对不起!在 Kibana 和 Amazon Cognito 之间进行身份验证时出现问题
Sorry! Something went wrong during authentication between Kibana and Amazon Cognito
我将 AWS ElasticSearch 与 Cognito 结合使用,尝试登录时出现以下错误
Sorry!
Something went wrong during authentication between Kibana and Amazon Cognito.
What happened?
User: x:x:x::xx:x is not authorized to perform: es:ESHttpGet
我的 AWS ES 集群访问策略看起来像
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Principal": {
"AWS": "arn:aws:iam::xxxxxxxxx:role/service-role/CognitoAccessForAmazonES"
},
"Action": "es:ESHttp*",
"Resource": "arn:aws:es:xxxxxxx:xxxxxxx:domain/elastic-blah/*",
"Condition": {
"IpAddress": {
"aws:SourceIp": "xx.xx.xx.xx/32"
}
}
}
]
}
this link 中描述的可能问题。确保经过身份验证的角色具有访问您的 ES 域的适当权限。
经过 Amazon Cognito 身份验证的角色需要域 (/*) 的 es:ESHttp* 权限才能访问和使用 Kibana。检查您是否添加了允许经过身份验证的角色中指定的访问策略。
我遇到了同样的问题,从 Cognito 向 Auth Role 授予更多权限解决了这个问题。
我将 AWS ElasticSearch 与 Cognito 结合使用,尝试登录时出现以下错误
Sorry!
Something went wrong during authentication between Kibana and Amazon Cognito.
What happened?
User: x:x:x::xx:x is not authorized to perform: es:ESHttpGet
我的 AWS ES 集群访问策略看起来像
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Principal": {
"AWS": "arn:aws:iam::xxxxxxxxx:role/service-role/CognitoAccessForAmazonES"
},
"Action": "es:ESHttp*",
"Resource": "arn:aws:es:xxxxxxx:xxxxxxx:domain/elastic-blah/*",
"Condition": {
"IpAddress": {
"aws:SourceIp": "xx.xx.xx.xx/32"
}
}
}
]
}
this link 中描述的可能问题。确保经过身份验证的角色具有访问您的 ES 域的适当权限。
经过 Amazon Cognito 身份验证的角色需要域 (/*) 的 es:ESHttp* 权限才能访问和使用 Kibana。检查您是否添加了允许经过身份验证的角色中指定的访问策略。
我遇到了同样的问题,从 Cognito 向 Auth Role 授予更多权限解决了这个问题。