gpt4 book ai didi

amazon-web-services - 连接到Elasticsearch-Amazon Elasticsearch Service-IAM用户

转载 作者:行者123 更新时间:2023-12-02 22:32:06 25 4
gpt4 key购买 nike

我选择了“允许访问一个或多个AWS帐户或IAM用户”

我的访问政策

{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Principal": {
"AWS": "arn:aws:iam::12345678910:user/elastic"
},
"Action": "es:*",
"Resource": "arn:aws:es:eu-west-1:123456789:domain/elastic-cluster/*"
}
]
}

我已经创建了一个IAM配置文件-
user - elastic 
password -hisdfdsfds
Access key Id - sdsfdssdfdsfdsfdsfsdfsd
Secret Access Key - sdsfdsfdsfsdfdsfds

当我尝试连接时
$params = array();
$params['hosts'] = array (
'search-elastic-cluster-sdfsdfsdfs.eu-east.es.amazonaws.com:80',
);

$client = new Elasticsearch\Client($params);

它引发以下错误:
{"Message":"User: anonymous is not authorized to perform: es:ESHttpPost on resource: arn:aws:es:eu-west-1:dsfdsfsdfsdsd:domain/elastic-cluster/sdsfsfds/sdfdsfdssd/_search"}

我发现可以通过已签名的版本4签名请求来访问它。我尝试这样做,但是不能。也许方法是错误的。

如果有人在创建对Elasticsearch域的签名版本4请求中提出建议,我将很高兴。使用我上面所述的参数的示例将非常有帮助。提前致谢。

最佳答案

该应用程序需要签署去Elasticsearch的请求。适用于您选择的语言的AWS开发工具包应具有创建签名请求凭证的方法。

当您向您的请求提供凭据时,应该没问题,一切顺利。

这是使用javascript sdk的代码段:

var AWS = require('aws-sdk');
var creds = new AWS.EnvironmentCredentials('AWS');

var esDomain = {
region: 'us-east-1',
endpoint: 'yoursearchdomain.region.amazonaws.com',
index: 'myindex',
doctype: 'mytype'
};

var endpoint = new AWS.Endpoint(esDomain.endpoint);

var req = new AWS.HttpRequest(endpoint);

req.method = 'POST';
req.path = path.join('/', esDomain.index, esDomain.doctype);
req.region = esDomain.region;
req.headers['presigned-expires'] = false;
req.headers['Host'] = endpoint.host;
req.headers['Content-Type'] = 'application/json';
req.body = doc;

var signer = new AWS.Signers.V4(req , 'es');
signer.addAuthorization(creds, new Date());

var send = new AWS.NodeHttpClient();
send.handleRequest(req, null, function(httpResp) {
var respBody = '';
httpResp.on('data', function (chunk) {
respBody += chunk;
});
httpResp.on('end', function (chunk) {
console.log('Response: ' + respBody);
context.succeed('Lambda added document ' + doc);
});
}, function(err) {
console.log('Error: ' + err);
context.fail('Lambda failed with error ' + err);
});

关于amazon-web-services - 连接到Elasticsearch-Amazon Elasticsearch Service-IAM用户,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/34086661/

25 4 0
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com