|
1 |
| -- [Getting Started with the OpenSearch Python Client](#getting-started-with-the-opensearch-python-client) |
| 1 | +- [Getting started with the OpenSearch Python client](#getting-started-with-the-opensearch-python-client) |
2 | 2 | - [Setup](#setup)
|
3 | 3 | - [Sample code](#sample-code)
|
4 | 4 | - [Creating a client](#creating-a-client)
|
|
9 | 9 | - [Searching for a document](#searching-for-a-document)
|
10 | 10 | - [Deleting a document](#deleting-a-document)
|
11 | 11 | - [Deleting an index](#deleting-an-index)
|
12 |
| - - [Making API Calls](#making-api-calls) |
13 |
| - - [Point in Time API](#point-in-time-api-calls) |
| 12 | + - [Making API calls](#making-api-calls) |
| 13 | + - [Point in time API](#point-in-time-api-calls) |
14 | 14 | - [Using plugins](#using-plugins)
|
15 | 15 | - [Alerting plugin](#alerting-plugin)
|
16 | 16 | - [**Searching for monitors**](#searching-for-monitors)
|
|
19 | 19 | - [**Creating a destination**](#creating-a-destination)
|
20 | 20 | - [**Getting alerts**](#getting-alerts)
|
21 | 21 | - [**Acknowledge alerts**](#acknowledge-alerts)
|
22 |
| - - [Using IAM credentials for authentication](#using-iam-credentials-for-authentication) |
| 22 | + - [Using different authentication methods](#using-different-authentication-methods) |
| 23 | + - [Using IAM credentials](#using-iam-credentials) |
23 | 24 | - [Pre-requisites to use `AWSV4SignerAuth`](#pre-requisites-to-use-awsv4signerauth)
|
| 25 | + - [Using Kerberos](#using-kerberos) |
24 | 26 |
|
25 |
| -# User guide of OpenSearch Python Client |
| 27 | +# User guide of OpenSearch Python client |
26 | 28 |
|
27 | 29 | ## Setup
|
28 | 30 |
|
@@ -193,9 +195,9 @@ response = client.indices.delete(
|
193 | 195 | print('\nDeleting index:')
|
194 | 196 | print(response)
|
195 | 197 | ```
|
196 |
| -## Making API Calls |
| 198 | +## Making API calls |
197 | 199 |
|
198 |
| -### Point in Time API |
| 200 | +### Point in time API |
199 | 201 |
|
200 | 202 | ```python
|
201 | 203 | # create a point in time on a index
|
@@ -378,13 +380,17 @@ query = {
|
378 | 380 | response = client.plugins.alerting.acknowledge_alert(query)
|
379 | 381 | print(response)
|
380 | 382 | ```
|
381 |
| -## Using IAM credentials for authentication |
| 383 | +## Using different authentication methods |
| 384 | + |
| 385 | +It is possible to use different methods for the authentication to OpenSearch. The parameters of `connection_class` and `http_auth` can be used for this. The following examples show how to authenticate using IAM credentials and using Kerberos. |
| 386 | + |
| 387 | +### Using IAM credentials |
382 | 388 |
|
383 | 389 | Refer the AWS documentation regarding usage of IAM credentials to sign requests to OpenSearch APIs - [Signing HTTP requests to Amazon OpenSearch Service.](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/request-signing.html#request-signing-python)
|
384 | 390 |
|
385 | 391 | Opensearch-py client library also provides an in-house IAM based authentication feature, `AWSV4SignerAuth` that will help users to connect to their opensearch clusters by making use of IAM roles.
|
386 | 392 |
|
387 |
| -#### Pre-requisites to use `AWSV4SignerAuth` |
| 393 | +##### Pre-requisites to use `AWSV4SignerAuth` |
388 | 394 | - Python version 3.6 or above,
|
389 | 395 | - Install [botocore](https://pypi.org/project/botocore/) using pip
|
390 | 396 |
|
@@ -428,4 +434,24 @@ response = client.search(
|
428 | 434 |
|
429 | 435 | print('\nSearch results:')
|
430 | 436 | print(response)
|
431 |
| -``` |
| 437 | +``` |
| 438 | + |
| 439 | +### Using Kerberos |
| 440 | + |
| 441 | +There are several python packages that provide Kerberos support over HTTP connections, such as [requests-kerberos](http://pypi.org/project/requests-kerberos) and [requests-gssapi](https://pypi.org/project/requests-gssapi). The following example shows how to setup the authentication. Note that some of the parameters, such as `mutual_authentication` might depend on the server settings. |
| 442 | + |
| 443 | +```python |
| 444 | + |
| 445 | +from opensearchpy import OpenSearch, RequestsHttpConnection |
| 446 | +from requests_kerberos import HTTPKerberosAuth, OPTIONAL |
| 447 | + |
| 448 | +client = OpenSearch( |
| 449 | + ['htps://...'], |
| 450 | + use_ssl=True, |
| 451 | + verify_certs=True, |
| 452 | + connection_class=RequestsHttpConnection, |
| 453 | + http_auth=HTTPKerberosAuth(mutual_authentication=OPTIONAL) |
| 454 | +) |
| 455 | + |
| 456 | +health = client.cluster.health() |
| 457 | +``` |
0 commit comments