block-deletes

[TylerPachal]

The Problem

I just accidentally deleted a lot of documents from a remote cluster because I forgot this tunnel was opened 🤦.

The Solution

Add a -block-deletes flag which will block delete requests from being proxied through to the cluster. I am very rarely wanting to connect to a remote cluster to do delete operations, so from now on I will use this library like so:

aws-es-proxy -block-deletes -endpoint http://foobar

The default is still to allow requests unless you opt-out using the new flag.

Risks

1. I am not a heavy ES user so I don't think I've covered all of the possible ways to delete things. From what I saw in the documentation disallowing DELETE requests is a good starting point. I burned myself with the _delete_by_query functionality so I also added that one. It won't do anything to block deletes that are in a _bulk query.

2. I know this isn't strictly related to proxying but I think this would be a nice option to have.

Other

• I tested this locally using go run aws-es-proxy.go -block-deletes -endpoint <my_endpoint> and sent through some DELETE requests and some _delete_by_query requests, all of which were blocked with a log indicating what happened:

$ go run aws-es-proxy.go -block-deletes -endpoint https://myendpoint.amazonaws.com     
INFO[2021-13-07 14:48:29] Listening on 127.0.0.1:9200...               
WARN[2021-13-07 14:48:41] Blocked Delete Request   

[TylerPachal]

Annotation: I re-ran the proxy with -h and I guess this option had not been documented yet either.

[abutaha]

Thanks for submitting this. It's a cool a feature. Let me review it and get it merged the soonest.