Configuring SugarCRM to use ElasticSearch with AWS Auth

After a bit of searching I didn't see this posted anywhere, and the official Sugar docs specify that the only allowed 'transport' values are 'http' or 'https'.

$sugar_config['full_text_engine']['Elastic'] = [
    'host' => '<host>',
    'port' => '9200',
    'transport' => 'AwsAuthV4',
    'aws_region' => '<region>', // Ex. us-east-1
    'aws_access_key_id' => '<key id>',
    'aws_secret_access_key' => '<access key>'
];

Verified to connect on Sugar Enterprise 8.0.x which ships with Elastica 6.0.1.

  • Hey John,

    I've been working with a new AWS ElasticSearch Service domain recently–you're right. The documentation is pretty much non-existent.

    After reading through the Elastica source code, it looks like it operates on one of `80` or `443` depending upon an SSL configuration option. SugarCRM is wrapping Elastica and I believe `port` is entirely ignored. Unfortunately, I believe `ssl` is also ignored at this time, and it forces operation on `80` only. I'm waiting to here back from support on this limitation:

    // This configuration only works for an AWS Search Domain Configured without SSL
    $sugar_config['full_text_engine']['Elastic'] = [
        'host' => '<host>', // Ex. vpc-your-es-domain-xxxxxyyyyyzzzzz.us-east-1.es.amazon.com
        'transport' => 'AwsAuthV4',
        'aws_region' => '<region>', // Ex. us-east-1
        'aws_access_key_id' => '<key id>',
        'aws_secret_access_key' => '<access key>'
    ];

    Initially, I was also running into a problem by copying the full host from AWS when the host here must not have a protocol attached, that is do not include 'http://' or 'https://', which I believe goes for all Elastic systems, but it was just too tempting to copy and paste from the AWS Console.