Ec2 Discovery: Cleanup deprecated settings (#24150)

This commit removes the deprecated cloud.aws.* settings. It also removes
backcompat for specifying `discovery.type: ec2`, and unused aws signer
code which was removed in a previous PR.

docs/reference/migration/migrate_6_0/plugins.asciidoc

@@ -47,6 +47,8 @@ See {plugins}/repository-azure-usage.html#repository-azure-repository-settings[A
 * The region setting has been removed. This includes the settings `cloud.aws.region`
 and `cloud.aws.ec2.region`. Instead, specify the full endpoint.
 
+* All `cloud.aws.*` and `cloud.aws.ec2.*` settings have been removed. Use `discovery.ec2.*` settings instead.
+
 ==== Ignoring hidden folders
 
 Previous versions of Elasticsearch would skip hidden files and directories when

plugins/discovery-ec2/src/main/java/org/elasticsearch/discovery/ec2/AwsEc2Service.java

@@ -38,198 +38,84 @@ import java.util.function.Function;
 interface AwsEc2Service {
     Setting<Boolean> AUTO_ATTRIBUTE_SETTING = Setting.boolSetting("cloud.node.auto_attributes", false, Property.NodeScope);
 
-    // Global AWS settings (shared between discovery-ec2 and repository-s3)
-    // Each setting starting with `cloud.aws` also exists in repository-s3 project. Don't forget to update
-    // the code there if you change anything here.
-    /**
-     * cloud.aws.access_key: AWS Access key. Shared with repository-s3 plugin
-     */
-    Setting<SecureString> KEY_SETTING = new Setting<>("cloud.aws.access_key", "", SecureString::new,
-            Property.NodeScope, Property.Filtered, Property.Shared, Property.Deprecated);
-    /**
-     * cloud.aws.secret_key: AWS Secret key. Shared with repository-s3 plugin
-     */
-    Setting<SecureString> SECRET_SETTING = new Setting<>("cloud.aws.secret_key", "", SecureString::new,
-        Property.NodeScope, Property.Filtered, Property.Shared, Property.Deprecated);
-    /**
-     * cloud.aws.protocol: Protocol for AWS API: http or https. Defaults to https. Shared with repository-s3 plugin
-     */
-    Setting<Protocol> PROTOCOL_SETTING = new Setting<>("cloud.aws.protocol", "https", s -> Protocol.valueOf(s.toUpperCase(Locale.ROOT)),
-        Property.NodeScope, Property.Shared, Property.Deprecated);
-    /**
-     * cloud.aws.proxy.host: In case of proxy, define its hostname/IP. Shared with repository-s3 plugin
-     */
-    Setting<String> PROXY_HOST_SETTING = Setting.simpleString("cloud.aws.proxy.host",
-        Property.NodeScope, Property.Shared, Property.Deprecated);
+    class HostType {
+        public static final String PRIVATE_IP = "private_ip";
+        public static final String PUBLIC_IP = "public_ip";
+        public static final String PRIVATE_DNS = "private_dns";
+        public static final String PUBLIC_DNS = "public_dns";
+        public static final String TAG_PREFIX = "tag:";
+    }
+
+    /** The access key (ie login id) for connecting to ec2. */
+    Setting<SecureString> ACCESS_KEY_SETTING = SecureSetting.secureString("discovery.ec2.access_key", null);
+
+    /** The secret key (ie password) for connecting to ec2. */
+    Setting<SecureString> SECRET_KEY_SETTING = SecureSetting.secureString("discovery.ec2.secret_key", null);
+
+    /** An override for the ec2 endpoint to connect to. */
+    Setting<String> ENDPOINT_SETTING = new Setting<>("discovery.ec2.endpoint", "",
+        s -> s.toLowerCase(Locale.ROOT), Property.NodeScope);
+
+    /** The protocol to use to connect to to ec2. */
+    Setting<Protocol> PROTOCOL_SETTING = new Setting<>("discovery.ec2.protocol", "https",
+        s -> Protocol.valueOf(s.toUpperCase(Locale.ROOT)), Property.NodeScope);
+
+    /** The host name of a proxy to connect to ec2 through. */
+    Setting<String> PROXY_HOST_SETTING = Setting.simpleString("discovery.ec2.proxy.host", Property.NodeScope);
+
+    /** The port of a proxy to connect to ec2 through. */
+    Setting<Integer> PROXY_PORT_SETTING = Setting.intSetting("discovery.ec2.proxy.port", 80, 0, 1<<16, Property.NodeScope);
+
+    /** The username of a proxy to connect to s3 through. */
+    Setting<SecureString> PROXY_USERNAME_SETTING = SecureSetting.secureString("discovery.ec2.proxy.username", null);
+
+    /** The password of a proxy to connect to s3 through. */
+    Setting<SecureString> PROXY_PASSWORD_SETTING =  SecureSetting.secureString("discovery.ec2.proxy.password", null);
+
+    /** The socket timeout for connecting to s3. */
+    Setting<TimeValue> READ_TIMEOUT_SETTING = Setting.timeSetting("discovery.ec2.read_timeout",
+        TimeValue.timeValueMillis(ClientConfiguration.DEFAULT_SOCKET_TIMEOUT), Property.NodeScope);
+
     /**
-     * cloud.aws.proxy.port: In case of proxy, define its port. Defaults to 80. Shared with repository-s3 plugin
+     * discovery.ec2.host_type: The type of host type to use to communicate with other instances.
+     * Can be one of private_ip, public_ip, private_dns, public_dns or tag:XXXX where
+     * XXXX refers to a name of a tag configured for all EC2 instances. Instances which don't
+     * have this tag set will be ignored by the discovery process. Defaults to private_ip.
      */
-    Setting<Integer> PROXY_PORT_SETTING = Setting.intSetting("cloud.aws.proxy.port", 80, 0, 1<<16,
-        Property.NodeScope, Property.Shared, Property.Deprecated);
+    Setting<String> HOST_TYPE_SETTING =
+        new Setting<>("discovery.ec2.host_type", HostType.PRIVATE_IP, Function.identity(), Property.NodeScope);
     /**
-     * cloud.aws.proxy.username: In case of proxy with auth, define the username. Shared with repository-s3 plugin
+     * discovery.ec2.any_group: If set to false, will require all security groups to be present for the instance to be used for the
+     * discovery. Defaults to true.
      */
-    Setting<SecureString> PROXY_USERNAME_SETTING = new Setting<>("cloud.aws.proxy.username", "", SecureString::new,
-        Property.NodeScope, Property.Filtered, Property.Shared, Property.Deprecated);
+    Setting<Boolean> ANY_GROUP_SETTING =
+        Setting.boolSetting("discovery.ec2.any_group", true, Property.NodeScope);
     /**
-     * cloud.aws.proxy.password: In case of proxy with auth, define the password. Shared with repository-s3 plugin
+     * discovery.ec2.groups: Either a comma separated list or array based list of (security) groups. Only instances with the provided
+     * security groups will be used in the cluster discovery. (NOTE: You could provide either group NAME or group ID.)
      */
-    Setting<SecureString> PROXY_PASSWORD_SETTING = new Setting<>("cloud.aws.proxy.password", "", SecureString::new,
-        Property.NodeScope, Property.Filtered, Property.Shared, Property.Deprecated);
+    Setting<List<String>> GROUPS_SETTING =
+        Setting.listSetting("discovery.ec2.groups", new ArrayList<>(), s -> s.toString(), Property.NodeScope);
     /**
-     * cloud.aws.read_timeout: Socket read timeout. Shared with repository-s3 plugin
+     * discovery.ec2.availability_zones: Either a comma separated list or array based list of availability zones. Only instances within
+     * the provided availability zones will be used in the cluster discovery.
      */
-    Setting<TimeValue> READ_TIMEOUT = Setting.timeSetting("cloud.aws.read_timeout",
-        TimeValue.timeValueMillis(ClientConfiguration.DEFAULT_SOCKET_TIMEOUT), Property.NodeScope, Property.Shared, Property.Deprecated);
-
+    Setting<List<String>> AVAILABILITY_ZONES_SETTING =
+        Setting.listSetting("discovery.ec2.availability_zones", Collections.emptyList(), s -> s.toString(),
+            Property.NodeScope);
     /**
-     * Defines specific ec2 settings starting with cloud.aws.ec2.
+     * discovery.ec2.node_cache_time: How long the list of hosts is cached to prevent further requests to the AWS API. Defaults to 10s.
      */
-    interface CLOUD_EC2 {
-        /**
-         * cloud.aws.ec2.access_key: AWS Access key specific for EC2 API calls. Defaults to cloud.aws.access_key.
-         * @see AwsEc2Service#KEY_SETTING
-         */
-        Setting<SecureString> KEY_SETTING = new Setting<>("cloud.aws.ec2.access_key", AwsEc2Service.KEY_SETTING,
-            SecureString::new, Property.NodeScope, Property.Filtered, Property.Deprecated);
-
-        /**
-         * cloud.aws.ec2.secret_key: AWS Secret key specific for EC2 API calls. Defaults to cloud.aws.secret_key.
-         * @see AwsEc2Service#SECRET_SETTING
-         */
-        Setting<SecureString> SECRET_SETTING = new Setting<>("cloud.aws.ec2.secret_key", AwsEc2Service.SECRET_SETTING,
-            SecureString::new, Property.NodeScope, Property.Filtered, Property.Deprecated);
-        /**
-         * cloud.aws.ec2.protocol: Protocol for AWS API specific for EC2 API calls: http or https.  Defaults to cloud.aws.protocol.
-         * @see AwsEc2Service#PROTOCOL_SETTING
-         */
-        Setting<Protocol> PROTOCOL_SETTING = new Setting<>("cloud.aws.ec2.protocol", AwsEc2Service.PROTOCOL_SETTING,
-            s -> Protocol.valueOf(s.toUpperCase(Locale.ROOT)), Property.NodeScope, Property.Deprecated);
-        /**
-         * cloud.aws.ec2.proxy.host: In case of proxy, define its hostname/IP specific for EC2 API calls. Defaults to cloud.aws.proxy.host.
-         * @see AwsEc2Service#PROXY_HOST_SETTING
-         */
-        Setting<String> PROXY_HOST_SETTING = new Setting<>("cloud.aws.ec2.proxy.host", AwsEc2Service.PROXY_HOST_SETTING,
-            Function.identity(), Property.NodeScope, Property.Deprecated);
-        /**
-         * cloud.aws.ec2.proxy.port: In case of proxy, define its port specific for EC2 API calls.  Defaults to cloud.aws.proxy.port.
-         * @see AwsEc2Service#PROXY_PORT_SETTING
-         */
-        Setting<Integer> PROXY_PORT_SETTING = new Setting<>("cloud.aws.ec2.proxy.port", AwsEc2Service.PROXY_PORT_SETTING,
-            s -> Setting.parseInt(s, 0, 1<<16, "cloud.aws.ec2.proxy.port"), Property.NodeScope, Property.Deprecated);
-        /**
-         * cloud.aws.ec2.proxy.username: In case of proxy with auth, define the username specific for EC2 API calls.
-         * Defaults to cloud.aws.proxy.username.
-         * @see AwsEc2Service#PROXY_USERNAME_SETTING
-         */
-        Setting<SecureString> PROXY_USERNAME_SETTING = new Setting<>("cloud.aws.ec2.proxy.username", AwsEc2Service.PROXY_USERNAME_SETTING,
-            SecureString::new, Property.NodeScope, Property.Filtered, Property.Deprecated);
-        /**
-         * cloud.aws.ec2.proxy.password: In case of proxy with auth, define the password specific for EC2 API calls.
-         * Defaults to cloud.aws.proxy.password.
-         * @see AwsEc2Service#PROXY_PASSWORD_SETTING
-         */
-        Setting<SecureString> PROXY_PASSWORD_SETTING = new Setting<>("cloud.aws.ec2.proxy.password", AwsEc2Service.PROXY_PASSWORD_SETTING,
-            SecureString::new, Property.NodeScope, Property.Filtered, Property.Deprecated);
-        /**
-         * cloud.aws.ec2.endpoint: Endpoint. If not set, endpoint will be guessed based on region setting.
-         */
-        Setting<String> ENDPOINT_SETTING = Setting.simpleString("cloud.aws.ec2.endpoint", Property.NodeScope, Property.Deprecated);
-        /**
-         * cloud.aws.ec2.read_timeout: Socket read timeout. Defaults to cloud.aws.read_timeout
-         * @see AwsEc2Service#READ_TIMEOUT
-         */
-        Setting<TimeValue> READ_TIMEOUT =
-            Setting.timeSetting("cloud.aws.ec2.read_timeout", AwsEc2Service.READ_TIMEOUT, Property.NodeScope, Property.Deprecated);
-    }
+    Setting<TimeValue> NODE_CACHE_TIME_SETTING =
+        Setting.timeSetting("discovery.ec2.node_cache_time", TimeValue.timeValueSeconds(10), Property.NodeScope);
 
