在 AWS 上弹性搜索 {“Message":“User:anonymous is notauthorized to perform: es:ESHttpGet"} [英] On AWS elastic search {"Message":"User: anonymous is not authorized to perform: es:ESHttpGet"}

查看：16 发布时间：2021/10/27 19:17:00 python amazon-web-services aws-lambda aws-elasticsearch

本文介绍了在 AWS 上弹性搜索 {“Message":“User:anonymous is notauthorized to perform: es:ESHttpGet"}的处理方法，对大家解决问题具有一定的参考价值，需要的朋友们下面随着小编来一起学习吧！

问题描述

我已经创建了 AWS elasticsearch 域

下面是运行良好的代码

导入boto3从 requests_aws4auth 导入 AWS4Auth从 elasticsearch 导入 Elasticsearch，RequestsHttpConnectionsession = boto3.session.Session()凭证 = session.get_credentials()awsauth = AWS4Auth(credentials.access_key,凭据.secret_key，session.region_name, 'es',session_token=credentials.token)es = 弹性搜索(['https://search-testelastic-2276kyz2u4l3basec63onfq73a.us-east-1.es.amazonaws.com']，http_auth=awsauth,use_ssl=True,verify_certs=真，connection_class=RequestsHttpConnection)def lambda_handler(事件，上下文):es.cluster.health()es.indices.create(index='my-index', ignore=400)r = [{'姓名':'博士.Christopher DeSimone', 'Specialised and Location': 'Health'},{'姓名':'博士.Tajwar Aamir (Aamir)', 'Specialised and Location': 'Health'},{'姓名':'博士.Bernard M. Aaron', 'Specialised and Location': 'Health'},{'Name': 'Eliana M. Aaron', 'Specialised and Location': 'Health'},{'姓名':'博士.Joseph J. Aaron', 'Specialised and Location': 'Health'},{'姓名':'博士.Michael R. Aaron', 'Specialised and Location': 'Health'},{'姓名':'博士.Darryl H. Aarons', 'Specialised and Location': 'Health'},{'姓名':'博士.William B. Aarons', 'Specialised and Location': 'Health'},{'姓名':'博士.Sirike T. Aasmaa', 'Specialised and Location': 'Health'},{'姓名':'博士.Jacobo A. Abadi"，专业和位置":健康"}]对于 e 枚举(r):es.index(index="my-index", body=e[1])

以下是访问策略

<代码>{版本":2012-10-17"，声明":[{效果":允许"，校长":{AWS":*"},动作":es:*"，资源":arn:aws:es:us-east-1:xxxxxx:domain/xxxxx/*",条件":{IP地址":{aws:SourceIp":*"}}}]}

解决方案

此错误表明您的 ElasticSearch 服务不支持匿名请求(未使用有效 IAM 凭据签名的请求).

虽然您的政策正常，但官方允许所有政策如下所示

<代码>{版本":2012-10-17"，声明":[{效果":允许"，校长":{AWS":*"},动作":es:*"，资源":arn:aws:es:us-east-1:xxxxxx:domain/xxxxx/*"}]}

I have created AWS elasticsearch domain

https://search-xx-xx.us-east-1.es.amazonaws.com/

On click both elastic url and kibana below is the error i got

{"Message":"User: anonymous is not authorized to perform: es:ESHttpGet"}

Below is code which is working fine

import boto3
from requests_aws4auth import AWS4Auth
from elasticsearch import Elasticsearch, RequestsHttpConnection
session = boto3.session.Session()
credentials = session.get_credentials()

awsauth = AWS4Auth(credentials.access_key,
                   credentials.secret_key,
                   session.region_name, 'es',
                   session_token=credentials.token)
es = Elasticsearch(
    ['https://search-testelastic-2276kyz2u4l3basec63onfq73a.us-east-1.es.amazonaws.com'],
    http_auth=awsauth,
    use_ssl=True,
    verify_certs=True,
    connection_class=RequestsHttpConnection
)


def lambda_handler(event, context):
    es.cluster.health()
    es.indices.create(index='my-index', ignore=400)
    r = [{'Name': 'Dr. Christopher DeSimone', 'Specialised and Location': 'Health'},
 {'Name': 'Dr. Tajwar Aamir (Aamir)', 'Specialised and Location': 'Health'},
 {'Name': 'Dr. Bernard M. Aaron', 'Specialised and Location': 'Health'},
 {'Name': 'Eliana M. Aaron', 'Specialised and Location': 'Health'},
 {'Name': 'Dr. Joseph J. Aaron', 'Specialised and Location': 'Health'},
 {'Name': 'Dr. Michael R. Aaron', 'Specialised and Location': 'Health'},
 {'Name': 'Dr. Darryl H. Aarons', 'Specialised and Location': 'Health'},
 {'Name': 'Dr. William B. Aarons', 'Specialised and Location': 'Health'},
 {'Name': 'Dr. Sirike T. Aasmaa', 'Specialised and Location': 'Health'},
 {'Name': 'Dr. Jacobo A. Abadi', 'Specialised and Location': 'Health'}]
    for e in enumerate(r):
         es.index(index="my-index", body=e[1])

Below is the access policy

{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Effect": "Allow",
      "Principal": {
        "AWS": "*"
      },
      "Action": "es:*",
      "Resource": "arn:aws:es:us-east-1:xxxxxx:domain/xxxxx/*",
      "Condition": {
        "IpAddress": {
          "aws:SourceIp": "*"
        }
      }
    }
  ]
}

解决方案

This error would indicate your ElasticSearch service does not support anonymous requests (those not signed with valid IAM credentials).

Although your policy sees ok the official allow all policy looks like the below

{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Effect": "Allow",
      "Principal": {
        "AWS": "*"
      },
      "Action": "es:*",
      "Resource": "arn:aws:es:us-east-1:xxxxxx:domain/xxxxx/*"
    }
  ]
}

这篇关于在 AWS 上弹性搜索 {“Message":“User:anonymous is notauthorized to perform: es:ESHttpGet"}的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！

查看全文

在 AWS 上弹性搜索 {“Message":“User:anonymous is notauthorized to perform: es:ESHttpGet"} [英] On AWS elastic search {"Message":"User: anonymous is not authorized to perform: es:ESHttpGet"}

问题描述

相关文章

Python最新文章

热门教程

热门工具

登录关闭

在 AWS 上弹性搜索 {“Message":“User:anonymous is notauthorized to perform: es:ESHttpGet"} [英] On AWS elastic search {&quot;Message&quot;:&quot;User: anonymous is not authorized to perform: es:ESHttpGet&quot;}

问题描述

相关文章

Python最新文章

热门教程

热门工具

登录 关闭

在 AWS 上弹性搜索 {“Message":“User:anonymous is notauthorized to perform: es:ESHttpGet"} [英] On AWS elastic search {"Message":"User: anonymous is not authorized to perform: es:ESHttpGet"}

登录关闭