[
https://issues.apache.org/jira/browse/NIFI-5456?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16595433#comment-16595433
]
ASF GitHub Bot commented on NIFI-5456:
--------------------------------------
Github user joewitt commented on a diff in the pull request:
https://github.com/apache/nifi/pull/2968#discussion_r213431435
--- Diff:
nifi-nar-bundles/nifi-aws-bundle/nifi-aws-abstract-processors/src/main/java/org/apache/nifi/processors/aws/AbstractAWSProcessor.java
---
@@ -286,7 +286,7 @@ protected void
initializeRegionAndEndpoint(ProcessContext context) {
final String urlstr =
StringUtils.trimToEmpty(context.getProperty(ENDPOINT_OVERRIDE).evaluateAttributeExpressions().getValue());
if (!urlstr.isEmpty()) {
getLogger().info("Overriding endpoint with {}", new
Object[]{urlstr});
- this.client.setEndpoint(urlstr);
+ this.client.setEndpoint(urlstr,
this.client.getServiceName(), this.region.getName());
--- End diff --
these values will always be present? We dont have to guard from them being
null/undefined/different than the API being called expects?
> PutKinesisStream - Fails to work with AWS Private Link endpoint
> ---------------------------------------------------------------
>
> Key: NIFI-5456
> URL: https://issues.apache.org/jira/browse/NIFI-5456
> Project: Apache NiFi
> Issue Type: Bug
> Affects Versions: 1.6.0, 1.7.1
> Environment: RedHat 6
> Reporter: Ariel Godinez
> Assignee: Sivaprasanna Sethuraman
> Priority: Major
> Labels: easyfix
> Attachments:
> 0001-NIFI-5456-AWS-clients-now-work-with-private-link-end.patch
>
>
> NiFi version: 1.6.0
> PutKinesisStream fails to put due to invalid signing information when using
> an AWS Private Link as the endpoint override URL. The endpoint override URL
> pattern for private links is like below along with the error that NiFi
> outputs when we attempt to use this type of URL as the 'Endpoint Override
> URL' property value.
> Endpoint Override URL:
> [https://vpce-|https://vpce-/]<AWS_GENERATED_ALPHA_NUMERIC>.kinesis.us-east-2.vpce.amazonaws.com
> ERROR [Timer-Driven Process Thread-11] "o.a.n.p.a.k.stream.PutKinesisStream"
> PutKinesisStream[id=4c314e25-0164-1000-ffff-ffff9bd79c77] Failed to publish
> due to exception com.amazonaws.services.kinesis.model.AmazonKinesisException:
> Credential should be scoped to a valid region, not 'vpce'. (Service:
> AmazonKinesis; Status Code: 400; Error Code: InvalidSignatureException;
> Request ID: 6330b83c-a64e-4acf-b892-a505621cf78e) flowfiles
> [StandardFlowFileRecord[uuid=ba299cec-7cbf-4750-a766-c348b5cd9c73,claim=StandardContentClaim
> [resourceClaim=StandardResourceClaim[id=1532469012962-1,
> container=content002, section=1], offset=2159750,
> length=534625],offset=0,name=900966573101260,size=534625]]
>
> It looks like 'vpce' is being extracted from the url as the region name when
> it should be getting 'us-east-2'. We were able to get this processor to work
> correctly by explicitly passing in the region and service using
> 'setEndpoint(String endpoint, String serviceName, String regionId)' instead
> of 'setEndpoint(String endpoint)' in
> 'nifi/nifi-nar-bundles/nifi-aws-bundle/nifi-aws-abstract-processors/src/main/java/org/apache/nifi/processors/aws/AbstractAWSProcessor.java'
> line 289
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
