Can't seem to register a snapshot repository with AWS S3

I'm running an Elasticsearch V6.3.2 cluster on Kubernetes, and I've installed the repository-s3 plugin.
I've added my AWS Access Key and Secret Key to the elasticsearch.keystore.

I'm trying to register my snapshot repository with:

curl -X PUT -H "Content-Type: application/json" -d '{ "type": "s3", "settings": { "bucket": "efk-snapshots-k8s" } }' "localhost:9200/_snapshot/snap123"

The above request fails with:

    {
      "error":{
        "root_cause":[
          {
            "type":"amazon_s3_exception",
            "reason":"amazon_s3_exception: Forbidden (Service: Amazon S3; Status Code: 403; Error Code: 403 Forbidden; Request ID: 962AE79FCC57FA8E; S3 Extended Request ID: kyx9TnYewW8NUk35CsJRLy7SF7iCsg515zhXtOMjz4EdsxGUBJYaqHgs/e2SZCatEWQHwLFd39k=)"
          }
        ],
        "type":"blob_store_exception",
        "reason":"Failed to check if blob [master.dat-temp] exists",
        "caused_by":{
          "type":"amazon_s3_exception",
          "reason":"amazon_s3_exception: Forbidden (Service: Amazon S3; Status Code: 403; Error Code: 403 Forbidden; Request ID: 962AE79FCC57FA8E; S3 Extended Request ID: kyx9TnYewW8NUk35CsJRLy7SF7iCsg515zhXtOMjz4EdsxGUBJYaqHgs/e2SZCatEWQHwLFd39k=)"
        }
      },
      "status":500
    }

I have granted appropriate permissions with the IAM policy, even so far that I tried giving it complete S3 access, but still no luck. What's going wrong here?

I’m having the exact same issue and I’ve not been able to find a solution. Can you provide your IAM role permissions?

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.