     /**
-     * Defines discovery settings for ec2. Starting with discovery.ec2.
+     * discovery.ec2.tag.*: The ec2 discovery can filter machines to include in the cluster based on tags (and not just groups).
+     * The settings to use include the discovery.ec2.tag. prefix. For example, setting discovery.ec2.tag.stage to dev will only filter
+     * instances with a tag key set to stage, and a value of dev. Several tags set will require all of those tags to be set for the
+     * instance to be included.
      */
-    interface DISCOVERY_EC2 {
-        class HostType {
-            public static final String PRIVATE_IP = "private_ip";
-            public static final String PUBLIC_IP = "public_ip";
-            public static final String PRIVATE_DNS = "private_dns";
-            public static final String PUBLIC_DNS = "public_dns";
-            public static final String TAG_PREFIX = "tag:";
-        }
-
-        /** The access key (ie login id) for connecting to ec2. */
-        Setting<SecureString> ACCESS_KEY_SETTING = SecureSetting.secureString("discovery.ec2.access_key", CLOUD_EC2.KEY_SETTING);
-
-        /** The secret key (ie password) for connecting to ec2. */
-        Setting<SecureString> SECRET_KEY_SETTING = SecureSetting.secureString("discovery.ec2.secret_key", CLOUD_EC2.SECRET_SETTING);
-
-        /** An override for the ec2 endpoint to connect to. */
-        Setting<String> ENDPOINT_SETTING = new Setting<>("discovery.ec2.endpoint", CLOUD_EC2.ENDPOINT_SETTING,
-            s -> s.toLowerCase(Locale.ROOT), Setting.Property.NodeScope);
-
-        /** The protocol to use to connect to to ec2. */
-        Setting<Protocol> PROTOCOL_SETTING = new Setting<>("discovery.ec2.protocol", CLOUD_EC2.PROTOCOL_SETTING,
-            s -> Protocol.valueOf(s.toUpperCase(Locale.ROOT)), Setting.Property.NodeScope);
-
-        /** The host name of a proxy to connect to ec2 through. */
-        Setting<String> PROXY_HOST_SETTING = new Setting<>("discovery.ec2.proxy.host", CLOUD_EC2.PROXY_HOST_SETTING,
-            Function.identity(), Setting.Property.NodeScope);
-
-        /** The port of a proxy to connect to ec2 through. */
-        Setting<Integer> PROXY_PORT_SETTING = Setting.intSetting("discovery.ec2.proxy.port", CLOUD_EC2.PROXY_PORT_SETTING,
-            0, Setting.Property.NodeScope);
-
-        /** The username of a proxy to connect to s3 through. */
-        Setting<SecureString> PROXY_USERNAME_SETTING = SecureSetting.secureString("discovery.ec2.proxy.username",
-            CLOUD_EC2.PROXY_USERNAME_SETTING);
-
-        /** The password of a proxy to connect to s3 through. */
-        Setting<SecureString> PROXY_PASSWORD_SETTING =  SecureSetting.secureString("discovery.ec2.proxy.password",
-            CLOUD_EC2.PROXY_PASSWORD_SETTING);
-
-        /** The socket timeout for connecting to s3. */
-        Setting<TimeValue> READ_TIMEOUT_SETTING = Setting.timeSetting("discovery.ec2.read_timeout",
-            CLOUD_EC2.READ_TIMEOUT, Setting.Property.NodeScope);
-
-        /**
-         * discovery.ec2.host_type: The type of host type to use to communicate with other instances.
-         * Can be one of private_ip, public_ip, private_dns, public_dns or tag:XXXX where
-         * XXXX refers to a name of a tag configured for all EC2 instances. Instances which don't
-         * have this tag set will be ignored by the discovery process. Defaults to private_ip.
-         */
-        Setting<String> HOST_TYPE_SETTING =
-            new Setting<>("discovery.ec2.host_type", HostType.PRIVATE_IP, Function.identity(), Property.NodeScope);
-        /**
-         * discovery.ec2.any_group: If set to false, will require all security groups to be present for the instance to be used for the
-         * discovery. Defaults to true.
-         */
-        Setting<Boolean> ANY_GROUP_SETTING =
-            Setting.boolSetting("discovery.ec2.any_group", true, Property.NodeScope);
-        /**
-         * discovery.ec2.groups: Either a comma separated list or array based list of (security) groups. Only instances with the provided
-         * security groups will be used in the cluster discovery. (NOTE: You could provide either group NAME or group ID.)
-         */
-        Setting<List<String>> GROUPS_SETTING =
-            Setting.listSetting("discovery.ec2.groups", new ArrayList<>(), s -> s.toString(), Property.NodeScope);
-        /**
-         * discovery.ec2.availability_zones: Either a comma separated list or array based list of availability zones. Only instances within
-         * the provided availability zones will be used in the cluster discovery.
-         */
-        Setting<List<String>> AVAILABILITY_ZONES_SETTING =
-            Setting.listSetting("discovery.ec2.availability_zones", Collections.emptyList(), s -> s.toString(),
-                Property.NodeScope);
-        /**
-         * discovery.ec2.node_cache_time: How long the list of hosts is cached to prevent further requests to the AWS API. Defaults to 10s.
-         */
-        Setting<TimeValue> NODE_CACHE_TIME_SETTING =
-            Setting.timeSetting("discovery.ec2.node_cache_time", TimeValue.timeValueSeconds(10), Property.NodeScope);
-
-        /**
-         * discovery.ec2.tag.*: The ec2 discovery can filter machines to include in the cluster based on tags (and not just groups).
-         * The settings to use include the discovery.ec2.tag. prefix. For example, setting discovery.ec2.tag.stage to dev will only filter
-         * instances with a tag key set to stage, and a value of dev. Several tags set will require all of those tags to be set for the
-         * instance to be included.
-         */
-        Setting<Settings> TAG_SETTING = Setting.groupSetting("discovery.ec2.tag.", Property.NodeScope);
-    }
+    Setting<Settings> TAG_SETTING = Setting.groupSetting("discovery.ec2.tag.", Property.NodeScope);
 
