSourceConfig.getAwsRegion())).credentialsProvider(credentialsProvider).build();
        return new S3CertificateProvider(s3Client, oTelTraceSourceConfig.getSslKeyCertChainFile(), oTelTraceSourceConfig.getSslKeyFile());
    } else {
        LOG.info("Using local file system to get certificate and private key for SSL/TLS.");
        return new FileCertificateProvider(oTelTraceSourceConfig.getSslKeyCertChainFile(), oTelTraceSourceConfig.getSslKeyFile());
    }
}
Also used : FileCertificateProvider(com.amazon.dataprepper.plugins.certificate.file.FileCertificateProvider) AcmClient(software.amazon.awssdk.services.acm.AcmClient) ACMCertificateProvider(com.amazon.dataprepper.plugins.certificate.acm.ACMCertificateProvider) ClientOverrideConfiguration(software.amazon.awssdk.core.client.config.ClientOverrideConfiguration) AwsCredentialsProvider(software.amazon.awssdk.auth.credentials.AwsCredentialsProvider) S3CertificateProvider(com.amazon.dataprepper.plugins.certificate.s3.S3CertificateProvider) S3Client(software.amazon.awssdk.services.s3.S3Client)

Aggregations

ACMCertificateProvider (com.amazon.dataprepper.plugins.certificate.acm.ACMCertificateProvider)2 FileCertificateProvider (com.amazon.dataprepper.plugins.certificate.file.FileCertificateProvider)2 S3CertificateProvider (com.amazon.dataprepper.plugins.certificate.s3.S3CertificateProvider)2 AwsCredentialsProvider (software.amazon.awssdk.auth.credentials.AwsCredentialsProvider)2 ClientOverrideConfiguration (software.amazon.awssdk.core.client.config.ClientOverrideConfiguration)2 AcmClient (software.amazon.awssdk.services.acm.AcmClient)2 S3Client (software.amazon.awssdk.services.s3.S3Client)2