AWS Request signing ignores the target port of service endpoint

Description

The target host port is ignored when a request to ES/Opensearch is converted to an AWS signed request. This results in request failure as without a port request is trying to reach nonexisting resource.

The issue only occurs when a port must explicitly be a part of an endpoint to a search engine, e.g.:

Possible scenarios when this might be a case:

using localstack
using ssh tunnel to access the AWS service

Activity

Show:

Yoann Rodière June 13, 2022 at 6:45 AM

Just wanted to clarify something:

This results in request failure as without a port request is trying to reach nonexisting resource.

The request being built in this module does not define the target, though; we just build a “canonical” request so that AWS SDK can build a hash and sign it.

So, the failure, if any, probably comes from the request being incomplete and the hash being incorrect, which result in an authentication error.

Fixed

Details
Assignee
Marko Bekhta
Reporter
Marko Bekhta
Fix versions
6.1.6.Final
6.2.0.Alpha1
Priority
Minor

Created June 9, 2022 at 9:02 PM

Updated July 4, 2022 at 7:01 AM

Resolved June 13, 2022 at 8:13 AM

Configure

AWS Request signing ignores the target port of service endpoint

Description

Activity

Yoann Rodière June 13, 2022 at 6:45 AM

DetailsAssigneeMarko BekhtaMarko BekhtaReporterMarko BekhtaMarko BekhtaFix versions6.1.6.Final6.2.0.Alpha1PriorityMinor

Details

Assignee

Reporter

Fix versions

Priority

Details
Assignee
Marko Bekhta
Reporter
Marko Bekhta
Fix versions
6.1.6.Final
6.2.0.Alpha1
Priority
Minor