我尝试创建我的"Amazon Elasticsearch Service"的手动快照我找到了此文档,但在最后一步注册快照存储库时遇到问题。我搜索 .net 的解决方案,但此示例是一个 python 脚本,我找不到 .net 的解决方案
是否有可用于对 c# 请求进行签名的解决方案?
用于签署请求的 Phyton 脚本
from boto.connection import AWSAuthConnection
class ESConnection(AWSAuthConnection):
def __init__(self, region, **kwargs):
super(ESConnection, self).__init__(**kwargs)
self._set_auth_region_name(region)
self._set_auth_service_name("es")
def _required_auth_capability(self):
return ['hmac-v4']
if __name__ == "__main__":
client = ESConnection(
region='eu-west-1',
host='search-domain.eu-west-1.es.amazonaws.com',
profile_name='ifOtherThanDefault',
is_secure=False)
print 'Registering Snapshot Repository'
resp = client.make_request(method='PUT',
path='/_snapshot/es-index-backups',
data='{"type": "s3","settings": { "bucket": "my-es-snapshot-repo","region": "eu-west-1","role_arn": "arn:aws:iam::123456789012:role/es-snapshots-role"}}')
body = resp.read()
print body
C# 解决方案
var createRoleJson = @"{
""Version"": ""2012-10-17"",
""Statement"": [
{
""Sid"": """",
""Effect"": ""Allow"",
""Principal"": {
""Service"": ""es.amazonaws.com""
},
""Action"": ""sts:AssumeRole""
}
]
}
";
var createPolicyJson = @"{
""Version"":""2012-10-17"",
""Statement"":[
{
""Action"":[
""s3:ListBucket""
],
""Effect"":""Allow"",
""Resource"":[
""arn:aws:s3:::my-es-snapshot-repo""
]
},
{
""Action"":[
""s3:GetObject"",
""s3:PutObject"",
""s3:DeleteObject"",
""iam:PassRole""
],
""Effect"":""Allow"",
""Resource"":[
""arn:aws:s3:::my-es-snapshot-repo/*""
]
}
]
}";
Amazon Requests (AWSSDK.身份管理(
//Change the bucket to the correct bucket
var s3BucketName = "test.elasticsearch";
createPolicyJson = createPolicyJson.Replace("my-es-snapshot-repo", s3BucketName);
var awsCredentials = new BasicAWSCredentials("accessKey", "secretKey");
var client = new AmazonIdentityManagementServiceClient(awsCredentials, Amazon.RegionEndpoint.EUCentral1);
var createRoleRequest = new CreateRoleRequest
{
RoleName = "ElasticsearchSnapshotsRole",
AssumeRolePolicyDocument = createRoleJson
};
var createPolicyRequest = new CreatePolicyRequest
{
PolicyName = "ElasticsearchSnapshotAccess",
PolicyDocument = createPolicyJson
};
var responseCreateRole = client.CreateRole(createRoleRequest);
var responseCreatePolicy = client.CreatePolicy(createPolicyRequest);
var responseAttachRolePolicy = client.AttachRolePolicy(new AttachRolePolicyRequest { PolicyArn = responseCreatePolicy.Policy.Arn, RoleName = responseCreateRole.Role.RoleName });
您可以在此处找到有关创建签名 HTTP 请求的参考代码:https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/CreateSignatureInCSharp.html
有关 AWS elasticsearch 手动快照过程的完整详细信息,请访问: https://docs.aws.amazon.com/elasticsearch-service/latest/developerguide/es-managedomains-snapshots.html