     AmazonEC2 client();
 }

plugins/discovery-ec2/src/main/java/org/elasticsearch/discovery/ec2/AwsEc2ServiceImpl.java

@@ -69,8 +69,8 @@ class AwsEc2ServiceImpl extends AbstractComponent implements AwsEc2Service, Clos
     protected static AWSCredentialsProvider buildCredentials(Logger logger, Settings settings) {
         AWSCredentialsProvider credentials;
 
-        try (SecureString key = DISCOVERY_EC2.ACCESS_KEY_SETTING.get(settings);
-             SecureString secret = DISCOVERY_EC2.SECRET_KEY_SETTING.get(settings)) {
+        try (SecureString key = ACCESS_KEY_SETTING.get(settings);
+             SecureString secret = SECRET_KEY_SETTING.get(settings)) {
             if (key.length() == 0 && secret.length() == 0) {
                 logger.debug("Using either environment variables, system properties or instance profile credentials");
                 credentials = new DefaultAWSCredentialsProviderChain();
@@ -88,13 +88,13 @@ class AwsEc2ServiceImpl extends AbstractComponent implements AwsEc2Service, Clos
         // the response metadata cache is only there for diagnostics purposes,
         // but can force objects from every response to the old generation.
         clientConfiguration.setResponseMetadataCacheSize(0);
-        clientConfiguration.setProtocol(DISCOVERY_EC2.PROTOCOL_SETTING.get(settings));
+        clientConfiguration.setProtocol(PROTOCOL_SETTING.get(settings));
 
-        if (PROXY_HOST_SETTING.exists(settings) || DISCOVERY_EC2.PROXY_HOST_SETTING.exists(settings)) {
-            String proxyHost = DISCOVERY_EC2.PROXY_HOST_SETTING.get(settings);
-            Integer proxyPort = DISCOVERY_EC2.PROXY_PORT_SETTING.get(settings);
-            try (SecureString proxyUsername = DISCOVERY_EC2.PROXY_USERNAME_SETTING.get(settings);
-                 SecureString proxyPassword = DISCOVERY_EC2.PROXY_PASSWORD_SETTING.get(settings)) {
+        if (PROXY_HOST_SETTING.exists(settings)) {
+            String proxyHost = PROXY_HOST_SETTING.get(settings);
+            Integer proxyPort = PROXY_PORT_SETTING.get(settings);
+            try (SecureString proxyUsername = PROXY_USERNAME_SETTING.get(settings);
+                 SecureString proxyPassword = PROXY_PASSWORD_SETTING.get(settings)) {
 
                 clientConfiguration
                     .withProxyHost(proxyHost)
@@ -121,15 +121,15 @@ class AwsEc2ServiceImpl extends AbstractComponent implements AwsEc2Service, Clos
             10,
             false);
         clientConfiguration.setRetryPolicy(retryPolicy);
-        clientConfiguration.setSocketTimeout((int) DISCOVERY_EC2.READ_TIMEOUT_SETTING.get(settings).millis());
+        clientConfiguration.setSocketTimeout((int) READ_TIMEOUT_SETTING.get(settings).millis());
 
         return clientConfiguration;
     }
 
     protected static String findEndpoint(Logger logger, Settings settings) {
         String endpoint = null;
-        if (DISCOVERY_EC2.ENDPOINT_SETTING.exists(settings) || CLOUD_EC2.ENDPOINT_SETTING.exists(settings)) {
-            endpoint = DISCOVERY_EC2.ENDPOINT_SETTING.get(settings);
+        if (ENDPOINT_SETTING.exists(settings)) {
+            endpoint = ENDPOINT_SETTING.get(settings);
             logger.debug("using explicit ec2 endpoint [{}]", endpoint);
         }
         return endpoint;

plugins/discovery-ec2/src/main/java/org/elasticsearch/discovery/ec2/AwsEc2UnicastHostsProvider.java

