/* * SPDX-License-Identifier: Apache-2.0 * * The OpenSearch Contributors require contributions made to * this file be licensed under the Apache-2.0 license or a * compatible open source license. */ /* * Licensed to Elasticsearch under one or more contributor * license agreements. See the NOTICE file distributed with * this work for additional information regarding copyright * ownership. Elasticsearch licenses this file to you under * the Apache License, Version 2.0 (the "License"); you may * not use this file except in compliance with the License. * You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, * software distributed under the License is distributed on an * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY * KIND, either express or implied. See the License for the * specific language governing permissions and limitations * under the License. */ /* * Modifications Copyright OpenSearch Contributors. See * GitHub history for details. */ grant { // needed because of problems in ClientConfiguration // TODO: get these fixed in aws sdk permission java.lang.RuntimePermission "accessDeclaredMembers"; // NOTE: no tests fail without this, but we know the problem // exists in AWS sdk, and tests here are not thorough permission java.lang.RuntimePermission "getClassLoader"; // ec2 client opens socket connections for discovery permission java.net.SocketPermission "*", "connect"; permission java.lang.reflect.ReflectPermission "suppressAccessChecks"; permission java.util.PropertyPermission "aws.sharedCredentialsFile", "read,write"; permission java.util.PropertyPermission "aws.configFile", "read,write"; permission java.util.PropertyPermission "aws.region", "read,write"; permission java.util.PropertyPermission "aws.accessKeyId", "read,write"; permission java.util.PropertyPermission "aws.secretAccessKey", "read,write"; permission java.util.PropertyPermission "opensearch.path.conf", "read,write"; permission java.io.FilePermission "config", "read"; };