Add vars in modules.d/aws.yml.disabled (#27454)

* Add vars in modules.d/aws.yml.disabled
* missing metadata
* rename bucket to bucket_arn

(cherry picked from commit b4ecc29)

# Conflicts:
#	filebeat/docs/modules/aws.asciidoc
#	x-pack/filebeat/input/awss3/acker.go
#	x-pack/filebeat/input/awss3/config.go
#	x-pack/filebeat/input/awss3/config_test.go
#	x-pack/filebeat/input/awss3/input.go
#	x-pack/filebeat/input/awss3/input_benchmark_test.go
#	x-pack/filebeat/input/awss3/input_integration_test.go
#	x-pack/filebeat/input/awss3/s3.go
#	x-pack/filebeat/input/awss3/s3_objects.go
#	x-pack/filebeat/input/awss3/s3_test.go
#	x-pack/filebeat/module/aws/_meta/docs.asciidoc
#	x-pack/filebeat/module/aws/cloudtrail/config/aws-s3.yml
#	x-pack/filebeat/module/aws/cloudtrail/manifest.yml
#	x-pack/filebeat/module/aws/cloudwatch/config/aws-s3.yml
#	x-pack/filebeat/module/aws/cloudwatch/manifest.yml
#	x-pack/filebeat/module/aws/ec2/config/aws-s3.yml
#	x-pack/filebeat/module/aws/ec2/manifest.yml
#	x-pack/filebeat/module/aws/elb/config/aws-s3.yml
#	x-pack/filebeat/module/aws/elb/manifest.yml
#	x-pack/filebeat/module/aws/s3access/config/aws-s3.yml
#	x-pack/filebeat/module/aws/s3access/manifest.yml
#	x-pack/filebeat/module/aws/vpcflow/config/input.yml
#	x-pack/filebeat/module/aws/vpcflow/manifest.yml

filebeat/docs/modules/aws.asciidoc

@@ -44,6 +44,12 @@ Example config:
   cloudtrail:
     enabled: false
     #var.queue_url: https://sqs.myregion.amazonaws.com/123456/myqueue
+<<<<<<< HEAD
+=======
+    #var.bucket_arn: 'arn:aws:s3:::mybucket'
+    #var.bucket_list_interval: 300s
+    #var.number_of_workers: 5
+>>>>>>> b4ecc29bb (Add vars in modules.d/aws.yml.disabled (#27454))
     #var.shared_credential_file: /etc/filebeat/aws_credentials
     #var.credential_profile_name: fb-aws
     #var.access_key_id: access_key_id
@@ -57,6 +63,12 @@ Example config:
   cloudwatch:
     enabled: false
     #var.queue_url: https://sqs.myregion.amazonaws.com/123456/myqueue
+<<<<<<< HEAD
+=======
+    #var.bucket_arn: 'arn:aws:s3:::mybucket'
+    #var.bucket_list_interval: 300s
+    #var.number_of_workers: 5
+>>>>>>> b4ecc29bb (Add vars in modules.d/aws.yml.disabled (#27454))
     #var.shared_credential_file: /etc/filebeat/aws_credentials
     #var.credential_profile_name: fb-aws
     #var.access_key_id: access_key_id
@@ -70,6 +82,12 @@ Example config:
   ec2:
     enabled: false
     #var.queue_url: https://sqs.myregion.amazonaws.com/123456/myqueue
+<<<<<<< HEAD
+=======
+    #var.bucket_arn: 'arn:aws:s3:::mybucket'
+    #var.bucket_list_interval: 300s
+    #var.number_of_workers: 5
+>>>>>>> b4ecc29bb (Add vars in modules.d/aws.yml.disabled (#27454))
     #var.shared_credential_file: /etc/filebeat/aws_credentials
     #var.credential_profile_name: fb-aws
     #var.access_key_id: access_key_id
@@ -83,6 +101,12 @@ Example config:
   elb:
     enabled: false
     #var.queue_url: https://sqs.myregion.amazonaws.com/123456/myqueue
+<<<<<<< HEAD
+=======
+    #var.bucket_arn: 'arn:aws:s3:::mybucket'
+    #var.bucket_list_interval: 300s
+    #var.number_of_workers: 5
+>>>>>>> b4ecc29bb (Add vars in modules.d/aws.yml.disabled (#27454))
     #var.shared_credential_file: /etc/filebeat/aws_credentials
     #var.credential_profile_name: fb-aws
     #var.access_key_id: access_key_id
@@ -96,6 +120,12 @@ Example config:
   s3access:
     enabled: false
     #var.queue_url: https://sqs.myregion.amazonaws.com/123456/myqueue
+<<<<<<< HEAD
+=======
+    #var.bucket_arn: 'arn:aws:s3:::mybucket'
+    #var.bucket_list_interval: 300s
+    #var.number_of_workers: 5
+>>>>>>> b4ecc29bb (Add vars in modules.d/aws.yml.disabled (#27454))
     #var.shared_credential_file: /etc/filebeat/aws_credentials
     #var.credential_profile_name: fb-aws
     #var.access_key_id: access_key_id
@@ -109,6 +139,12 @@ Example config:
   vpcflow:
     enabled: false
     #var.queue_url: https://sqs.myregion.amazonaws.com/123456/myqueue
+<<<<<<< HEAD
+=======
+    #var.bucket_arn: 'arn:aws:s3:::mybucket'
+    #var.bucket_list_interval: 300s
+    #var.number_of_workers: 5
+>>>>>>> b4ecc29bb (Add vars in modules.d/aws.yml.disabled (#27454))
     #var.shared_credential_file: /etc/filebeat/aws_credentials
     #var.credential_profile_name: fb-aws
     #var.access_key_id: access_key_id

