无法使用cognito访问基于nginx的aws kibana专有网络

llycmphe  于 2021-06-15  发布在  ElasticSearch
关注(0)|答案(0)|浏览(211)

我使用基于专有网络的elasticsearch,对于连接到kibana我使用nginx反向代理。我被跟踪了:https://aws.amazon.com/premiumsupport/knowledge-center/kibana-outside-vpc-nginx-elasticsearch/?nc1=h_ls.
当我尝试访问https://ec2-x-x-x-x.region-x.compute.amazonaws.com (ec2示例包含nginx)。我有一个重定向到https://ec2-x-x-x-x.region-x.compute.amazonaws.com/login?response_type=code&client_id=x... 相反https://auth.website.com/login?response_type=code&client_id=x... (auth.website.com是cognito主机)
我有一个502坏网关。
我的nginx配置:

server {
            listen 443;
            server_name $host;
            rewrite ^/$ https://$host/_plugin/kibana redirect;

            ssl_certificate           /etc/nginx/cert.crt;
            ssl_certificate_key       /etc/nginx/cert.key;

            ssl on;
            ssl_session_cache  builtin:1000  shared:SSL:10m;
            ssl_protocols  TLSv1 TLSv1.1 TLSv1.2;
            ssl_ciphers HIGH:!aNULL:!eNULL:!EXPORT:!CAMELLIA:!DES:!MD5:!PSK:!RC4;
            ssl_prefer_server_ciphers on;

            location /_plugin/kibana {
                # Forward requests to Kibana
                proxy_pass https://vpc-domain-xxxxx.region.es.amazonaws.com/_plugin/kibana;

                # Handle redirects to Amazon Cognito
                proxy_redirect https://auth.exmample.com https://$host;

                # Update cookie domain and path
                proxy_cookie_domain vpc-domain-xxxxx.region.es.amazonaws.com $host;
                proxy_cookie_path / /_plugin/kibana/;

                # Response buffer settings
                proxy_buffer_size 128k;
                proxy_buffers 4 256k;
                proxy_busy_buffers_size 256k;
            }

            location ~ \/(log|sign|error|fav|forgot|change|saml|oauth2) {
                # Forward requests to Cognito
                proxy_pass https://auth.exmample.com;

                # Handle redirects to Kibana
                proxy_redirect https://vpc-domain-xxxxx.region.es.amazonaws.com https://$host;

                # Update cookie domain
                proxy_cookie_domain auth.exmample.com $host;
            }
        }

谢谢您

暂无答案!

目前还没有任何答案,快来回答吧!

相关问题