feat: Add support for assuming a role fix: deprecated Buffer() call #429
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Fix Buffer() deprecation by using Buffer.from() and add option to use environment variable ES_ASSUME_ROLE_ARN to assume another role for the lambda, providing for cross-account access.
Remove debugging log statement
Tweak formatting a bit to reduce differences from fork master, leaving auto-removal of whitespaces where appropriate from lambda UI code formatting.
jrmuir
changed the title
|
@jrmuir Thanks for opening this PR! I realize that this is after the fact, but I only just now got around to creating contributing guidelines and making some changes to help enable open source contributions to this project. I'm going to close this PR for now as it doesn't meet the new guidelines. If you could please open an issue for discussion on this feature we can figure out what the best way to enable cross-account support and non-hosted AWS Elasticsearch would be; there is a related issue #325. Additionally, if you could please split up the fix for Buffer and this change into different PRs so that they can go in separately. Thank you! |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
I needed the ability to have this function assume a role to write to another account. Additionally I was noticing deprecation errors regarding Buffer() and saw a simple fix for that.
Changes:
Address new Buffer() deprecation by changing to Buffer.from().
There are a smattering of format changes - spaces removed, that sort of thing related to the lambda editor's UI function for format code.
Added promises to provide alternate credentials in the case of needing to assume a role.
Added function getCreds to determine if an alternate role was provided in the environment variables and if so provide those to the buildRequest function, otherwise provide the default role credentials. This facilitates cross-account access for ES log shipping to another AWS account, assuming a network connection is available and the function is allowed to assume the role in the other account.
Configured fuctions post and buildRequest to leverage promises to ensure alternate credentials are available at post time.
Open to any feedback or changes.
Thanks!
John