x-pack/filebeat/filebeat.reference.yml

@@ -102,6 +102,15 @@ filebeat.modules:
     # AWS SQS queue url
     #var.queue_url: https://sqs.myregion.amazonaws.com/123456/myqueue
 
+    # AWS S3 bucket arn
+    #var.bucket_arn: 'arn:aws:s3:::mybucket'
+
+    # Bucket list interval on S3 bucket
+    #var.bucket_list_interval: 300s
+
+    # Number of workers on S3 bucket
+    #var.number_of_workers: 5
+
     # Process CloudTrail logs
     # default is true, set to false to skip Cloudtrail logs
     # var.process_cloudtrail_logs: false
@@ -154,6 +163,15 @@ filebeat.modules:
     # AWS SQS queue url
     #var.queue_url: https://sqs.myregion.amazonaws.com/123456/myqueue
 
+    # AWS S3 bucket arn
+    #var.bucket_arn: 'arn:aws:s3:::mybucket'
+
+    # Bucket list interval on S3 bucket
+    #var.bucket_list_interval: 300s
+
+    # Number of workers on S3 bucket
+    #var.number_of_workers: 5
+
     # Filename of AWS credential file
     # If not set "$HOME/.aws/credentials" is used on Linux/Mac
     # "%UserProfile%\.aws\credentials" is used on Windows
@@ -194,6 +212,15 @@ filebeat.modules:
     # AWS SQS queue url
     #var.queue_url: https://sqs.myregion.amazonaws.com/123456/myqueue
 
+    # AWS S3 bucket arn
+    #var.bucket_arn: 'arn:aws:s3:::mybucket'
+
+    # Bucket list interval on S3 bucket
+    #var.bucket_list_interval: 300s
+
+    # Number of workers on S3 bucket
+    #var.number_of_workers: 5
+
     # Filename of AWS credential file
     # If not set "$HOME/.aws/credentials" is used on Linux/Mac
     # "%UserProfile%\.aws\credentials" is used on Windows
@@ -234,6 +261,15 @@ filebeat.modules:
     # AWS SQS queue url
     #var.queue_url: https://sqs.myregion.amazonaws.com/123456/myqueue
 
+    # AWS S3 bucket arn
+    #var.bucket_arn: 'arn:aws:s3:::mybucket'
+
+    # Bucket list interval on S3 bucket
+    #var.bucket_list_interval: 300s
+
+    # Number of workers on S3 bucket
+    #var.number_of_workers: 5
+
     # Filename of AWS credential file
     # If not set "$HOME/.aws/credentials" is used on Linux/Mac
     # "%UserProfile%\.aws\credentials" is used on Windows
@@ -274,6 +310,15 @@ filebeat.modules:
     # AWS SQS queue url
     #var.queue_url: https://sqs.myregion.amazonaws.com/123456/myqueue
 
+    # AWS S3 bucket arn
+    #var.bucket_arn: 'arn:aws:s3:::mybucket'
+
+    # Bucket list interval on S3 bucket
+    #var.bucket_list_interval: 300s
+
+    # Number of workers on S3 bucket
+    #var.number_of_workers: 5
+
     # Filename of AWS credential file
     # If not set "$HOME/.aws/credentials" is used on Linux/Mac
     # "%UserProfile%\.aws\credentials" is used on Windows
@@ -314,6 +359,15 @@ filebeat.modules:
     # AWS SQS queue url
     #var.queue_url: https://sqs.myregion.amazonaws.com/123456/myqueue
 
+    # AWS S3 bucket arn
+    #var.bucket_arn: 'arn:aws:s3:::mybucket'
+
+    # Bucket list interval on S3 bucket
+    #var.bucket_list_interval: 300s
+
+    # Number of workers on S3 bucket
+    #var.number_of_workers: 5
+
     # Filename of AWS credential file
     # If not set "$HOME/.aws/credentials" is used on Linux/Mac
     # "%UserProfile%\.aws\credentials" is used on Windows

