Hi everyone,
I am trying out ElasticSearch on AWS and ran into the following error while trying to access the provided Kabana endpoint:
{"Message":"User: anonymous is not authorized to perform: es:ESHttpGet"}
This turned out to be pretty simply, I just needed to whitelist my IP. Go to your search domain in the aws console, click access and finally select “Modify access policy”:
Then all you need to do is add another statement that gives your current ip access:
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Principal": {
"AWS": "*"
},
"Action": [
"es:ESHttp*"
],
"Condition": {
"IpAddress": {
"aws:SourceIp": [
"192.0.2.0/24"
]
}
},
"Resource": "arn:aws:es:us-west-1:987654321098:domain/test-domain/*"
}
]
}
Feel free to comment below if you hit any issues, but I also found the following links pretty helpful:
https://docs.aws.amazon.com/elasticsearch-service/latest/developerguide/es-ac.html#es-ac-types-ip
https://aws.amazon.com/premiumsupport/knowledge-center/anonymous-not-authorized-elasticsearch/
What I Broke - Programming and Web Development 