WORKERS AHEAD!
You are viewing the development documentation for the Apereo CAS server. The functionality presented here is not officially released yet. This is a work in progress and will be continually updated as development moves forward. You are most encouraged to test the changes presented.
AWS SQS Logging
Log data can be automatically routed to AWS SQS. Support is enabled by including the following module in the overlay:
1
2
3
4
5
<dependency>
<groupId>org.apereo.cas</groupId>
<artifactId>cas-server-support-logging-config-sqs</artifactId>
<version>${cas.version}</version>
</dependency>
1
implementation "org.apereo.cas:cas-server-support-logging-config-sqs:${project.'cas.version'}"
1
2
3
4
5
6
7
8
9
dependencyManagement {
imports {
mavenBom "org.apereo.cas:cas-server-support-bom:${project.'cas.version'}"
}
}
dependencies {
implementation "org.apereo.cas:cas-server-support-logging-config-sqs"
}
1
2
3
4
5
6
7
8
9
10
dependencies {
/*
The following platform references should be included automatically and are listed here for reference only.
implementation enforcedPlatform("org.apereo.cas:cas-server-support-bom:${project.'cas.version'}")
implementation platform(org.springframework.boot.gradle.plugin.SpringBootPlugin.BOM_COORDINATES)
*/
implementation "org.apereo.cas:cas-server-support-logging-config-sqs"
}
With the above module, you may then declare a specific appender to communicate with AWS SQS:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
<SQSAppender name="SQSAppender"
region="us-west-1"
credentialAccessKey="..."
credentialSecretKey="..."
queueName="CAS"
endpoint="..."
queueTags="tag1->value1,tag2->value2">
<PatternLayout>
<Pattern>%5p | %d{ISO8601}{UTC} | %t | %C | %M:%L | %m %ex %n</Pattern>
</PatternLayout>
</SQSAppender>
...
<Logger name="org.apereo.cas" level="trace" additivity="false">
<AppenderRef ref="SQSAppender"/>
</Logger>
The endpoint setting is optional. If the SQS queue indicated by queueName does not exist, it will be automatically
created by CAS when the appender is initialized and started.
AWS credentials are fetched from the following sources automatically, where relevant and made possible via CAS configuration:
- EC2 instance metadata linked to the IAM role.
- External properties file that contains
accessKeyandsecretKeyas property keys. - AWS profile path and profile name.
- System properties that include
aws.accessKeyId,aws.secretKeyandaws.sessionToken - Environment variables that include
AWS_ACCESS_KEY_ID,AWS_SECRET_KEYandAWS_SESSION_TOKEN. - Properties file on the classpath as
awscredentials.propertiesthat containsaccessKeyandsecretKeyas property keys. - Static credentials for access key and secret provided directly by the configuration at hand (logging, etc).