I'm studying about ELK Stack and AWS Gateway.
I created AWS ElasticSearch and set this access policy: { "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Principal": { "AWS": "arn:aws:iam::[AWS account ID]:root" }, "Action": "es:*", "Resource": "arn:aws:es:sa-east-1:[AWS account ID]:domain/camarar-elk/*" } ] }
PS: I try to use with this policy too: { "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Principal": { "AWS": "arn:aws:iam::[AWS account ID]:user/[User]" }, "Action": "es:*", "Resource": "arn:aws:es:sa-east-1:[AWS account ID]:domain/camarar-elk/*" } ] }
After, I created an AWS API Gateway using http proxy and GET method to route all request to Kibana url. And in this Gateway I using one AWS IAM to access Kibana.
Finally, I created an user of AWS IAM with this policy "AmazonESFullAccess".
All the time I received the same error:{"Message":"User: anonymous is not authorized to perform: es:ESHttpGet on resource: camarar-elk"}
Anybody could you please help me to resolve this problem?