- 最新
- 最多得票
- 最多評論
Your access policy looks odd. I understand you redacted your own account ID, but can you please double check if it follows the pattern below:
"Resource": "arn:aws:es:xxxxxxxx:0123456789012:domain/xxxxxx/*"
In your original message you got "us-east-my-arn", which should be something like "us-east-1:account_id" (note the missing region identifier, and there should be an account_id and not an ARN).
Hi,
in case you have not yet tried, please check this knowledge base article: "I get a "User: anonymous is not authorized" error when I try to access my Amazon OpenSearch Service cluster" it mentions also other possible causes / resolutions.
hope this helps
Your access policy looks alright, except for the missing asterisks - but I think this is due to the markdown formatting here.
One thing you might check is the security setting within OpenSearch. You can go to OpenSearch Plugins > Security and check if that user has the proper permissions. You can get more info in the documentation, but the idea is that you need to create an user (you probably already have it) and then grant to this user the appropriate permissions.
Also, I suggest editing your answer and redacting your AWS account ID: although not sensitive information, you should not share this unless necessary (otherwise others can use it to invoke
Hi As I've get I open OpenSearch plugins through Dashboards interface. But I can't access Dashboards two. When I go to Dashboards link in my browser it also says "Message":"User: anonymous is not authorized to perform: es:ESHttpPost because no resource-based policy allows the es:ESHttpPost action"
相關內容
- 已提問 10 個月前
AWS 官方已更新 2 年前- AWS 官方已更新 2 年前
- AWS 官方已更新 9 個月前
Hi
here is my unredacted access policy
{ "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Principal": { "AWS": "" }, "Action": "es:", "Resource": "arn:aws:es:us-east-2:924827564867:domain/wb_elk/*" } ] }