use of software.amazon.awssdk.services.acm.AcmClient in project data-prepper by opensearch-project.
the class CertificateProviderFactory method getCertificateProvider.
public CertificateProvider getCertificateProvider() {
// ACM Cert for SSL takes preference
if (certificateProviderConfig.useAcmCertForSSL()) {
LOG.info("Using ACM certificate for SSL/TLS to setup trust store.");
final AwsCredentialsProvider credentialsProvider = AwsCredentialsProviderChain.builder().addCredentialsProvider(DefaultCredentialsProvider.create()).build();
final ClientOverrideConfiguration clientConfig = ClientOverrideConfiguration.builder().retryPolicy(RetryMode.STANDARD).build();
final AcmClient awsCertificateManager = AcmClient.builder().region(Region.of(certificateProviderConfig.getAwsRegion())).credentialsProvider(credentialsProvider).overrideConfiguration(clientConfig).build();
return new ACMCertificateProvider(awsCertificateManager, certificateProviderConfig.getAcmCertificateArn(), certificateProviderConfig.getAcmCertIssueTimeOutMillis());
} else if (certificateProviderConfig.isSslCertFileInS3()) {
LOG.info("Using S3 to fetch certificate for SSL/TLS to setup trust store.");
final AwsCredentialsProvider credentialsProvider = AwsCredentialsProviderChain.builder().addCredentialsProvider(DefaultCredentialsProvider.create()).build();
final S3Client s3Client = S3Client.builder().region(Region.of(certificateProviderConfig.getAwsRegion())).credentialsProvider(credentialsProvider).build();
return new S3CertificateProvider(s3Client, certificateProviderConfig.getSslKeyCertChainFile());
} else {
LOG.info("Using local file system to get certificate for SSL/TLS to setup trust store.");
return new FileCertificateProvider(certificateProviderConfig.getSslKeyCertChainFile());
}
}
use of software.amazon.awssdk.services.acm.AcmClient in project data-prepper by opensearch-project.
the class CertificateProviderFactory method getCertificateProvider.
public CertificateProvider getCertificateProvider() {
// ACM Cert for SSL takes preference
if (oTelMetricsSourceConfig.useAcmCertForSSL()) {
LOG.info("Using ACM certificate and private key for SSL/TLS.");
final AwsCredentialsProvider credentialsProvider = AwsCredentialsProviderChain.builder().addCredentialsProvider(DefaultCredentialsProvider.create()).build();
final ClientOverrideConfiguration clientConfig = ClientOverrideConfiguration.builder().retryPolicy(RetryMode.STANDARD).build();
final AcmClient awsCertificateManager = AcmClient.builder().region(Region.of(oTelMetricsSourceConfig.getAwsRegion())).credentialsProvider(credentialsProvider).overrideConfiguration(clientConfig).build();
return new ACMCertificateProvider(awsCertificateManager, oTelMetricsSourceConfig.getAcmCertificateArn(), oTelMetricsSourceConfig.getAcmCertIssueTimeOutMillis(), oTelMetricsSourceConfig.getAcmPrivateKeyPassword());
} else if (oTelMetricsSourceConfig.isSslCertAndKeyFileInS3()) {
LOG.info("Using S3 to fetch certificate and private key for SSL/TLS.");
final AwsCredentialsProvider credentialsProvider = AwsCredentialsProviderChain.builder().addCredentialsProvider(DefaultCredentialsProvider.create()).build();
final S3Client s3Client = S3Client.builder().region(Region.of(oTelMetricsSourceConfig.getAwsRegion())).credentialsProvider(credentialsProvider).build();
return new S3CertificateProvider(s3Client, oTelMetricsSourceConfig.getSslKeyCertChainFile(), oTelMetricsSourceConfig.getSslKeyFile());
} else {
LOG.info("Using local file system to get certificate and private key for SSL/TLS.");
return new FileCertificateProvider(oTelMetricsSourceConfig.getSslKeyCertChainFile(), oTelMetricsSourceConfig.getSslKeyFile());
}
}
use of software.amazon.awssdk.services.acm.AcmClient in project data-prepper by opensearch-project.
the class CertificateProviderFactory method getCertificateProvider.
public CertificateProvider getCertificateProvider() {
// ACM Cert for SSL takes preference
if (oTelTraceSourceConfig.useAcmCertForSSL()) {
LOG.info("Using ACM certificate and private key for SSL/TLS.");
final AwsCredentialsProvider credentialsProvider = AwsCredentialsProviderChain.builder().addCredentialsProvider(DefaultCredentialsProvider.create()).build();
final ClientOverrideConfiguration clientConfig = ClientOverrideConfiguration.builder().retryPolicy(RetryMode.STANDARD).build();
final AcmClient awsCertificateManager = AcmClient.builder().region(Region.of(oTelTraceSourceConfig.getAwsRegion())).credentialsProvider(credentialsProvider).overrideConfiguration(clientConfig).build();
return new ACMCertificateProvider(awsCertificateManager, oTelTraceSourceConfig.getAcmCertificateArn(), oTelTraceSourceConfig.getAcmCertIssueTimeOutMillis(), oTelTraceSourceConfig.getAcmPrivateKeyPassword());
} else if (oTelTraceSourceConfig.isSslCertAndKeyFileInS3()) {
LOG.info("Using S3 to fetch certificate and private key for SSL/TLS.");
final AwsCredentialsProvider credentialsProvider = AwsCredentialsProviderChain.builder().addCredentialsProvider(DefaultCredentialsProvider.create()).build();
final S3Client s3Client = S3Client.builder().region(Region.of(oTelTraceSourceConfig.getAwsRegion())).credentialsProvider(credentialsProvider).build();
return new S3CertificateProvider(s3Client, oTelTraceSourceConfig.getSslKeyCertChainFile(), oTelTraceSourceConfig.getSslKeyFile());
} else {
LOG.info("Using local file system to get certificate and private key for SSL/TLS.");
return new FileCertificateProvider(oTelTraceSourceConfig.getSslKeyCertChainFile(), oTelTraceSourceConfig.getSslKeyFile());
}
}
Aggregations