@@ -31,7 +31,6 @@ import com.amazonaws.services.ec2.model.Tag;
 import org.apache.logging.log4j.message.ParameterizedMessage;
 import org.apache.logging.log4j.util.Supplier;
 import org.elasticsearch.Version;
-import org.elasticsearch.discovery.ec2.AwsEc2Service.DISCOVERY_EC2;
 import org.elasticsearch.cluster.node.DiscoveryNode;
 import org.elasticsearch.common.component.AbstractComponent;
 import org.elasticsearch.common.settings.Settings;
@@ -50,11 +49,11 @@ import java.util.Set;
 import static java.util.Collections.disjoint;
 import static java.util.Collections.emptyMap;
 import static java.util.Collections.emptySet;
-import static org.elasticsearch.discovery.ec2.AwsEc2Service.DISCOVERY_EC2.HostType.TAG_PREFIX;
-import static org.elasticsearch.discovery.ec2.AwsEc2Service.DISCOVERY_EC2.HostType.PRIVATE_DNS;
-import static org.elasticsearch.discovery.ec2.AwsEc2Service.DISCOVERY_EC2.HostType.PRIVATE_IP;
-import static org.elasticsearch.discovery.ec2.AwsEc2Service.DISCOVERY_EC2.HostType.PUBLIC_DNS;
-import static org.elasticsearch.discovery.ec2.AwsEc2Service.DISCOVERY_EC2.HostType.PUBLIC_IP;
+import static org.elasticsearch.discovery.ec2.AwsEc2Service.HostType.TAG_PREFIX;
+import static org.elasticsearch.discovery.ec2.AwsEc2Service.HostType.PRIVATE_DNS;
+import static org.elasticsearch.discovery.ec2.AwsEc2Service.HostType.PRIVATE_IP;
+import static org.elasticsearch.discovery.ec2.AwsEc2Service.HostType.PUBLIC_DNS;
+import static org.elasticsearch.discovery.ec2.AwsEc2Service.HostType.PUBLIC_IP;
 
 class AwsEc2UnicastHostsProvider extends AbstractComponent implements UnicastHostsProvider {
 
@@ -79,17 +78,17 @@ class AwsEc2UnicastHostsProvider extends AbstractComponent implements UnicastHos
         this.transportService = transportService;
         this.client = awsEc2Service.client();
 
-        this.hostType = DISCOVERY_EC2.HOST_TYPE_SETTING.get(settings);
-        this.discoNodes = new DiscoNodesCache(DISCOVERY_EC2.NODE_CACHE_TIME_SETTING.get(settings));
+        this.hostType = AwsEc2Service.HOST_TYPE_SETTING.get(settings);
+        this.discoNodes = new DiscoNodesCache(AwsEc2Service.NODE_CACHE_TIME_SETTING.get(settings));
 
-        this.bindAnyGroup = DISCOVERY_EC2.ANY_GROUP_SETTING.get(settings);
+        this.bindAnyGroup = AwsEc2Service.ANY_GROUP_SETTING.get(settings);
         this.groups = new HashSet<>();
-        this.groups.addAll(DISCOVERY_EC2.GROUPS_SETTING.get(settings));
+        this.groups.addAll(AwsEc2Service.GROUPS_SETTING.get(settings));
 
-        this.tags = DISCOVERY_EC2.TAG_SETTING.get(settings).getAsMap();
+        this.tags = AwsEc2Service.TAG_SETTING.get(settings).getAsMap();
 
         this.availabilityZones = new HashSet<>();
-        availabilityZones.addAll(DISCOVERY_EC2.AVAILABILITY_ZONES_SETTING.get(settings));
+        availabilityZones.addAll(AwsEc2Service.AVAILABILITY_ZONES_SETTING.get(settings));
 
         if (logger.isDebugEnabled()) {
             logger.debug("using host_type [{}], tags [{}], groups [{}] with any_group [{}], availability_zones [{}]", hostType, tags,

plugins/discovery-ec2/src/main/java/org/elasticsearch/discovery/ec2/AwsSigner.java

@@ -1,63 +0,0 @@
-/*
- * Licensed to Elasticsearch under one or more contributor
- * license agreements. See the NOTICE file distributed with
- * this work for additional information regarding copyright
- * ownership. Elasticsearch licenses this file to you under
- * the Apache License, Version 2.0 (the "License"); you may
- * not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *    http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied.  See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-
-package org.elasticsearch.discovery.ec2;
-
-import com.amazonaws.ClientConfiguration;
-import com.amazonaws.auth.SignerFactory;
-import org.apache.logging.log4j.Logger;
-import org.elasticsearch.common.logging.Loggers;
-
-class AwsSigner {
-
-    private static final Logger logger = Loggers.getLogger(AwsSigner.class);
-
-    private AwsSigner() {
-
-    }
-
-    protected static void validateSignerType(String signer) throws IllegalArgumentException {
-        if (signer == null) {
-            throw new IllegalArgumentException("[null] signer set");
-        }
-
-        try {
-            // We check this signer actually exists in AWS SDK
-            // It throws a IllegalArgumentException if not found
-            SignerFactory.getSignerByTypeAndService(signer, null);
-        } catch (IllegalArgumentException e) {
-            throw new IllegalArgumentException("wrong signer set [" + signer + "]");
-        }
-    }
-
-    /**
-     * Add a AWS API Signer.
-     * @param signer Signer to use
-     * @param configuration AWS Client configuration
-     */
-    public static void configureSigner(String signer, ClientConfiguration configuration) {
-        try {
-            validateSignerType(signer);
-        } catch (IllegalArgumentException e) {
-            logger.warn("{}", e.getMessage());
-        }
-
-        configuration.setSignerOverride(signer);
-    }
-}

plugins/discovery-ec2/src/main/java/org/elasticsearch/discovery/ec2/Ec2DiscoveryPlugin.java

