When I click on elasticsearch domain endpoint it tells me unauthorized. Moreover, I tried using curl and the same issue. I've written a lambda function that takes data from dynamodb and tries to put into es and I'm getting 403 status.
Configuration for es domain:
- Allow open access
- Created a master user (not sure the exact function of this. probably used for accessing kibana?)
- Following is the permission:
{ "Version": "2012-10-17", "Statement": [
{
"Effect": "Allow",
"Principal": {
"AWS": "*"
},
"Action": "es:*",
"Resource": "arn:aws:es:us-west-2:[ACCOUNT_ID]:domain/[ES_DOMAIN]/*"
} ] }
Lambda has the following role:
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"es:ESHttpPost",
"es:ESHttpPut",
"dynamodb:DescribeStream",
"dynamodb:GetRecords",
"dynamodb:GetShardIterator",
"dynamodb:ListStreams",
"logs:CreateLogGroup",
"logs:CreateLogStream",
"logs:PutLogEvents"
],
"Resource": "*"
}
]
}
Does anyone know what is wrong or what am I missing here?
