-
|
I imported an OpenSearch cluster in the console, and returned response when i visit the OpenSearch Dashboard (via proxy, bastion or connected network). But i saw an error shows unauthorized. How to check and fix it? |
Beta Was this translation helpful? Give feedback.
Replies: 1 comment
-
|
When creating a new OpenSearch cluster, the default setting in Access Policy part is “Configure domain level access policy”, and the json code will be like this.
This policy will deny all the access from any IAM role or user, which caused the unauthorized error when you visit the dashboard url. You need to change the Action from “Deny” to “Allow”. You can change it via Visual Editor, or in the json code. The access policy should be like this.
Then you can see the dashboard login page. For more information about access policy, please refer to Fine-grained access control. |
Beta Was this translation helpful? Give feedback.
When creating a new OpenSearch cluster, the default setting in Access Policy part is “Configure domain level access policy”, and the json code will be like this.
{ "Version": "2012-10-17", "Statement": [ { "Effect": "Deny", "Principal": { "AWS": [ "" ] }, "Action": [ "es:" ], "Resource": "arn:aws:es:REGION:ACCONT-ID:domain//*" } ] }This policy will deny all the access from any IAM role or user, which caused the unauthorized error when you visit the dashboard url. You need to change the Action from “Deny” to “Allow”. You can change it via Visual Editor, or in the json code. The access policy should be like this.
{ "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Principal": {…