Hi everyone,
I am trying out ElasticSearch on AWS and ran into the following error while trying to access the provided Kabana endpoint:
{"Message":"User: anonymous is not authorized to perform: es:ESHttpGet"}
This turned out to be pretty simply, I just needed to whitelist my IP. Go to your search domain in the aws console, click access and finally select “Modify access policy”:
Then all you need to do is add another statement that gives your current ip access:
{ "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Principal": { "AWS": "*" }, "Action": [ "es:ESHttp*" ], "Condition": { "IpAddress": { "aws:SourceIp": [ "192.0.2.0/24" ] } }, "Resource": "arn:aws:es:us-west-1:987654321098:domain/test-domain/*" } ] }
Feel free to comment below if you hit any issues, but I also found the following links pretty helpful:
https://docs.aws.amazon.com/elasticsearch-service/latest/developerguide/es-ac.html#es-ac-types-ip
https://aws.amazon.com/premiumsupport/knowledge-center/anonymous-not-authorized-elasticsearch/