hlteoh37 commented on code in PR #1: URL: https://github.com/apache/flink-connector-prometheus/pull/1#discussion_r1751692587
########## flink-connector-prometheus-request-signer-amp/README.md: ########## @@ -0,0 +1,30 @@ +## Request Signer for Amazon Managed Prometheus (AMP) + +Request signer implementation for Amazon Managed Prometheus (AMP) + +The signer retrieves AWS credentials using `com.amazonaws.auth.DefaultAWSCredentialsProviderChain` and automatically +supports session credentials. + +The Flink application requires `RemoteWrite` permissions to the AMP workspace (e.g. `AmazonPromethusRemoteWriteAccess` +policy). + +### Sample usage + +To enable request signing for Amazon Managed Prometheus, and instance of `AmazonManagedPrometheusWriteRequestSigner` +must be provided when building the `PrometheusSink` instance. The only required parameters are the AWS region and the +AMP remote-write URL. + +```java + +// AWS region of the AMP workspace +String prometheusRegion = "us-east-1"; + +// Remote-Write URL of the AMP workspace +String prometheusRemoteWriteUrl = "https://aps-workspaces.us-east-1.amazonaws.com/workspaces/ws-091245678-9abc-def0-1234-56789abcdef0/api/v1/remote_write";; + +// Build the sink to AMP using the request signer +AsyncSinkBase<PrometheusTimeSeries, Types.TimeSeries> sink = PrometheusSink.builder() + .setPrometheusRemoteWriteUrl(prometheusRemoteWriteUrl) + .setRequestSigner(new AmazonManagedPrometheusWriteRequestSigner(prometheusRemoteWriteUrl, prometheusRegion)) Review Comment: LOVE how easy this interface is! :D ########## README.md: ########## @@ -2,12 +2,27 @@ This repository contains the official Apache Flink Prometheus connector. +* [More details](flink-connector-prometheus/README.md) about the connector and its usage. +* [Example application](flink-connector-prometheus/src/test/java/org/apache/flink/connector/prometheus/sink/examples/DataStreamExample.java) + demonstrating the usage of the connector. + ## Apache Flink Apache Flink is an open source stream processing framework with powerful stream- and batch-processing capabilities. Learn more about Flink at [https://flink.apache.org/](https://flink.apache.org/) +## Modules + +This repository contains the following modules + +* [Prometheus Connector](./flink-connector-prometheus): Flink Prometheus Connector implementation; supports optional + request signer +* [Sample application](./example-datastream-job): Sample application showing the usage of the connector with DataStream Review Comment: This needs to change. ########## flink-connector-prometheus-request-signer-amp/pom.xml: ########## @@ -0,0 +1,70 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!-- +Licensed to the Apache Software Foundation (ASF) under one +or more contributor license agreements. See the NOTICE file +distributed with this work for additional information +regarding copyright ownership. The ASF licenses this file +to you under the Apache License, Version 2.0 (the +"License"); you may not use this file except in compliance +with the License. You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, +software distributed under the License is distributed on an +"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +KIND, either express or implied. See the License for the +specific language governing permissions and limitations +under the License. +--> +<project xmlns="http://maven.apache.org/POM/4.0.0"; + xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; + xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd";> + <modelVersion>4.0.0</modelVersion> + <parent> + <groupId>org.apache.flink</groupId> + <artifactId>flink-connector-prometheus-parent</artifactId> + <version>1.0.0-SNAPSHOT</version> + </parent> + + <name>Flink : Connectors : Prometheus : Amazon Managed Prometheus Request Signer</name> + <artifactId>flink-connector-prometheus-request-signer-amp</artifactId> + + <properties> + <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding> + <aws.sdkv2.version>2.25.69</aws.sdkv2.version> + </properties> + + <dependencyManagement> + <dependencies> + <dependency> + <groupId>software.amazon.awssdk</groupId> + <artifactId>bom</artifactId> + <version>${aws.sdkv2.version}</version> Review Comment: nice! :D ########## flink-connector-prometheus-request-signer-amp/src/main/java/org/apache/flink/connector/prometheus/sink/aws/AmazonManagedPrometheusWriteRequestSigner.java: ########## @@ -0,0 +1,86 @@ +package org.apache.flink.connector.prometheus.sink.aws; + +import org.apache.flink.connector.prometheus.sink.PrometheusRequestSigner; +import org.apache.flink.util.Preconditions; + +import org.apache.commons.lang3.StringUtils; +import software.amazon.awssdk.auth.credentials.AwsCredentials; +import software.amazon.awssdk.auth.credentials.AwsCredentialsProvider; +import software.amazon.awssdk.auth.credentials.AwsSessionCredentials; +import software.amazon.awssdk.auth.credentials.DefaultCredentialsProvider; + +import java.net.MalformedURLException; +import java.net.URL; +import java.util.Map; + +/** Sign a Remote-Write request to Amazon Managed Service for Prometheus (AMP). */ +public class AmazonManagedPrometheusWriteRequestSigner implements PrometheusRequestSigner { + // Header names + private static final String X_AMZ_CONTENT_SHA_256 = "x-amz-content-sha256"; + private static final String AUTHORIZATION = "Authorization"; + + private final URL remoteWriteUrl; + private final String awsRegion; + + /** + * Creates a signer instance using DefaultAWSCredentialsProviderChain. + * + * @param remoteWriteUrl URL of the remote-write endpoint + * @param awsRegion Region of the AMP workspace + */ + public AmazonManagedPrometheusWriteRequestSigner(String remoteWriteUrl, String awsRegion) { + Preconditions.checkArgument( + StringUtils.isNotBlank(awsRegion), "Missing or blank AMP workspace region"); Review Comment: nit: we can phrase it something like `remoteWriteUrl cannot be null or empty` ########## flink-connector-prometheus-request-signer-amp/src/main/java/org/apache/flink/connector/prometheus/sink/aws/AmazonManagedPrometheusWriteRequestSigner.java: ########## @@ -0,0 +1,86 @@ +package org.apache.flink.connector.prometheus.sink.aws; + +import org.apache.flink.connector.prometheus.sink.PrometheusRequestSigner; +import org.apache.flink.util.Preconditions; + +import org.apache.commons.lang3.StringUtils; +import software.amazon.awssdk.auth.credentials.AwsCredentials; +import software.amazon.awssdk.auth.credentials.AwsCredentialsProvider; +import software.amazon.awssdk.auth.credentials.AwsSessionCredentials; +import software.amazon.awssdk.auth.credentials.DefaultCredentialsProvider; + +import java.net.MalformedURLException; +import java.net.URL; +import java.util.Map; + +/** Sign a Remote-Write request to Amazon Managed Service for Prometheus (AMP). */ +public class AmazonManagedPrometheusWriteRequestSigner implements PrometheusRequestSigner { + // Header names + private static final String X_AMZ_CONTENT_SHA_256 = "x-amz-content-sha256"; + private static final String AUTHORIZATION = "Authorization"; + + private final URL remoteWriteUrl; + private final String awsRegion; + + /** + * Creates a signer instance using DefaultAWSCredentialsProviderChain. + * + * @param remoteWriteUrl URL of the remote-write endpoint + * @param awsRegion Region of the AMP workspace + */ + public AmazonManagedPrometheusWriteRequestSigner(String remoteWriteUrl, String awsRegion) { + Preconditions.checkArgument( + StringUtils.isNotBlank(awsRegion), "Missing or blank AMP workspace region"); + Preconditions.checkNotNull( Review Comment: I think this is supposed to be `Preconditions.checkArgument(` . We should also have unit tests for this. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@flink.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
