I'm trying to do a search query to my Opensearch Serverless index but i keep getting the following error:
403 - Forbidden: {
"code": 403,
"message": "search_phase_execution_exception: [security_exception] Reason: Bad Authorization"
}
Here is my function to query the index:
const searchDocument = async ({ index, document }) => {
const query = { query: { match: { description: document } } };
console.log('query search document:', query);
const checkingSearch = await client.search({ index, body: query });
console.log('checkingSearch:', checkingSearch);
return checkingSearch;
};
I thought it may have been an IAM permission issue, but I'm using the same permissions I have for a separate lambda function where it is updating the index and it works fine. Here is a snippet of my IAM permission:
iamRoleStatements:
- Effect: Allow
Action:
- aoss:APIAccessAll
- aoss:DeleteCollection
- aoss:UpdateCollection
Resource:
- arn:aws:aoss:${aws:region}:${aws:accountId}:collection/open_search_collection_id
- Effect: Allow
Action:
- aoss:DashboardsAccessAll
Resource:
- arn:aws:aoss:${aws:region}:${aws:accountId}:dashboards/default
- Effect: Allow
Action:
- aoss:*
Resource:
- '*'
- Effect: Allow
Action:
- dynamodb:GetItem
- dynamodb:Query
- dynamodb:BatchGetItem
Resource: 'arn:aws:dynamodb:${opt:region, self:provider.region}:*:table/${opt:stage, self:provider.stage}-DBNAME*'
Not that i can see. This is what is outputting in the logs:
What happens if I grant Administrator privileges to try it out? If execution fails even after granting Administrator, the problem is probably in something other than IAM.