x-pack/filebeat/input/awss3/acker.go

@@ -0,0 +1,85 @@
+// Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+// or more contributor license agreements. Licensed under the Elastic License;
+// you may not use this file except in compliance with the Elastic License.
+
+package awss3
+
+import (
+	"context"
+	"sync"
+
+	"github.com/elastic/beats/v7/libbeat/beat"
+	"github.com/elastic/beats/v7/libbeat/common/acker"
+)
+
+// eventACKTracker tracks the publishing state of S3 objects. Specifically
+// it tracks the number of message acknowledgements that are pending from the
+// output. It can be used to wait until all ACKs have been received for one or
+// more S3 objects.
+type eventACKTracker struct {
+	sync.Mutex
+	pendingACKs int64
+	ctx         context.Context
+	cancel      context.CancelFunc
+}
+
+func newEventACKTracker(ctx context.Context) *eventACKTracker {
+	ctx, cancel := context.WithCancel(ctx)
+	return &eventACKTracker{ctx: ctx, cancel: cancel}
+}
+
+// Add increments the number of pending ACKs.
+func (a *eventACKTracker) Add() {
+	a.Lock()
+	a.pendingACKs++
+	a.Unlock()
+}
+
+// ACK decrements the number of pending ACKs.
+func (a *eventACKTracker) ACK() {
+	a.Lock()
+	defer a.Unlock()
+
+	if a.pendingACKs <= 0 {
+		panic("misuse detected: negative ACK counter")
+	}
+
+	a.pendingACKs--
+	if a.pendingACKs == 0 {
+		a.cancel()
+	}
+}
+
+// Wait waits for the number of pending ACKs to be zero.
+// Wait must be called sequentially only after every expected
+// `Add` calls are made. Failing to do so could reset the pendingACKs
+// property to 0 and would results in Wait returning after additional
+// calls to `Add` are made without a corresponding `ACK` call.
+func (a *eventACKTracker) Wait() {
+	// If there were never any pending ACKs then cancel the context. (This can
+	// happen when a document contains no events or cannot be read due to an error).
+	a.Lock()
+	if a.pendingACKs == 0 {
+		a.cancel()
+	}
+	a.Unlock()
+
+	// Wait.
+	<-a.ctx.Done()
+}
+
+// newEventACKHandler returns a beat ACKer that can receive callbacks when
+// an event has been ACKed an output. If the event contains a private metadata
+// pointing to an eventACKTracker then it will invoke the trackers ACK() method
+// to decrement the number of pending ACKs.
+func newEventACKHandler() beat.ACKer {
+	return acker.ConnectionOnly(
+		acker.EventPrivateReporter(func(_ int, privates []interface{}) {
+			for _, private := range privates {
+				if ack, ok := private.(*eventACKTracker); ok {
+					ack.ACK()
+				}
+			}
+		}),
+	)
+}

x-pack/filebeat/input/awss3/config.go

@@ -22,7 +22,14 @@ type config struct {
 	VisibilityTimeout   time.Duration        `config:"visibility_timeout"`
 	FIPSEnabled         bool                 `config:"fips_enabled"`
 	MaxNumberOfMessages int                  `config:"max_number_of_messages"`
+<<<<<<< HEAD
 	QueueURL            string               `config:"queue_url" validate:"required"`
+=======
+	QueueURL            string               `config:"queue_url"`
+	BucketARN           string               `config:"bucket_arn"`
+	BucketListInterval  time.Duration        `config:"bucket_list_interval"`
+	NumberOfWorkers     int                  `config:"number_of_workers"`
+>>>>>>> b4ecc29bb (Add vars in modules.d/aws.yml.disabled (#27454))
 	AWSConfig           awscommon.ConfigAWS  `config:",inline"`
 	FileSelectors       []fileSelectorConfig `config:"file_selectors"`
 	ReaderConfig        readerConfig         `config:",inline"` // Reader options to apply when no file_selectors are used.
@@ -40,7 +47,28 @@ func defaultConfig() config {
 }
 
 func (c *config) Validate() error {
+<<<<<<< HEAD
 	if c.VisibilityTimeout <= 0 || c.VisibilityTimeout.Hours() > 12 {
+=======
+	if c.QueueURL == "" && c.BucketARN == "" {
+		return fmt.Errorf("queue_url or bucket_arn must provided")
+	}
+
+	if c.QueueURL != "" && c.BucketARN != "" {
+		return fmt.Errorf("queue_url <%v> and bucket_arn <%v> "+
+			"cannot be set at the same time", c.QueueURL, c.BucketARN)
+	}
+
+	if c.BucketARN != "" && c.BucketListInterval <= 0 {
+		return fmt.Errorf("bucket_list_interval <%v> must be greater than 0", c.BucketListInterval)
+	}
+
+	if c.BucketARN != "" && c.NumberOfWorkers <= 0 {
+		return fmt.Errorf("number_of_workers <%v> must be greater than 0", c.NumberOfWorkers)
+	}
+
+	if c.QueueURL != "" && (c.VisibilityTimeout <= 0 || c.VisibilityTimeout.Hours() > 12) {
+>>>>>>> b4ecc29bb (Add vars in modules.d/aws.yml.disabled (#27454))
 		return fmt.Errorf("visibility_timeout <%v> must be greater than 0 and "+
 			"less than or equal to 12h", c.VisibilityTimeout)
 	}