@@ -119,41 +119,22 @@ public class Ec2DiscoveryPlugin extends Plugin implements DiscoveryPlugin, Close
     @Override
     public List<Setting<?>> getSettings() {
         return Arrays.asList(
-        // Register global cloud aws settings: cloud.aws (might have been registered in ec2 plugin)
-        AwsEc2Service.KEY_SETTING,
-        AwsEc2Service.SECRET_SETTING,
+        // Register EC2 discovery settings: discovery.ec2
+        AwsEc2Service.ACCESS_KEY_SETTING,
+        AwsEc2Service.SECRET_KEY_SETTING,
+        AwsEc2Service.ENDPOINT_SETTING,
         AwsEc2Service.PROTOCOL_SETTING,
         AwsEc2Service.PROXY_HOST_SETTING,
         AwsEc2Service.PROXY_PORT_SETTING,
         AwsEc2Service.PROXY_USERNAME_SETTING,
         AwsEc2Service.PROXY_PASSWORD_SETTING,
-        AwsEc2Service.READ_TIMEOUT,
-        // Register EC2 specific settings: cloud.aws.ec2
-        AwsEc2Service.CLOUD_EC2.KEY_SETTING,
-        AwsEc2Service.CLOUD_EC2.SECRET_SETTING,
-        AwsEc2Service.CLOUD_EC2.PROTOCOL_SETTING,
-        AwsEc2Service.CLOUD_EC2.PROXY_HOST_SETTING,
-        AwsEc2Service.CLOUD_EC2.PROXY_PORT_SETTING,
-        AwsEc2Service.CLOUD_EC2.PROXY_USERNAME_SETTING,
-        AwsEc2Service.CLOUD_EC2.PROXY_PASSWORD_SETTING,
-        AwsEc2Service.CLOUD_EC2.ENDPOINT_SETTING,
-        AwsEc2Service.CLOUD_EC2.READ_TIMEOUT,
-        // Register EC2 discovery settings: discovery.ec2
-        AwsEc2Service.DISCOVERY_EC2.ACCESS_KEY_SETTING,
-        AwsEc2Service.DISCOVERY_EC2.SECRET_KEY_SETTING,
-        AwsEc2Service.DISCOVERY_EC2.ENDPOINT_SETTING,
-        AwsEc2Service.DISCOVERY_EC2.PROTOCOL_SETTING,
-        AwsEc2Service.DISCOVERY_EC2.PROXY_HOST_SETTING,
-        AwsEc2Service.DISCOVERY_EC2.PROXY_PORT_SETTING,
-        AwsEc2Service.DISCOVERY_EC2.PROXY_USERNAME_SETTING,
-        AwsEc2Service.DISCOVERY_EC2.PROXY_PASSWORD_SETTING,
-        AwsEc2Service.DISCOVERY_EC2.READ_TIMEOUT_SETTING,
-        AwsEc2Service.DISCOVERY_EC2.HOST_TYPE_SETTING,
-        AwsEc2Service.DISCOVERY_EC2.ANY_GROUP_SETTING,
-        AwsEc2Service.DISCOVERY_EC2.GROUPS_SETTING,
-        AwsEc2Service.DISCOVERY_EC2.AVAILABILITY_ZONES_SETTING,
-        AwsEc2Service.DISCOVERY_EC2.NODE_CACHE_TIME_SETTING,
-        AwsEc2Service.DISCOVERY_EC2.TAG_SETTING,
+        AwsEc2Service.READ_TIMEOUT_SETTING,
+        AwsEc2Service.HOST_TYPE_SETTING,
+        AwsEc2Service.ANY_GROUP_SETTING,
+        AwsEc2Service.GROUPS_SETTING,
+        AwsEc2Service.AVAILABILITY_ZONES_SETTING,
+        AwsEc2Service.NODE_CACHE_TIME_SETTING,
+        AwsEc2Service.TAG_SETTING,
         // Register cloud node settings: cloud.node
         AwsEc2Service.AUTO_ATTRIBUTE_SETTING);
     }
@@ -161,17 +142,6 @@ public class Ec2DiscoveryPlugin extends Plugin implements DiscoveryPlugin, Close
     @Override
     public Settings additionalSettings() {
         Settings.Builder builder = Settings.builder();
-        // For 5.0, discovery.type was used prior to the new discovery.zen.hosts_provider
-        // setting existed. This check looks for the legacy setting, and sets hosts provider if set
-        String discoveryType = DiscoveryModule.DISCOVERY_TYPE_SETTING.get(settings);
-        if (discoveryType.equals(EC2)) {
-            deprecationLogger.deprecated("using [" + DiscoveryModule.DISCOVERY_TYPE_SETTING.getKey() +
-                "] setting to set hosts provider is deprecated; " +
-                "set [" + DiscoveryModule.DISCOVERY_HOSTS_PROVIDER_SETTING.getKey() + ": " + EC2 + "] instead");
-            if (DiscoveryModule.DISCOVERY_HOSTS_PROVIDER_SETTING.exists(settings) == false) {
-                builder.put(DiscoveryModule.DISCOVERY_HOSTS_PROVIDER_SETTING.getKey(), EC2).build();
-            }
-        }
 
         // Adds a node attribute for the ec2 availability zone
         String azMetadataUrl = AwsEc2ServiceImpl.EC2_METADATA_URL + "placement/availability-zone";

plugins/discovery-ec2/src/test/java/org/elasticsearch/discovery/ec2/AWSSignersTests.java

@@ -1,73 +0,0 @@
-/*
- * Licensed to Elasticsearch under one or more contributor
- * license agreements. See the NOTICE file distributed with
- * this work for additional information regarding copyright
- * ownership. Elasticsearch licenses this file to you under
- * the Apache License, Version 2.0 (the "License"); you may
- * not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *    http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied.  See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-
-package org.elasticsearch.discovery.ec2;
-
-import com.amazonaws.ClientConfiguration;
-import org.elasticsearch.common.settings.Settings;
-import org.elasticsearch.discovery.ec2.AwsSigner;
-import org.elasticsearch.discovery.ec2.Ec2DiscoveryPlugin;
-import org.elasticsearch.test.ESTestCase;
-import org.junit.BeforeClass;
-
-import static org.hamcrest.CoreMatchers.is;
-
-public class AWSSignersTests extends ESTestCase {
-
-    /**
-     * Starts Ec2DiscoveryPlugin. It's a workaround when you run test from IntelliJ. Otherwise it generates
-     * java.security.AccessControlException: access denied ("java.lang.RuntimePermission" "accessDeclaredMembers")
-     */
-    @BeforeClass
-    public static void instantiatePlugin() {
-        new Ec2DiscoveryPlugin(Settings.EMPTY);
-    }
-
-    public void testSigners() {
-        assertThat(signerTester(null), is(false));
-        assertThat(signerTester("QueryStringSignerType"), is(true));
-        assertThat(signerTester("AWS3SignerType"), is(true));
-        assertThat(signerTester("AWS4SignerType"), is(true));
-        assertThat(signerTester("NoOpSignerType"), is(true));
-        assertThat(signerTester("UndefinedSigner"), is(false));
-
-        assertThat(signerTester("S3SignerType"), is(false));
-        assertThat(signerTester("AWSS3V4SignerType"), is(false));
-
-        ClientConfiguration configuration = new ClientConfiguration();
-        AwsSigner.configureSigner("AWS4SignerType", configuration);
-        assertEquals(configuration.getSignerOverride(), "AWS4SignerType");
-        AwsSigner.configureSigner("AWS3SignerType", configuration);
-        assertEquals(configuration.getSignerOverride(), "AWS3SignerType");
-    }
-
-    /**
-     * Test a signer configuration
-     * @param signer signer name
-     * @return true if successful, false otherwise
-     */
-    private boolean signerTester(String signer) {
-        try {
-            AwsSigner.validateSignerType(signer);
-            return true;
-        } catch (IllegalArgumentException e) {
-            return false;
-        }
-    }
-}

plugins/discovery-ec2/src/test/java/org/elasticsearch/discovery/ec2/AwsEc2ServiceImplTests.java

@@ -51,46 +51,6 @@ public class AwsEc2ServiceImplTests extends ESTestCase {
         launchAWSCredentialsWithElasticsearchSettingsTest(settings, "aws_key", "aws_secret");
     }
 
-    public void testAWSCredentialsWithElasticsearchAwsSettingsBackcompat() {
-        Settings settings = Settings.builder()
-            .put(AwsEc2Service.KEY_SETTING.getKey(), "aws_key")
-            .put(AwsEc2Service.SECRET_SETTING.getKey(), "aws_secret")
-            .build();
-        launchAWSCredentialsWithElasticsearchSettingsTest(settings, "aws_key", "aws_secret");
-        assertSettingDeprecationsAndWarnings(new Setting<?>[] {
-            AwsEc2Service.KEY_SETTING,
-            AwsEc2Service.SECRET_SETTING
-        });
-    }
-
-    public void testAWSCredentialsWithElasticsearchEc2SettingsBackcompat() {
-        Settings settings = Settings.builder()
-            .put(AwsEc2Service.CLOUD_EC2.KEY_SETTING.getKey(), "ec2_key")
-            .put(AwsEc2Service.CLOUD_EC2.SECRET_SETTING.getKey(), "ec2_secret")
-            .build();
-        launchAWSCredentialsWithElasticsearchSettingsTest(settings, "ec2_key", "ec2_secret");
-        assertSettingDeprecationsAndWarnings(new Setting<?>[] {
-            AwsEc2Service.CLOUD_EC2.KEY_SETTING,
-            AwsEc2Service.CLOUD_EC2.SECRET_SETTING
-        });
-    }
-
-    public void testAWSCredentialsWithElasticsearchAwsAndEc2Settings() {
-        Settings settings = Settings.builder()
-            .put(AwsEc2Service.KEY_SETTING.getKey(), "aws_key")
-            .put(AwsEc2Service.SECRET_SETTING.getKey(), "aws_secret")
-            .put(AwsEc2Service.CLOUD_EC2.KEY_SETTING.getKey(), "ec2_key")
-            .put(AwsEc2Service.CLOUD_EC2.SECRET_SETTING.getKey(), "ec2_secret")
-            .build();
-        launchAWSCredentialsWithElasticsearchSettingsTest(settings, "ec2_key", "ec2_secret");
-        assertSettingDeprecationsAndWarnings(new Setting<?>[] {
-            AwsEc2Service.KEY_SETTING,
-            AwsEc2Service.SECRET_SETTING,
-            AwsEc2Service.CLOUD_EC2.KEY_SETTING,
-            AwsEc2Service.CLOUD_EC2.SECRET_SETTING
-        });
-    }
-
     protected void launchAWSCredentialsWithElasticsearchSettingsTest(Settings settings, String expectedKey, String expectedSecret) {
         AWSCredentials credentials = AwsEc2ServiceImpl.buildCredentials(logger, settings).getCredentials();
         assertThat(credentials.getAWSAccessKeyId(), is(expectedKey));
@@ -116,59 +76,6 @@ public class AwsEc2ServiceImplTests extends ESTestCase {
         launchAWSConfigurationTest(settings, Protocol.HTTP, "aws_proxy_host", 8080, "aws_proxy_username", "aws_proxy_password", 10000);
     }
 
