AWS Elasticsearch Service - 手动快照到S3

时间:2017-03-29 13:25:24

标签: c# amazon-web-services elasticsearch amazon-s3

我尝试创建“Amazon Elasticsearch Service”的手动快照 我找到了这个documentation,但我在最后一步注册快照存储库时遇到了问题。我搜索.net的解决方案,但这个例子是一个python脚本,我找不到.net

的解决方案

是否有可用于签署c#请求的解决方案?

用于签署请求的phyton脚本 

from boto.connection import AWSAuthConnection

class ESConnection(AWSAuthConnection):

    def __init__(self, region, **kwargs):
        super(ESConnection, self).__init__(**kwargs)
        self._set_auth_region_name(region)
        self._set_auth_service_name("es")

    def _required_auth_capability(self):
        return ['hmac-v4']

if __name__ == "__main__":

    client = ESConnection(
            region='eu-west-1',
            host='search-domain.eu-west-1.es.amazonaws.com',
            profile_name='ifOtherThanDefault',
            is_secure=False)

    print 'Registering Snapshot Repository'
    resp = client.make_request(method='PUT',
            path='/_snapshot/es-index-backups',
            data='{"type": "s3","settings": { "bucket": "my-es-snapshot-repo","region": "eu-west-1","role_arn": "arn:aws:iam::123456789012:role/es-snapshots-role"}}')
    body = resp.read()
    print body

C#解决方案 

var createRoleJson = @"{
  ""Version"": ""2012-10-17"",
  ""Statement"": [
    {
      ""Sid"": """",
      ""Effect"": ""Allow"",
      ""Principal"": {
        ""Service"": ""es.amazonaws.com""
      },
      ""Action"": ""sts:AssumeRole""
    }
  ]
}
";

var createPolicyJson = @"{
    ""Version"":""2012-10-17"",
    ""Statement"":[
        {
            ""Action"":[
                ""s3:ListBucket""
            ],
            ""Effect"":""Allow"",
            ""Resource"":[
                ""arn:aws:s3:::my-es-snapshot-repo""
            ]
        },
        {
            ""Action"":[
                ""s3:GetObject"",
                ""s3:PutObject"",
                ""s3:DeleteObject"",
                ""iam:PassRole""
            ],
            ""Effect"":""Allow"",
            ""Resource"":[
                ""arn:aws:s3:::my-es-snapshot-repo/*""
            ]
        }
    ]
}";

Amazon Requests(AWSSDK.IdentityManagement)

//Change the bucket to the correct bucket
var s3BucketName = "test.elasticsearch";
createPolicyJson = createPolicyJson.Replace("my-es-snapshot-repo", s3BucketName);


var awsCredentials = new BasicAWSCredentials("accessKey", "secretKey");
var client = new AmazonIdentityManagementServiceClient(awsCredentials, Amazon.RegionEndpoint.EUCentral1);

var createRoleRequest = new CreateRoleRequest
{
    RoleName = "ElasticsearchSnapshotsRole",
    AssumeRolePolicyDocument = createRoleJson
};

var createPolicyRequest = new CreatePolicyRequest
{
    PolicyName = "ElasticsearchSnapshotAccess",
    PolicyDocument = createPolicyJson
};

var responseCreateRole = client.CreateRole(createRoleRequest);
var responseCreatePolicy = client.CreatePolicy(createPolicyRequest);
var responseAttachRolePolicy = client.AttachRolePolicy(new AttachRolePolicyRequest { PolicyArn = responseCreatePolicy.Policy.Arn, RoleName = responseCreateRole.Role.RoleName });

1 个答案:

答案 0 :(得分:0)

您可以在此处找到有关创建签名 HTTP 请求的参考代码: https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/CreateSignatureInCSharp.html

AWS elasticsearch 的手动快照过程的完整详细信息可以在:https://docs.aws.amazon.com/elasticsearch-service/latest/developerguide/es-managedomains-snapshots.html

相关问题
最新问题