Reputation: 545
Running into error when trying register a S3 bucket as a repository for OpenSearch snapshots
I'm very new to AWS OpenSearch and have been grappling with this for over a week; need help trying to register a S3 bucket as a repository but running into following error:
user/test is not authorized to perform: es:ESHttpPut with an explicit deny in an identity-based policy.
I have checked all policies under user/test and I do not see a explicit deny.
Using Python to setup repository: https://docs.aws.amazon.com/opensearch-service/latest/developerguide/managedomains-snapshot-registerdirectory.html
I have followed following article to set up Role/policy:
I am logging into a instance that has access to the opensearch domain setup in a vpc with fine grained access enabled, so not open to public and running the py script from there to register s3 as a repository.
What else can I check for any explicit deny? Any other documentation I can use to get a s3 repo to register? I have also mapped user/test and the backend role in the OpenSearch manage_snapshots section of the console. Not sure if the mapping is helping.
Any guidance is much appreciated.
Thanks.
Upvotes: 0
Views: 61
Answers (0)
Related Questions
- kubectl error You must be logged in to the server (Unauthorized) when accessing EKS cluster
- DNS Resolution Issue between Step Function and OpenSearch Domain in VPC Environment
- Getting 403 Forbidden on AWS OpenSearch Serverless
- How should I permission my AWS Lambdas to be able to query OpenSearch?
- opensearch authentication with opensearch-py on aws lambda
- Proper access policy for Amazon Elastic Search Cluster