-    public void testAWSConfigurationWithAwsSettingsBackcompat() {
-        Settings settings = Settings.builder()
-            .put(AwsEc2Service.PROTOCOL_SETTING.getKey(), "http")
-            .put(AwsEc2Service.PROXY_HOST_SETTING.getKey(), "aws_proxy_host")
-            .put(AwsEc2Service.PROXY_PORT_SETTING.getKey(), 8080)
-            .put(AwsEc2Service.PROXY_USERNAME_SETTING.getKey(), "aws_proxy_username")
-            .put(AwsEc2Service.PROXY_PASSWORD_SETTING.getKey(), "aws_proxy_password")
-            .put(AwsEc2Service.READ_TIMEOUT.getKey(), "10s")
-            .build();
-        launchAWSConfigurationTest(settings, Protocol.HTTP, "aws_proxy_host", 8080, "aws_proxy_username", "aws_proxy_password",
-            10000);
-        assertSettingDeprecationsAndWarnings(new Setting<?>[] {
-            AwsEc2Service.PROTOCOL_SETTING,
-            AwsEc2Service.PROXY_HOST_SETTING,
-            AwsEc2Service.PROXY_PORT_SETTING,
-            AwsEc2Service.PROXY_USERNAME_SETTING,
-            AwsEc2Service.PROXY_PASSWORD_SETTING,
-            AwsEc2Service.READ_TIMEOUT
-        });
-    }
-
-    public void testAWSConfigurationWithAwsAndEc2Settings() {
-        Settings settings = Settings.builder()
-            .put(AwsEc2Service.PROTOCOL_SETTING.getKey(), "http")
-            .put(AwsEc2Service.PROXY_HOST_SETTING.getKey(), "aws_proxy_host")
-            .put(AwsEc2Service.PROXY_PORT_SETTING.getKey(), 8080)
-            .put(AwsEc2Service.PROXY_USERNAME_SETTING.getKey(), "aws_proxy_username")
-            .put(AwsEc2Service.PROXY_PASSWORD_SETTING.getKey(), "aws_proxy_password")
-            .put(AwsEc2Service.READ_TIMEOUT.getKey(), "20s")
-            .put(AwsEc2Service.CLOUD_EC2.PROTOCOL_SETTING.getKey(), "https")
-            .put(AwsEc2Service.CLOUD_EC2.PROXY_HOST_SETTING.getKey(), "ec2_proxy_host")
-            .put(AwsEc2Service.CLOUD_EC2.PROXY_PORT_SETTING.getKey(), 8081)
-            .put(AwsEc2Service.CLOUD_EC2.PROXY_USERNAME_SETTING.getKey(), "ec2_proxy_username")
-            .put(AwsEc2Service.CLOUD_EC2.PROXY_PASSWORD_SETTING.getKey(), "ec2_proxy_password")
-            .put(AwsEc2Service.CLOUD_EC2.READ_TIMEOUT.getKey(), "10s")
-            .build();
-        launchAWSConfigurationTest(settings, Protocol.HTTPS, "ec2_proxy_host", 8081, "ec2_proxy_username", "ec2_proxy_password", 10000);
-        assertSettingDeprecationsAndWarnings(new Setting<?>[] {
-            AwsEc2Service.PROTOCOL_SETTING,
-            AwsEc2Service.PROXY_HOST_SETTING,
-            AwsEc2Service.PROXY_PORT_SETTING,
-            AwsEc2Service.PROXY_USERNAME_SETTING,
-            AwsEc2Service.PROXY_PASSWORD_SETTING,
-            AwsEc2Service.READ_TIMEOUT,
-            AwsEc2Service.CLOUD_EC2.PROTOCOL_SETTING,
-            AwsEc2Service.CLOUD_EC2.PROXY_HOST_SETTING,
-            AwsEc2Service.CLOUD_EC2.PROXY_PORT_SETTING,
-            AwsEc2Service.CLOUD_EC2.PROXY_USERNAME_SETTING,
-            AwsEc2Service.CLOUD_EC2.PROXY_PASSWORD_SETTING,
-            AwsEc2Service.CLOUD_EC2.READ_TIMEOUT
-        });
-    }
-
     protected void launchAWSConfigurationTest(Settings settings,
                                               Protocol expectedProtocol,
                                               String expectedProxyHost,
@@ -194,20 +101,9 @@ public class AwsEc2ServiceImplTests extends ESTestCase {
 
     public void testSpecificEndpoint() {
         Settings settings = Settings.builder()
-            .put(AwsEc2Service.DISCOVERY_EC2.ENDPOINT_SETTING.getKey(), "ec2.endpoint")
-            .build();
-        String endpoint = AwsEc2ServiceImpl.findEndpoint(logger, settings);
-        assertThat(endpoint, is("ec2.endpoint"));
-    }
-
-    public void testSpecificEndpointBackcompat() {
-        Settings settings = Settings.builder()
-            .put(AwsEc2Service.CLOUD_EC2.ENDPOINT_SETTING.getKey(), "ec2.endpoint")
+            .put(AwsEc2Service.ENDPOINT_SETTING.getKey(), "ec2.endpoint")
             .build();
         String endpoint = AwsEc2ServiceImpl.findEndpoint(logger, settings);
         assertThat(endpoint, is("ec2.endpoint"));
-        assertSettingDeprecationsAndWarnings(new Setting<?>[] {
-            AwsEc2Service.CLOUD_EC2.ENDPOINT_SETTING
-        });
     }
 }

plugins/discovery-ec2/src/test/java/org/elasticsearch/discovery/ec2/Ec2DiscoveryClusterFormationTests.java

