I have an AWS Elasticsearch environment and I believe I’m having trouble authenticating to the Elasticsearch server via IP. We’d like not to use any IAM user policy for this piece of software if possible, and only use an IP based strategy for authenticating. The reason I think we are having problems is that when I connect using an IAM user’s credentials, everything works great, but when I remove those credentials, I see errors like this:
That response if from a ping request. It is using C# and the NEST library. The code is as simple as this:
Based on this, is it possible that somehow it is attempting to authenticate as some hidden IAM user? I ask this because if an Index is attempted, the response instead changes to say this:
The IAM user it is referring to is one from a different environment completely, so we must have left some remnant of it is this environment. Where is it pulling that the IAM user info from?
Note that obviously endpoint URIs and user info has been replaced.