Hi all!
I'm trying to register an S3 bucket as my snapshot repository.
I'm using Elasticsearch Service, from AWS (which uses version 5.5 of Elasticsearch)
When I run this script
import boto3 import requests from requests_aws4auth import AWS4Auth host = '' # include https:// and trailing / region = '' # e.g. us-west-1 service = 'es' credentials = boto3.Session().get_credentials() awsauth = AWS4Auth(credentials.access_key, credentials.secret_key, region, service, session_token=credentials.token) # Register repository path = '_snapshot/my-snapshot-repo' # the Elasticsearch API endpoint url = host + path payload = { "type": "s3", "settings": { "bucket": "s3-bucket-name", "region": "us-west-1", "role_arn": "arn:aws:iam::123456789012:role/TheSnapshotRole" } } headers = {"Content-Type": "application/json"} r = requests.put(url, auth=awsauth, json=payload, headers=headers) print(r.status_code) print(r.text)
I get this error:
{"error":{"root_cause":[{"type":"a_w_s_security_token_service_exception","reason":"a_w_s_security_token_service_exception: Access denied (Service: AWSSecurityTokenService; Status Code: 403; Error Code: AccessDenied; Request ID: 8df9ffae-be16-11e9-a6c9-5561e849f8ed)"}],"type":"blob_store_exception","reason":"failed to check if blob exists","caused_by":{"type":"a_w_s_security_token_service_exception","reason":"a_w_s_security_token_service_exception: Access denied (Service: AWSSecurityTokenService; Status Code: 403; Error Code: AccessDenied; Request ID: 8df9ffae-be16-11e9-a6c9-5561e849f8ed)"}},"status":500}
I've seen posts with similar errors but none of them have any response.