Incorporated review comments changes for opensearch-project#1985, ope…

…nsearch-project#2264 Signed-off-by: rajeshLovesToCode <[email protected]>
rajeshLovesToCode · May 11, 2023 · 1c35ca2 · 1c35ca2
1 parent f7abe8e
commit 1c35ca2
Show file tree

Hide file tree

Showing 25 changed files with 759 additions and 163 deletions.
diff --git a/data-prepper-plugins/opensearch-source/build.gradle b/data-prepper-plugins/opensearch-source/build.gradle
@@ -1,26 +1,14 @@
-plugins {
-    id 'java'
-}
-
-group 'org.opensearch.dataprepper'
-version '2.3.0-SNAPSHOT'
-
-repositories {
-    mavenCentral()
-}
-
+/*
+  * Copyright OpenSearch Contributors
+  * SPDX-License-Identifier: Apache-2.0
+  */
 dependencies {
     implementation project(path: ':data-prepper-api')
-    implementation 'com.fasterxml.jackson.dataformat:jackson-dataformat-csv'
-    implementation 'org.apache.httpcomponents.core5:httpcore5-h2:5.2.1'
-    implementation 'org.apache.httpcomponents.client5:httpclient5:5.2.1'
-    implementation group: 'com.googlecode.json-simple', name: 'json-simple', version: '1.1.1'
-    implementation "org.apache.commons:commons-lang3:3.12.0"
-    implementation group: 'org.opensearch.client', name: 'opensearch-rest-client', version: '2.6.0'
-    implementation 'org.opensearch.client:opensearch-java:2.4.0'
-    implementation 'software.amazon.awssdk:aws-sdk-java:2.17.148'
-    testImplementation 'org.junit.jupiter:junit-jupiter-api:5.8.1'
-    testRuntimeOnly 'org.junit.jupiter:junit-jupiter-engine:5.8.1'
+    implementation 'com.fasterxml.jackson.core:jackson-databind'
+    implementation 'com.fasterxml.jackson.datatype:jackson-datatype-jsr310:2.14.2'
+    implementation 'software.amazon.awssdk:s3'
+    implementation 'software.amazon.awssdk:sts'
+    testImplementation 'com.fasterxml.jackson.dataformat:jackson-dataformat-yaml'
 }
 
 test {

diff --git a/...g/opensearch/dataprepper/plugins/source/configuration/AwsAuthenticationConfiguration.java b/...g/opensearch/dataprepper/plugins/source/configuration/AwsAuthenticationConfiguration.java
diff --git a/...opensearch/dataprepper/plugins/source/configuration/SchedulingParameterConfiguration.java b/...opensearch/dataprepper/plugins/source/configuration/SchedulingParameterConfiguration.java
diff --git a/...in/java/org/opensearch/dataprepper/plugins/source/configuration/SortingConfiguration.java b/...in/java/org/opensearch/dataprepper/plugins/source/configuration/SortingConfiguration.java
diff --git a/...pper/plugins/source/OpenSearchSource.java → ...s/source/opensearch/OpenSearchSource.java b/...pper/plugins/source/OpenSearchSource.java → ...s/source/opensearch/OpenSearchSource.java
@@ -2,7 +2,7 @@
  * Copyright OpenSearch Contributors
  * SPDX-License-Identifier: Apache-2.0
  */
-package org.opensearch.dataprepper.plugins.source;
+package org.opensearch.dataprepper.plugins.source.opensearch;
 
 import org.opensearch.dataprepper.model.annotations.DataPrepperPlugin;
 import org.opensearch.dataprepper.model.annotations.DataPrepperPluginConstructor;

diff --git a/...source/OpenSearchSourceConfiguration.java → ...search/OpenSearchSourceConfiguration.java b/...source/OpenSearchSourceConfiguration.java → ...search/OpenSearchSourceConfiguration.java
@@ -2,16 +2,16 @@
  * Copyright OpenSearch Contributors
  * SPDX-License-Identifier: Apache-2.0
  */
-package org.opensearch.dataprepper.plugins.source;
+package org.opensearch.dataprepper.plugins.source.opensearch;
 
