[英]403 forbidden error while getting indexes from AWS Elastic search using AWS SDK
I am using AWS SDK to connect to elastic search. 我正在使用AWS开发工具包连接到弹性搜索。 I am following https://docs.aws.amazon.com/elasticsearch-service/latest/developerguide/es-indexing.html 我正在关注https://docs.aws.amazon.com/elasticsearch-service/latest/developerguide/es-indexing.html
Other question in this topic were more like permission issues or issue while writing to elasticsearch. 该主题中的其他问题更像是许可问题或写到Elasticsearch时的问题。 For me writing is working fine, only reading is giving me the error 对我来说,写作很好,只有阅读才给我错误
The POST method works all fine and it is adding the indexes. POST方法可以正常工作,并且正在添加索引。 I am making a GET request for search in the same manner 我以相同的方式发出GET请求进行搜索
public void getIndexedRecords(String index,String type,String id,String documentJSON){
try {
String endpoint = host +"/" +index+"/_search" ;
// Builds the request. We need an AWS service, URI, HTTP method, and request
// body (in this case, JSON).
Request<?> request = new DefaultRequest<Void>(service);
request.setEndpoint(new URI(endpoint));
request.setHttpMethod(HttpMethodName.GET);
request.setContent(new ByteArrayInputStream(documentJSON.getBytes()));
// Retrieves our credentials from the computer. For more information on where
// this class looks for credentials, see
// http://docs.aws.amazon.com/AWSJavaSDK/latest/javadoc/com/amazonaws/auth/DefaultAWSCredentialsProviderChain.html.
String accessKey = CommonUtils.getCommonProperty("accessKey", "");
String secretKey = CommonUtils.getCommonProperty("secretKey", "");;
AWSCredentials creds = new BasicAWSCredentials(accessKey, secretKey);
// Signs the request using our region, service, and credentials. AWS4Signer
// modifies the original request rather than returning a new request.
AWS4Signer signer = new AWS4Signer();
signer.setRegionName(region);
signer.setServiceName(service);
signer.sign(request, creds);
request.addHeader("Content-Type", "application/json");
// Creates and configures the HTTP client, creates the error and response
// handlers, and finally executes the request.
ClientConfiguration config = new ClientConfiguration();
config.setProtocol(Protocol.HTTPS);
AmazonHttpClient client = new AmazonHttpClient(config);
System.out.println(client);
ExecutionContext context = new ExecutionContext(true);
ESAWSErrorHandler errorHandler = new ESAWSErrorHandler();
ESAWSResponseHandler<Void> responseHandler = new ESAWSResponseHandler<Void>();
client.requestExecutionBuilder().executionContext(context).errorResponseHandler(errorHandler).request(request)
.execute(responseHandler);
} catch (Exception e) {
e.printStackTrace();
}
}
But it gives me a 403 forbidden error. 但这给了我403禁止的错误。 When I do Curl XGET with my endpoint url I am getting the result. 当我使用端点URL进行XGET卷曲时,我得到了结果。 What am I doing wrong here? 我在这里做错了什么?
com.amazonaws.AmazonServiceException: (Service: null; Status Code: 403; Error Code: Forbidden; Request ID: null) at com.amazonaws.http.AmazonHttpClient$RequestExecutor.handleErrorResponse(AmazonHttpClient.java:1588) at com.amazonaws.http.AmazonHttpClient$RequestExecutor.executeOneRequest(AmazonHttpClient.java:1258) at com.amazonaws.http.AmazonHttpClient$RequestExecutor.executeHelper(AmazonHttpClient.java:1030) at com.amazonaws.http.AmazonHttpClient$RequestExecutor.doExecute(AmazonHttpClient.java:742) at com.amazonaws.http.AmazonHttpClient$RequestExecutor.executeWithTimer(AmazonHttpClient.java:716) at com.amazonaws.http.AmazonHttpClient$RequestExecutor.execute(AmazonHttpClient.java:699) at com.amazonaws.http.AmazonHttpClient$RequestExecutor.access$500(AmazonHttpClient.java:667) at com.amazonaws.http.AmazonHttpClient$RequestExecutionBuilderImpl.execute(AmazonHttpClient.java:649) com.amazonaws.http.AmazonHttpClient $ RequestExecutor.handleErrorResponse(AmazonHttpClient.java:1588)上的com.amazonaws.AmazonServiceException:(服务:null;状态代码:403;错误代码:禁止;请求ID:null)。 com.amazonaws上的http.AmazonHttpClient $ RequestExecutor.executeOneRequest(AmazonHttpClient.java:1258)。com.amazonaws上的http.AmazonHttpClient $ RequestExecutor.executeHelper(AmazonHttpClient.java:1030).http.AmazonHttpClient $ RequestExecutor.doExecute(AmazonHttpClient.java: 742)com.amazonaws.http.AmazonHttpClient $ RequestExecutor.executeWithTimer(AmazonHttpClient.java:716)com.amazonaws.http.AmazonHttpClient $ RequestExecutor.execute(AmazonHttpClient.java:699)com.amazonaws.http.AmazonHttpClient $ RequestExecutor com.amazonaws.http上的.access $ 500(AmazonHttpClient.java:667).AmazonHttpClient $ RequestExecutionBuilderImpl.execute(AmazonHttpClient.java:649)
I guess you would need es:ESHttpGet
in your ES policy. 我想您在ES策略中需要es:ESHttpGet
。
Reference: 参考:
Amazon Elasticsearch Service Access Control Amazon Elasticsearch Service访问控制
Control Access to Your Amazon Elasticsearch Service Domain 控制对Amazon Elasticsearch Service域的访问
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.