cloudstack-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Likitha Shetty" <>
Subject Re: Review Request: [EC2 Query API] Remove the registration step since query API does not require the certificate.
Date Fri, 21 Dec 2012 13:00:07 GMT

This is an automatically generated e-mail. To reply, visit:

(Updated Dec. 21, 2012, 1 p.m.)

Review request for cloudstack, Prachi Damle, Chiradeep Vittal, and Sebastien Goasguen.

Description (updated)

While checking if the user keys exists and also while retrieving the secret-key for signature
generation (Query API only), make a change to directly check in the 'cloud' DB instead of
the 'cloudbridge' DB.
With this change user will not require to register the keys before making EC2 Query API calls
against CS. The registration process to make EC2 SOAP API calls will remain the same.


  awsapi/src/com/cloud/bridge/model/ PRE-CREATION 
  awsapi/src/com/cloud/bridge/persist/dao/ PRE-CREATION 
  awsapi/src/com/cloud/bridge/persist/dao/ PRE-CREATION 
  awsapi/src/com/cloud/bridge/service/ 4f74873 


Testing (updated)

Manual testing done

Changed 'enable.ec2.api' flag value to true
Generated user api-key and secret-key using CS UI

1) Using python boto client established a connection to CS AWSAPI 
1. using the right keys,
    a. Made an ec2 api call - get_all_images() - Successfully returned the images
2. using the wrong api key, 
    a. Made an ec2 api call - get_all_images() - Returned error 'No secret key found for the
access key'
3. using the the wrong secret key,
    a. Made an ec2 api call - get_all_images() - Returned error 'Signature mismatch' 
2) Encrypted the DB and tried the above steps - Obtained the same results

3) Performed the registration required for SOAP calls using cloudstack-aws-api-register script
   Made ec2 soap api call - ec2_describe_images - Successfully returned the images


Likitha Shetty

  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message