 import com.fasterxml.jackson.annotation.JsonProperty;
-import org.opensearch.dataprepper.plugins.source.configuration.ConnectionConfiguration;
-import org.opensearch.dataprepper.plugins.source.configuration.AwsAuthenticationConfiguration;
-import org.opensearch.dataprepper.plugins.source.configuration.IndexParametersConfiguration;
-import org.opensearch.dataprepper.plugins.source.configuration.QueryParameterConfiguration;
-import org.opensearch.dataprepper.plugins.source.configuration.SchedulingParameterConfiguration;
-import org.opensearch.dataprepper.plugins.source.configuration.RetryConfiguration;
-import org.opensearch.dataprepper.plugins.source.configuration.SearchConfiguration;
+import org.opensearch.dataprepper.plugins.source.opensearch.configuration.AwsAuthenticationConfiguration;
+import org.opensearch.dataprepper.plugins.source.opensearch.configuration.ConnectionConfiguration;
+import org.opensearch.dataprepper.plugins.source.opensearch.configuration.IndexParametersConfiguration;
+import org.opensearch.dataprepper.plugins.source.opensearch.configuration.QueryParameterConfiguration;
+import org.opensearch.dataprepper.plugins.source.opensearch.configuration.SchedulingParameterConfiguration;
+import org.opensearch.dataprepper.plugins.source.opensearch.configuration.RetryConfiguration;
+import org.opensearch.dataprepper.plugins.source.opensearch.configuration.SearchConfiguration;
 
 
 import java.util.Map;
@@ -69,4 +69,7 @@ public Map<String, String> getIndexNames() {
         return indexNames;
     }
 
+    public RetryConfiguration getRetryConfiguration() {
+        return retryConfiguration;
+    }
 }
diff --git a/...h/dataprepper/plugins/source/opensearch/configuration/AwsAuthenticationConfiguration.java b/...h/dataprepper/plugins/source/opensearch/configuration/AwsAuthenticationConfiguration.java
@@ -0,0 +1,97 @@
+/*
+ * Copyright OpenSearch Contributors
+ * SPDX-License-Identifier: Apache-2.0
+ */
+
+package org.opensearch.dataprepper.plugins.source.opensearch.configuration;
+
+import com.fasterxml.jackson.annotation.JsonProperty;
+import jakarta.validation.constraints.Size;
+import software.amazon.awssdk.arns.Arn;
+import software.amazon.awssdk.auth.credentials.AwsCredentialsProvider;
+import software.amazon.awssdk.auth.credentials.DefaultCredentialsProvider;
+import software.amazon.awssdk.regions.Region;
+import software.amazon.awssdk.services.sts.StsClient;
+import software.amazon.awssdk.services.sts.auth.StsAssumeRoleCredentialsProvider;
+import software.amazon.awssdk.services.sts.model.AssumeRoleRequest;
+
+import java.util.Map;
+import java.util.Optional;
+import java.util.UUID;
+
+public class AwsAuthenticationConfiguration {
+    private static final String AWS_IAM_ROLE = "role";
+    private static final String AWS_IAM = "iam";
+
+    @JsonProperty("region")
+    @Size(min = 1, message = "Region cannot be empty string")
+    private String awsRegion;
+
+    @JsonProperty("sts_role_arn")
+    @Size(min = 20, max = 2048, message = "awsStsRoleArn length should be between 1 and 2048 characters")
+    private String awsStsRoleArn;
+
+    @JsonProperty("sts_header_overrides")
+    @Size(max = 5, message = "sts_header_overrides supports a maximum of 5 headers to override")
+    private Map<String, String> awsStsHeaderOverrides;
+
+    private void validateStsRoleArn() {
+        final Arn arn = getArn();
+        if (!AWS_IAM.equals(arn.service())) {
+            throw new IllegalArgumentException("sts_role_arn must be an IAM Role");
+        }
+        final Optional<String> resourceType = arn.resource().resourceType();
+        if (resourceType.isEmpty() || !resourceType.get().equals(AWS_IAM_ROLE)) {
+            throw new IllegalArgumentException("sts_role_arn must be an IAM Role");
+        }
+    }
+
+    private Arn getArn() {
+        try {
+            return Arn.fromString(awsStsRoleArn);
+        } catch (final Exception e) {
+            throw new IllegalArgumentException(String.format("Invalid ARN format for awsStsRoleArn. Check the format of %s", awsStsRoleArn));
+        }
+    }
+
+    public String getAwsStsRoleArn() {
+        return awsStsRoleArn;
+    }
+
+    public Region getAwsRegion() {
+        return awsRegion != null ? Region.of(awsRegion) : null;
+    }
+
+    public AwsCredentialsProvider authenticateAwsConfiguration() {
+
+        final AwsCredentialsProvider awsCredentialsProvider;
+        if (awsStsRoleArn != null && !awsStsRoleArn.isEmpty()) {
+
+            validateStsRoleArn();
+
+            final StsClient stsClient = StsClient.builder()
+                    .region(getAwsRegion())
+                    .build();
+
+            AssumeRoleRequest.Builder assumeRoleRequestBuilder = AssumeRoleRequest.builder()
+                    .roleSessionName("S3-Source-" + UUID.randomUUID())
+                    .roleArn(awsStsRoleArn);
+            if(awsStsHeaderOverrides != null && !awsStsHeaderOverrides.isEmpty()) {
+                assumeRoleRequestBuilder = assumeRoleRequestBuilder
+                        .overrideConfiguration(configuration -> awsStsHeaderOverrides.forEach(configuration::putHeader));
+            }
+
+            awsCredentialsProvider = StsAssumeRoleCredentialsProvider.builder()
+                    .stsClient(stsClient)
+                    .refreshRequest(assumeRoleRequestBuilder.build())
+                    .build();
+
+        } else {
+            // use default credential provider
+            awsCredentialsProvider = DefaultCredentialsProvider.create();
+        }
+
+        return awsCredentialsProvider;
+    }
+}
+
diff --git a/...onfiguration/ConnectionConfiguration.java → ...onfiguration/ConnectionConfiguration.java b/...onfiguration/ConnectionConfiguration.java → ...onfiguration/ConnectionConfiguration.java
@@ -2,7 +2,7 @@
  * Copyright OpenSearch Contributors
  * SPDX-License-Identifier: Apache-2.0
  */
-package org.opensearch.dataprepper.plugins.source.configuration;
+package org.opensearch.dataprepper.plugins.source.opensearch.configuration;
 
