I have spring boot app deployed to AWS EKS, and an OpenSearch server on AWS, I’m getting this error when the java code below gets executed:
OpenSearch server:
Managed opensearch cluster,
version: 2.11,
VPC
Error:
[security_exception] authentication/authorization failure
at org.opensearch.client.transport.aws.AwsSdk2Transport.parseResponse(AwsSdk2Transport.java:54
1) ~[opensearch-java-2.22.0.jar!/:?]
Java code:
SdkHttpClient httpClient = ApacheHttpClient.builder().build();
OpenSearchClient client = new OpenSearchClient(
new AwsSdk2Transport(
httpClient,
"search-...us-west-2.es.amazonaws.com", // OpenSearch endpoint, without https://
"es",
Region.US_WEST_2, // signing service region
AwsSdk2TransportOptions.builder().build()
)
);
String indexName = "test-index";
BooleanResponse booleanResponse = openSearchClient
.indices()
.exists(ExistsRequest.of(builder -> builder.index(List.of(indexName))));
Pom.xml:
<dependency>
<groupId>org.opensearch.client</groupId>
<artifactId>opensearch-java</artifactId>
<version>2.22.0</version>
</dependency>
<dependency>
<groupId>org.opensearch.client</groupId>
<artifactId>opensearch-rest-client</artifactId>
<version>2.19.1</version>
</dependency>
Access policy:
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Principal": "*",
"Action": "es:*",
"Resource": "arn:aws:es:us-west-2:987654321098:domain/my-domain/*"
}
]
}