HTTP proxy that signs requests for AWS service endpoints; e.g. Amazon Elasticsearch Service
This software is heavily inspired by coreos/aws-auth-proxy.
$ export AWS_ACCESS_KEY_ID=AKIAxxx
$ export AWS_SECRET_ACCESS_KEY=yyyyy
$ export AWS_REGION=ap-northeast-1$ aws-sign-proxy --service-name es --upstream-host search-zzz.ap-northeast-1.es.amazonaws.com
$ open http://localhost:8080/_plugin/kibanaDocker image is available at quay.io/dtan4/aws-sign-proxy.
$ docker run \
--rm \
--name aws-sign-proxy \
-e AWS_ACCESS_KEY_ID=AKIAxxx \
-e AWS_SECRET_ACCESS_KEY=yyyyy \
-e AWS_REGION=ap-northeast-1 \
-e AWS_SIGN_PROXY_SERVICE_NAME=es \
-e AWS_SIGN_PROXY_UPSTREAM_HOST=search-zzz.ap-northeast-1.es.amazonaws.com \
-p 8080:8080 \
quay.io/dtan4/aws-sign-proxy:latest| Environment variable | Flag | Description | Required | Default |
|---|---|---|---|---|
AWS_ACCESS_KEY_ID |
AWS access key ID | Required | ||
AWS_SECRET_ACCESS_KEY |
AWS secret access key | Required | ||
AWS_REGION |
--region |
AWS region | Required | |
AWS_SIGN_PROXY_SERVICE_NAME |
--service-name |
AWS service name (e.g. es) |
Required | |
AWS_SIGN_PROXY_UPSTREAM_HOST |
--upstream-host |
Upstream endpoint | Required | |
AWS_SIGN_PROXY_UPSTREAM_SCHEME |
--upstream-scheme |
Scheme for upstream endpoint | https |
|
AWS_SIGN_PROXY_LISTEN_ADDRESS |
--listen-address |
Address for proxy to listen on | :8080 |
Original coreos/aws-auth-proxy is released under Apache License Version 2.0.
This software is released under MIT License.