 import com.fasterxml.jackson.annotation.JsonProperty;
 import jakarta.validation.constraints.NotNull;
@@ -33,27 +33,27 @@ public class ConnectionConfiguration {
   @JsonProperty("insecure")
   private boolean insecure;
 
-  List<String> getHosts() {
+  public List<String> getHosts() {
     return hosts;
   }
 
-  String getUsername() {
+  public String getUsername() {
     return username;
   }
 
-  String getPassword() {
+  public String getPassword() {
     return password;
   }
 
-  Path getCertPath() {
+  public Path getCertPath() {
     return certPath;
   }
 
-  Integer getSocketTimeout() {
+  public Integer getSocketTimeout() {
     return socketTimeout;
   }
 
-  Integer getConnectTimeout() {
+  public Integer getConnectTimeout() {
     return connectTimeout;
   }
 

diff --git a/...uration/IndexParametersConfiguration.java → ...uration/IndexParametersConfiguration.java b/...uration/IndexParametersConfiguration.java → ...uration/IndexParametersConfiguration.java
@@ -3,7 +3,7 @@
  * SPDX-License-Identifier: Apache-2.0
  */
 
-package org.opensearch.dataprepper.plugins.source.configuration;
+package org.opensearch.dataprepper.plugins.source.opensearch.configuration;
 
 import com.fasterxml.jackson.annotation.JsonProperty;
 import java.util.List;

diff --git a/...guration/QueryParameterConfiguration.java → ...guration/QueryParameterConfiguration.java b/...guration/QueryParameterConfiguration.java → ...guration/QueryParameterConfiguration.java
@@ -3,7 +3,7 @@
  * SPDX-License-Identifier: Apache-2.0
  */
 
-package org.opensearch.dataprepper.plugins.source.configuration;
+package org.opensearch.dataprepper.plugins.source.opensearch.configuration;
 
 import com.fasterxml.jackson.annotation.JsonProperty;
 import java.util.List;

diff --git a/...rce/configuration/RetryConfiguration.java → ...rch/configuration/RetryConfiguration.java b/...rce/configuration/RetryConfiguration.java → ...rch/configuration/RetryConfiguration.java
@@ -3,7 +3,7 @@
  * SPDX-License-Identifier: Apache-2.0
  */
 
-package org.opensearch.dataprepper.plugins.source.configuration;
+package org.opensearch.dataprepper.plugins.source.opensearch.configuration;
 
 import com.fasterxml.jackson.annotation.JsonProperty;