2 Answers
- Newest
- Most votes
- Most comments
0
You can use the AWS Policy generator - https://awspolicygen.s3.amazonaws.com/policygen.html. Choose IAM policy and add the relevant information in order to create the policy.
0
There are a few things you can check:
- Ensure that the user or role associated with the
aws_profile
set in your provider hassts:AssumeRole
permission on the role you created. - The provider configuration you posted is explicitly disabling signing of AWS requests. This setting is intended for using HTTP Basic Auth. I recommend configuring your opensearch provider with
sign_aws_requests = true
for use with IAM authentication. - If you have Fine-Grained Access Control enabled and the role you are using is not set as the master user, you may need to add a role mapping for the role you are trying to use.
answered 10 months ago
Relevant content
- Accepted Answerasked 2 years ago
- asked a year ago
- AWS OFFICIALUpdated 3 years ago
- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated 2 months ago
- AWS OFFICIALUpdated a year ago