Signing the HTTP requests to proxy service - Text Analysis with Amazon OpenSearch Service (successor to Amazon Elasticsearch Service) and Amazon Comprehend

Signing the HTTP requests to proxy service

If you turn on the API access control, you must sign proxy API requests. This section shows an example of how to send signed HTTP requests to a proxy service endpoint using Amazon OpenSearch clients and other common libraries.

Note

For instruction on how to sign requests, refer to Signing HTTP Requests to Amazon OpenSearch Service in the Amazon OpenSearch Service Developer Guide. To sign the HTTP Requests to this solution’s proxy service, you must update the service name from es to execute-api.

You must also install the OpenSearch client for Python (opensearch-py) using pip. If you choose to use Requests, installing the requests-aws4auth, and AWS SDK for Python (Boto 3) packages can help simplify the authentication process.

From the terminal, run the following commands:

pip install boto3 pip install opensearch pip install requests pip install requests-aws4auth

The following sample code establishes a secure connection to the specified proxy endpoint and indexes a single document using the _index API. Note that you must provide values for proxy endpointregion, and host.

from opensearch import OpenSearch, RequestsHttpConnection from requests_aws4auth import AWS4Auth import boto3 proxy_endpoint = '' # For example, foo.execute-api.us-east-1.amazonaws.com/prod endpoint_parts = proxy_endpoint.split('/') host = endpoint_parts[0] # For example, foo.execute-api.us-east-1.amazonaws.com url_prefix = endpoint_parts[1] region= '' # us-east-1 service = 'execute-api' # IMPORTANT: this is key difference while signing the request for proxy endpoint. credentials = boto3.Session().get_credentials() awsauth = AWS4Auth(credentials.access_key, credentials.secret_key, region, service) client = OpenSearch( hosts = [{'host': host, 'url_prefix': url_prefix, 'port': 443}], http_auth = awsauth, use_ssl = True, verify_certs = True, connection_class = RequestsHttpConnection ) document = { "content": "Bob has been living in Seattle for more than ten years" } client.index(index="news", doc_type="_doc", id="5", body=document) print(client.get(index="news", doc_type="_doc", id="5"))

If you choose not to use opensearch-py, you can still make standard HTTP requests using the following code example. Note that you must provide values for proxy endpointregion, and host.

from requests_aws4auth import AWS4Auth import boto3 import requests proxy_endpoint = '' # https://foo.execute-api.us-east-1.amazonaws.com/prod/ path = '/transcript/_doc/6' # the OpenSearch API endpoint region = '' # For example, us-east-1 service = 'execute-api' # It is important to specify the service as ‘execute-api’ credentials = boto3.Session().get_credentials() awsauth = AWS4Auth(credentials.access_key, credentials.secret_key, region, service) url = proxy_endpoint + path # The JSON body to accompany the request (if necessary) payload = { "timestamp": "2018-04-26T09:17:12.917188", "transcript": "hi i'm calling to say how totally blase i am about your product it is a middle of the road effort if ever i have seen one thanks i guess do you have an issue no not at all just wanted to say that" } r = requests.put(url, auth=awsauth, json=payload) # requests.get, post, and delete have similar syntax print(r.text)