From cf7766be363d1d8610ed477f05b370c05ff7b0ba Mon Sep 17 00:00:00 2001 From: Sasha Klizhentas Date: Sat, 9 Feb 2019 14:39:18 -0800 Subject: [PATCH] Allow S3 buckets in different regions, implements #2007 This commit allows additional configuration for the `audit_sessions_uri` parameter: `audit_sessions_uri: s3://example.com/path?region=us-east-1` Additional query parameter `region` will override default `audit` section `region` if set. --- constants.go | 3 +++ lib/events/s3sessions/s3handler.go | 2 +- lib/service/service.go | 6 +++++- 3 files changed, 9 insertions(+), 2 deletions(-) diff --git a/constants.go b/constants.go index 20456fdee17bc..6bf236515e815 100644 --- a/constants.go +++ b/constants.go @@ -277,6 +277,9 @@ const ( // storage SchemeS3 = "s3" + // Region is AWS region parameter + Region = "region" + // SchemeFile is a local disk file storage SchemeFile = "file" diff --git a/lib/events/s3sessions/s3handler.go b/lib/events/s3sessions/s3handler.go index ff1bf0fafc11a..f4011024fcb4a 100644 --- a/lib/events/s3sessions/s3handler.go +++ b/lib/events/s3sessions/s3handler.go @@ -88,7 +88,7 @@ func NewHandler(cfg Config) (*Handler, error) { client: s3.New(cfg.Session), } start := time.Now() - h.Infof("Setting up bucket %q.", h.Bucket) + h.Infof("Setting up bucket %q, sessions path %q in region %q.", h.Bucket, h.Path, h.Region) if err := h.ensureBucket(); err != nil { return nil, trace.Wrap(err) } diff --git a/lib/service/service.go b/lib/service/service.go index 7e1874575f4b5..12e0c9fe2be6e 100644 --- a/lib/service/service.go +++ b/lib/service/service.go @@ -730,9 +730,13 @@ func initUploadHandler(auditConfig services.AuditConfig) (events.UploadHandler, switch uri.Scheme { case teleport.SchemeS3: + region := auditConfig.Region + if uriRegion := uri.Query().Get(teleport.Region); uriRegion != "" { + region = uriRegion + } handler, err := s3sessions.NewHandler(s3sessions.Config{ Bucket: uri.Host, - Region: auditConfig.Region, + Region: region, Path: uri.Path, }) if err != nil {