AWS ElasticSearch Service allows you to secure connections to your amazon elasticsearch servers in two ways:
- Restrict by IP
- Sign your request with IAM
Using the restrict by IP option is easy, but it won’t work in places like Heroku, where you don’t have control of the IP address of your app.
So you are left with option #2. However, the `elasticsearch-ruby` gem does not have any way to sign your request using IAM.
To add this functionality, we have to use a Faraday Middleware to inject aws code singing into `elasticsearch-ruby`. There is a gem `faraday_middleware-aws-signers-v4` that handles the code signing, but we have to configure `elasticsearch-ruby` to use it.
Here is how you do it
require the proper gems
gem ‘aws-sdk’,'< 2.0′
gem ‘faraday_middleware’
gem ‘faraday_middleware-aws-signers-v4’
add this to your config/initializers