wu-sheng commented on code in PR #10684: URL: https://github.com/apache/skywalking/pull/10684#discussion_r1167426233
########## docs/en/setup/backend/aws-firehose-receiver.md: ########## @@ -32,5 +32,7 @@ The following blogs demonstrate complete setup process for AWS S3 and API Gatewa ## Notice 1. Only OpenTelemetry format is supported (refer to [Metric streams output formats](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch-metric-streams-formats.html)) -2. A proxy(e.g. Nginx, Envoy) is required in front of OAP's Firehose receiver to accept HTTPS requests from AWS Firehose through port `443` (refer to [Amazon Kinesis Data Firehose Delivery Stream HTTP Endpoint Delivery Specifications](https://docs.aws.amazon.com/firehose/latest/dev/httpdeliveryrequestresponse.html). +2. According to HTTPS requirement by AWS Firehose(refer to [Amazon Kinesis Data Firehose Delivery Stream HTTP Endpoint Delivery Specifications](https://docs.aws.amazon.com/firehose/latest/dev/httpdeliveryrequestresponse.html), users have two options + - A proxy(e.g. Nginx, Envoy) is required in front of OAP's Firehose receiver to accept HTTPS requests from AWS Firehose through port `443`. (Recommended based on the general security policy) + - Set `aws-firehose/enableTLS=true` and `acceptProxyRequest=true` at OAP side to accept requests from firehose directly. Review Comment: This seems never recommended by us, I think. This configuration is not straight forward, we knew this only we read source codes of America. I don't think users would know. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
