otlp-sigv4-client
| Crates.io | otlp-sigv4-client |
| lib.rs | otlp-sigv4-client |
| version | 0.1.0 |
| source | src |
| created_at | 2024-12-08 19:57:43.603858 |
| updated_at | 2024-12-08 19:57:43.603858 |
| description | AWS SigV4 authentication client for OpenTelemetry |
| homepage | https://github.com/dev7a/lambda-otlp-forwarder |
| repository | https://github.com/dev7a/lambda-otlp-forwarder/tree/main/packages/rust/otlp-sigv4-client |
| max_upload_size | |
| id | 1476589 |
| size | 92,992 |
Alessandro Bologna (alessandrobologna)
documentation
README
otlp-sigv4-client
A SigV4-compatible HTTP client wrapper for OpenTelemetry OTLP exporters, enabling AWS authentication for sending telemetry data to the Cloudwatch OLTP endpoint
Features
- AWS SigV4 authentication for OpenTelemetry OTLP exporters
- Support for both reqwest and hyper HTTP clients
- Automatic AWS region detection from environment
- Configurable AWS service name
- Compatible with AWS credentials provider chain
- Implements OpenTelemetry's
HttpClienttrait
Installation
Add this to your Cargo.toml or run cargo add otlp-sigv4-client:
[dependencies]
otlp-sigv4-client = "0.1.0"
Usage
Here's a basic example using the reqwest HTTP client:
use aws_config;
use aws_credential_types::provider::ProvideCredentials;
use opentelemetry_otlp::{HttpExporterBuilder, WithHttpConfig};
use otlp_sigv4_client::SigV4ClientBuilder;
use reqwest::Client as ReqwestClient;
#[tokio::main]
async fn main() -> Result<(), Box<dyn std::error::Error + Send + Sync>> {
// Load AWS configuration from the environment
let config = aws_config::load_from_env().await;
let credentials = config
.credentials_provider()
.expect("No credentials provider found")
.provide_credentials()
.await?;
// Create the SigV4 client
let sigv4_client = SigV4ClientBuilder::new()
.with_client(ReqwestClient::new())
.with_credentials(credentials)
.with_service("xray") // AWS X-Ray service name
.build()?;
// Configure and build the OTLP exporter
let exporter = HttpExporterBuilder::default()
.with_http_client(sigv4_client)
.with_endpoint("https://xray.us-east-1.amazonaws.com")
.build_span_exporter()?;
// Use the exporter with your OpenTelemetry pipeline...
Ok(())
}
Configuration
AWS Region
The region is determined in the following order:
- Explicitly set via
with_region() - Environment variable
AWS_REGION - Default value "us-east-1"
AWS Credentials
The client supports any valid AWS credentials source:
- Environment variables (
AWS_ACCESS_KEY_ID,AWS_SECRET_ACCESS_KEY) - AWS credentials file (
~/.aws/credentials) - IAM roles (EC2 instance role, ECS task role, Lambda function role)
- Other AWS credential sources (SSO, web identity, etc.)
Required IAM Permissions
The client requires the following IAM permissions:
xray:PutTraceSegmentsxray:PutSpansxray:PutSpansForIndexing
HTTP Client
The crate supports both reqwest and hyper HTTP clients through feature flags:
reqwest(default): Use reqwest HTTP clienthyper: Use hyper HTTP client
Examples
Check out the examples directory for more detailed examples:
- SigV4 Authentication: Example showing AWS SigV4 authentication configuration and usage
- More examples coming soon...
AWS Service Compatibility
This client is compatible with AWS services that accept OTLP data and require SigV4 authentication:
- AWS X-Ray
- Amazon Managed Service for Prometheus
- Other AWS services that accept OTLP format
Contributing
Contributions are welcome! Please feel free to submit a Pull Request.
License
This project is licensed under the MIT License - see the LICENSE file for details.
Acknowledgments
This crate is part of the lambda-otlp-forwarder project.