@@ -27,7 +27,9 @@ import org.apache.http.client.utils.URLEncodedUtils;
 import org.elasticsearch.common.SuppressForbidden;
 import org.elasticsearch.common.io.FileSystemUtils;
 import org.elasticsearch.common.logging.Loggers;
+import org.elasticsearch.common.settings.MockSecureSettings;
 import org.elasticsearch.common.settings.Settings;
+import org.elasticsearch.discovery.DiscoveryModule;
 import org.elasticsearch.mocksocket.MockHttpServer;
 import org.elasticsearch.plugins.Plugin;
 import org.elasticsearch.test.ESIntegTestCase;
@@ -77,15 +79,17 @@ public class Ec2DiscoveryClusterFormationTests extends ESIntegTestCase {
         } catch (IOException e) {
             throw new RuntimeException(e);
         }
+        MockSecureSettings secureSettings = new MockSecureSettings();
+        secureSettings.setString(AwsEc2Service.ACCESS_KEY_SETTING.getKey(), "some_access");
+        secureSettings.setString(AwsEc2Service.SECRET_KEY_SETTING.getKey(), "some_secret");
         return Settings.builder().put(super.nodeSettings(nodeOrdinal))
-            .put("discovery.type", "ec2")
+            .put(DiscoveryModule.DISCOVERY_HOSTS_PROVIDER_SETTING.getKey(), "ec2")
             .put("path.logs", resolve)
             .put("transport.tcp.port", 0)
             .put("node.portsfile", "true")
-            .put("cloud.aws.access_key", "some_access")
-            .put("cloud.aws.secret_key", "some_key")
-            .put(AwsEc2Service.CLOUD_EC2.ENDPOINT_SETTING.getKey(), "http://" + httpServer.getAddress().getHostName() + ":" +
+            .put(AwsEc2Service.ENDPOINT_SETTING.getKey(), "http://" + httpServer.getAddress().getHostName() + ":" +
                 httpServer.getAddress().getPort())
+            .setSecureSettings(secureSettings)
             .build();
     }
 

plugins/discovery-ec2/src/test/java/org/elasticsearch/discovery/ec2/Ec2DiscoverySettingsTests.java

@@ -1,116 +0,0 @@
-/*
- * Licensed to Elasticsearch under one or more contributor
- * license agreements. See the NOTICE file distributed with
- * this work for additional information regarding copyright
- * ownership. Elasticsearch licenses this file to you under
- * the Apache License, Version 2.0 (the "License"); you may
- * not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *    http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied.  See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-
-package org.elasticsearch.discovery.ec2;
-
-import com.amazonaws.Protocol;
-import org.elasticsearch.common.settings.Setting;
-import org.elasticsearch.common.settings.Settings;
-import org.elasticsearch.test.ESTestCase;
-
-import static org.hamcrest.Matchers.is;
-import static org.hamcrest.Matchers.isEmptyString;
-
-public class Ec2DiscoverySettingsTests extends ESTestCase {
-
-    private static final Settings AWS = Settings.builder()
-        .put(AwsEc2Service.KEY_SETTING.getKey(), "global-key")
-        .put(AwsEc2Service.SECRET_SETTING.getKey(), "global-secret")
-        .put(AwsEc2Service.PROTOCOL_SETTING.getKey(), "https")
-        .put(AwsEc2Service.PROXY_HOST_SETTING.getKey(), "global-proxy-host")
-        .put(AwsEc2Service.PROXY_PORT_SETTING.getKey(), 10000)
-        .put(AwsEc2Service.PROXY_USERNAME_SETTING.getKey(), "global-proxy-username")
-        .put(AwsEc2Service.PROXY_PASSWORD_SETTING.getKey(), "global-proxy-password")
-        .build();
-
-    private static final Settings EC2 = Settings.builder()
-        .put(AwsEc2Service.CLOUD_EC2.KEY_SETTING.getKey(), "ec2-key")
-        .put(AwsEc2Service.CLOUD_EC2.SECRET_SETTING.getKey(), "ec2-secret")
-        .put(AwsEc2Service.CLOUD_EC2.PROTOCOL_SETTING.getKey(), "http")
-        .put(AwsEc2Service.CLOUD_EC2.PROXY_HOST_SETTING.getKey(), "ec2-proxy-host")
-        .put(AwsEc2Service.CLOUD_EC2.PROXY_PORT_SETTING.getKey(), 20000)
-        .put(AwsEc2Service.CLOUD_EC2.PROXY_USERNAME_SETTING.getKey(), "ec2-proxy-username")
-        .put(AwsEc2Service.CLOUD_EC2.PROXY_PASSWORD_SETTING.getKey(), "ec2-proxy-password")
-        .put(AwsEc2Service.CLOUD_EC2.ENDPOINT_SETTING.getKey(), "ec2-endpoint")
-        .build();
-
-    /**
-     * We test when only cloud.aws settings are set
-     */
-    public void testRepositorySettingsGlobalOnly() {
-        Settings nodeSettings = buildSettings(AWS);
-        assertThat(AwsEc2Service.CLOUD_EC2.KEY_SETTING.get(nodeSettings), is("global-key"));
-        assertThat(AwsEc2Service.CLOUD_EC2.SECRET_SETTING.get(nodeSettings), is("global-secret"));
-        assertThat(AwsEc2Service.CLOUD_EC2.PROTOCOL_SETTING.get(nodeSettings), is(Protocol.HTTPS));
-        assertThat(AwsEc2Service.CLOUD_EC2.PROXY_HOST_SETTING.get(nodeSettings), is("global-proxy-host"));
-        assertThat(AwsEc2Service.CLOUD_EC2.PROXY_PORT_SETTING.get(nodeSettings), is(10000));
-        assertThat(AwsEc2Service.CLOUD_EC2.PROXY_USERNAME_SETTING.get(nodeSettings), is("global-proxy-username"));
-        assertThat(AwsEc2Service.CLOUD_EC2.PROXY_PASSWORD_SETTING.get(nodeSettings), is("global-proxy-password"));
-        assertThat(AwsEc2Service.CLOUD_EC2.ENDPOINT_SETTING.get(nodeSettings), isEmptyString());
-        assertSettingDeprecationsAndWarnings(new Setting<?>[] {
-                AwsEc2Service.KEY_SETTING,
-                AwsEc2Service.SECRET_SETTING,
-                AwsEc2Service.PROTOCOL_SETTING,
-                AwsEc2Service.PROXY_HOST_SETTING,
-                AwsEc2Service.PROXY_PORT_SETTING,
-                AwsEc2Service.PROXY_USERNAME_SETTING,
-                AwsEc2Service.PROXY_PASSWORD_SETTING,
-        });
-    }
-
-    /**
-     * We test when cloud.aws settings are overloaded by cloud.aws.ec2 settings
-     */
-    public void testRepositorySettingsGlobalOverloadedByEC2() {
-        Settings nodeSettings = buildSettings(AWS, EC2);
-        assertThat(AwsEc2Service.CLOUD_EC2.KEY_SETTING.get(nodeSettings), is("ec2-key"));
-        assertThat(AwsEc2Service.CLOUD_EC2.SECRET_SETTING.get(nodeSettings), is("ec2-secret"));
-        assertThat(AwsEc2Service.CLOUD_EC2.PROTOCOL_SETTING.get(nodeSettings), is(Protocol.HTTP));
-        assertThat(AwsEc2Service.CLOUD_EC2.PROXY_HOST_SETTING.get(nodeSettings), is("ec2-proxy-host"));
-        assertThat(AwsEc2Service.CLOUD_EC2.PROXY_PORT_SETTING.get(nodeSettings), is(20000));
-        assertThat(AwsEc2Service.CLOUD_EC2.PROXY_USERNAME_SETTING.get(nodeSettings), is("ec2-proxy-username"));
-        assertThat(AwsEc2Service.CLOUD_EC2.PROXY_PASSWORD_SETTING.get(nodeSettings), is("ec2-proxy-password"));
-        assertThat(AwsEc2Service.CLOUD_EC2.ENDPOINT_SETTING.get(nodeSettings), is("ec2-endpoint"));
-        assertSettingDeprecationsAndWarnings(new Setting<?>[] {
-            AwsEc2Service.KEY_SETTING,
-            AwsEc2Service.SECRET_SETTING,
-            AwsEc2Service.PROTOCOL_SETTING,
-            AwsEc2Service.PROXY_HOST_SETTING,
-            AwsEc2Service.PROXY_PORT_SETTING,
-            AwsEc2Service.PROXY_USERNAME_SETTING,
-            AwsEc2Service.PROXY_PASSWORD_SETTING,
-            AwsEc2Service.CLOUD_EC2.KEY_SETTING,
-            AwsEc2Service.CLOUD_EC2.SECRET_SETTING,
-            AwsEc2Service.CLOUD_EC2.PROTOCOL_SETTING,
-            AwsEc2Service.CLOUD_EC2.PROXY_HOST_SETTING,
-            AwsEc2Service.CLOUD_EC2.PROXY_PORT_SETTING,
-            AwsEc2Service.CLOUD_EC2.PROXY_USERNAME_SETTING,
-            AwsEc2Service.CLOUD_EC2.PROXY_PASSWORD_SETTING,
-            AwsEc2Service.CLOUD_EC2.ENDPOINT_SETTING
-        });
-    }
-
-    private Settings buildSettings(Settings... global) {
-        Settings.Builder builder = Settings.builder();
-        for (Settings settings : global) {
-            builder.put(settings);
-        }
-        return builder.build();
-    }
-}

plugins/discovery-ec2/src/test/java/org/elasticsearch/discovery/ec2/Ec2DiscoveryTests.java

