1 Answer
- Newest
- Most votes
- Most comments
0
It looks like your co-worker is getting an authorization error, which means their request is not being allowed by the IP-based access policy. One thing you can check is whether your co-worker's IP address is correct and within the CIDR range specified in the policy.
If the IP address is correct, you can try removing the "AWS" principal from the policy and specify the "Condition" block with the "IpAddress" field only. Here's an example:
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": "es:*",
"Resource": "arn:aws:es:us-east-1:564646946125:domain/test-domain/*",
"Condition": {
"IpAddress": {
"aws:SourceIp": [
"x.x.x.x/32",
"y.y.y.y/32"
]
}
}
}
]
}
Make sure to replace the IP addresses with the correct ones for you and your co-worker. Also, make sure that both of you are using the correct AWS access keys when making requests to the OpenSearch domain.
answered a year ago
Relevant content
- asked 2 years ago
- asked 7 months ago
- asked 6 months ago
- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated 10 months ago
- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated 2 years ago