@@ -21,7 +21,6 @@ package org.elasticsearch.discovery.ec2;
 
 import com.amazonaws.services.ec2.model.Tag;
 import org.elasticsearch.Version;
-import org.elasticsearch.discovery.ec2.AwsEc2Service.DISCOVERY_EC2;
 import org.elasticsearch.cluster.node.DiscoveryNode;
 import org.elasticsearch.common.io.stream.NamedWriteableRegistry;
 import org.elasticsearch.common.network.NetworkService;
@@ -113,7 +112,7 @@ public class Ec2DiscoveryTests extends ESTestCase {
             poorMansDNS.put(AmazonEC2Mock.PREFIX_PRIVATE_IP + (i+1), buildNewFakeTransportAddress());
         }
         Settings nodeSettings = Settings.builder()
-                .put(DISCOVERY_EC2.HOST_TYPE_SETTING.getKey(), "private_ip")
+                .put(AwsEc2Service.HOST_TYPE_SETTING.getKey(), "private_ip")
                 .build();
         List<DiscoveryNode> discoveryNodes = buildDynamicNodes(nodeSettings, nodes);
         assertThat(discoveryNodes, hasSize(nodes));
@@ -132,7 +131,7 @@ public class Ec2DiscoveryTests extends ESTestCase {
             poorMansDNS.put(AmazonEC2Mock.PREFIX_PUBLIC_IP + (i+1), buildNewFakeTransportAddress());
         }
         Settings nodeSettings = Settings.builder()
-                .put(DISCOVERY_EC2.HOST_TYPE_SETTING.getKey(), "public_ip")
+                .put(AwsEc2Service.HOST_TYPE_SETTING.getKey(), "public_ip")
                 .build();
         List<DiscoveryNode> discoveryNodes = buildDynamicNodes(nodeSettings, nodes);
         assertThat(discoveryNodes, hasSize(nodes));
@@ -153,7 +152,7 @@ public class Ec2DiscoveryTests extends ESTestCase {
                 AmazonEC2Mock.SUFFIX_PRIVATE_DNS, buildNewFakeTransportAddress());
         }
         Settings nodeSettings = Settings.builder()
-                .put(DISCOVERY_EC2.HOST_TYPE_SETTING.getKey(), "private_dns")
+                .put(AwsEc2Service.HOST_TYPE_SETTING.getKey(), "private_dns")
                 .build();
         List<DiscoveryNode> discoveryNodes = buildDynamicNodes(nodeSettings, nodes);
         assertThat(discoveryNodes, hasSize(nodes));
@@ -176,7 +175,7 @@ public class Ec2DiscoveryTests extends ESTestCase {
                 + AmazonEC2Mock.SUFFIX_PUBLIC_DNS, buildNewFakeTransportAddress());
         }
         Settings nodeSettings = Settings.builder()
-                .put(DISCOVERY_EC2.HOST_TYPE_SETTING.getKey(), "public_dns")
+                .put(AwsEc2Service.HOST_TYPE_SETTING.getKey(), "public_dns")
                 .build();
         List<DiscoveryNode> discoveryNodes = buildDynamicNodes(nodeSettings, nodes);
         assertThat(discoveryNodes, hasSize(nodes));
@@ -193,7 +192,7 @@ public class Ec2DiscoveryTests extends ESTestCase {
 
     public void testInvalidHostType() throws InterruptedException {
         Settings nodeSettings = Settings.builder()
-                .put(DISCOVERY_EC2.HOST_TYPE_SETTING.getKey(), "does_not_exist")
+                .put(AwsEc2Service.HOST_TYPE_SETTING.getKey(), "does_not_exist")
                 .build();
 
         IllegalArgumentException exception = expectThrows(IllegalArgumentException.class, () -> {
@@ -205,7 +204,7 @@ public class Ec2DiscoveryTests extends ESTestCase {
     public void testFilterByTags() throws InterruptedException {
         int nodes = randomIntBetween(5, 10);
         Settings nodeSettings = Settings.builder()
-                .put(DISCOVERY_EC2.TAG_SETTING.getKey() + "stage", "prod")
+                .put(AwsEc2Service.TAG_SETTING.getKey() + "stage", "prod")
                 .build();
 
         int prodInstances = 0;
@@ -230,7 +229,7 @@ public class Ec2DiscoveryTests extends ESTestCase {
     public void testFilterByMultipleTags() throws InterruptedException {
         int nodes = randomIntBetween(5, 10);
         Settings nodeSettings = Settings.builder()
-                .putArray(DISCOVERY_EC2.TAG_SETTING.getKey() + "stage", "prod", "preprod")
+                .putArray(AwsEc2Service.TAG_SETTING.getKey() + "stage", "prod", "preprod")
                 .build();
 
         int prodInstances = 0;
@@ -269,7 +268,7 @@ public class Ec2DiscoveryTests extends ESTestCase {
         }
 
         Settings nodeSettings = Settings.builder()
-            .put(DISCOVERY_EC2.HOST_TYPE_SETTING.getKey(), "tag:foo")
+            .put(AwsEc2Service.HOST_TYPE_SETTING.getKey(), "tag:foo")
             .build();
 
         List<List<Tag>> tagsList = new ArrayList<>();
@@ -315,7 +314,7 @@ public class Ec2DiscoveryTests extends ESTestCase {
 
     public void testGetNodeListCached() throws Exception {
         Settings.Builder builder = Settings.builder()
-                .put(DISCOVERY_EC2.NODE_CACHE_TIME_SETTING.getKey(), "500ms");
+                .put(AwsEc2Service.NODE_CACHE_TIME_SETTING.getKey(), "500ms");
         AwsEc2Service awsEc2Service = new AwsEc2ServiceMock(Settings.EMPTY, 1, null);
         DummyEc2HostProvider provider = new DummyEc2HostProvider(builder.build(), transportService, awsEc2Service) {
             @Override

plugins/discovery-ec2/src/test/java/org/elasticsearch/discovery/ec2/Ec2DiscoveryUpdateSettingsTests.java

@@ -22,6 +22,7 @@ package org.elasticsearch.discovery.ec2;
 
 import org.elasticsearch.action.admin.cluster.settings.ClusterUpdateSettingsResponse;
 import org.elasticsearch.common.settings.Settings;
+import org.elasticsearch.discovery.DiscoveryModule;
 import org.elasticsearch.test.ESIntegTestCase.ClusterScope;
 import org.elasticsearch.test.ESIntegTestCase.Scope;
 
@@ -36,7 +37,7 @@ import static org.hamcrest.CoreMatchers.is;
 public class Ec2DiscoveryUpdateSettingsTests extends AbstractAwsTestCase {
     public void testMinimumMasterNodesStart() {
         Settings nodeSettings = Settings.builder()
-                .put("discovery.type", "ec2")
+                .put(DiscoveryModule.DISCOVERY_HOSTS_PROVIDER_SETTING.getKey(), "ec2")
                 .build();
         internalCluster().startNode(nodeSettings);