AWS ElasticSearch 服务上的身份验证最终失败错误
Authntication finally failed error on AWS ElasticSearch Service
我正在尝试将 Django 应用程序从使用 AWS ElasticSearch 2.3 升级到 7.4(同时升级 Django 包)。
我在本地 运行ning,但是当我尝试 运行 使用 AWS ElasticSearch7.4 时,我得到以下 Traceback
Traceback (most recent call last):
File "/home/henry/Documents/Sites/Development/autumna2/env/lib/python3.6/site-packages/django/core/handlers/exception.py", line 34, in inner
response = get_response(request)
File "/home/henry/Documents/Sites/Development/autumna2/env/lib/python3.6/site-packages/django/core/handlers/base.py", line 126, in _get_response
response = self.process_exception_by_middleware(e, request)
File "/home/henry/Documents/Sites/Development/autumna2/env/lib/python3.6/site-packages/django/core/handlers/base.py", line 124, in _get_response
response = wrapped_callback(request, *callback_args, **callback_kwargs)
File "/home/henry/Documents/Sites/Development/autumna2/autumna/src/search/views.py", line 169, in name_suggestions
field='name_suggestion',
File "/home/henry/Documents/Sites/Development/autumna2/autumna/src/search/views.py", line 129, in search_suggestions
data = sqs.execute(ignore_cache=True).to_dict()['hits']['hits']
File "/home/henry/Documents/Sites/Development/autumna2/env/lib/python3.6/site-packages/elasticsearch_dsl/search.py", line 698, in execute
**self._params
File "/home/henry/Documents/Sites/Development/autumna2/env/lib/python3.6/site-packages/elasticsearch/client/utils.py", line 92, in _wrapped
return func(*args, params=params, headers=headers, **kwargs)
File "/home/henry/Documents/Sites/Development/autumna2/env/lib/python3.6/site-packages/elasticsearch/client/__init__.py", line 1627, in search
body=body,
File "/home/henry/Documents/Sites/Development/autumna2/env/lib/python3.6/site-packages/elasticsearch/transport.py", line 362, in perform_request
timeout=timeout,
File "/home/henry/Documents/Sites/Development/autumna2/env/lib/python3.6/site-packages/elasticsearch/connection/http_urllib3.py", line 248, in perform_request
self._raise_error(response.status, raw_data)
File "/home/henry/Documents/Sites/Development/autumna2/env/lib/python3.6/site-packages/elasticsearch/connection/base.py", line 244, in _raise_error
status_code, error_message, additional_info
elasticsearch.exceptions.AuthenticationException: AuthenticationException(401, 'Authentication finally failed')
我正在使用 django-elasticsearch-dsl
所以我只是在 settings.py
中声明了主机(这是我之前的直接替换)
ELASTICSEARCH_DSL = {
'default': {
'hosts': 'https://search-elastic7-zoqohjbiedz2ozmthfi4a3ccm4.eu-west-2.es.amazonaws.com', # I've changed this string
},
}
我正在使用 IAM 身份验证,并且我已授予 IAM 帐户对我的所有 ElasticSearch 实例的完全访问权限(但这与我在设置实例时使用的主用户和密码不同)。如果我需要那些,我该如何传递它们?如果不是,我做错了什么?
django-elasticsearch-dsl 似乎不支持 AWS ES 请求签名,这在您启用 IAM 身份验证时是必需的:
https://docs.aws.amazon.com/elasticsearch-service/latest/developerguide/es-request-signing.html
您可以通过完全打开 AWS ES 实例(无身份验证)来检查是否是问题所在。
如果其他人有问题,下面进行排序
from elasticsearch import Elasticsearch, RequestsHttpConnection
from requests_aws4auth import AWS4Auth
AWS_ACCESS_KEY_ID = os.environ.get('AWS_ACCESS_KEY_ID',"some key")
AWS_SECRET_ACCESS_KEY = os.environ.get('AWS_SECRET_ACCESS_KEY',"another secret key")
AWS_SERVICE = 'es'
AWS_ELASTICSEARCH = os.environ.get('AWS_ELASTICSEARCH','search-elastic7-zoqohjbiedz2ozmthfi4a3ccm4.eu-west-2.es.amazonaws.com')
http_auth = AWS4Auth(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY, AWS_REGION, AWS_SERVICE)
ELASTICSEARCH_DSL = {
'default': {
'hosts': [{'host': AWS_ELASTICSEARCH, 'port': 443}],
'http_auth' : http_auth,
'use_ssl' : True,
'verify_certs' : True,
'connection_class' : RequestsHttpConnection
},
我正在尝试将 Django 应用程序从使用 AWS ElasticSearch 2.3 升级到 7.4(同时升级 Django 包)。
我在本地 运行ning,但是当我尝试 运行 使用 AWS ElasticSearch7.4 时,我得到以下 Traceback
Traceback (most recent call last):
File "/home/henry/Documents/Sites/Development/autumna2/env/lib/python3.6/site-packages/django/core/handlers/exception.py", line 34, in inner
response = get_response(request)
File "/home/henry/Documents/Sites/Development/autumna2/env/lib/python3.6/site-packages/django/core/handlers/base.py", line 126, in _get_response
response = self.process_exception_by_middleware(e, request)
File "/home/henry/Documents/Sites/Development/autumna2/env/lib/python3.6/site-packages/django/core/handlers/base.py", line 124, in _get_response
response = wrapped_callback(request, *callback_args, **callback_kwargs)
File "/home/henry/Documents/Sites/Development/autumna2/autumna/src/search/views.py", line 169, in name_suggestions
field='name_suggestion',
File "/home/henry/Documents/Sites/Development/autumna2/autumna/src/search/views.py", line 129, in search_suggestions
data = sqs.execute(ignore_cache=True).to_dict()['hits']['hits']
File "/home/henry/Documents/Sites/Development/autumna2/env/lib/python3.6/site-packages/elasticsearch_dsl/search.py", line 698, in execute
**self._params
File "/home/henry/Documents/Sites/Development/autumna2/env/lib/python3.6/site-packages/elasticsearch/client/utils.py", line 92, in _wrapped
return func(*args, params=params, headers=headers, **kwargs)
File "/home/henry/Documents/Sites/Development/autumna2/env/lib/python3.6/site-packages/elasticsearch/client/__init__.py", line 1627, in search
body=body,
File "/home/henry/Documents/Sites/Development/autumna2/env/lib/python3.6/site-packages/elasticsearch/transport.py", line 362, in perform_request
timeout=timeout,
File "/home/henry/Documents/Sites/Development/autumna2/env/lib/python3.6/site-packages/elasticsearch/connection/http_urllib3.py", line 248, in perform_request
self._raise_error(response.status, raw_data)
File "/home/henry/Documents/Sites/Development/autumna2/env/lib/python3.6/site-packages/elasticsearch/connection/base.py", line 244, in _raise_error
status_code, error_message, additional_info
elasticsearch.exceptions.AuthenticationException: AuthenticationException(401, 'Authentication finally failed')
我正在使用 django-elasticsearch-dsl
所以我只是在 settings.py
中声明了主机(这是我之前的直接替换)
ELASTICSEARCH_DSL = {
'default': {
'hosts': 'https://search-elastic7-zoqohjbiedz2ozmthfi4a3ccm4.eu-west-2.es.amazonaws.com', # I've changed this string
},
}
我正在使用 IAM 身份验证,并且我已授予 IAM 帐户对我的所有 ElasticSearch 实例的完全访问权限(但这与我在设置实例时使用的主用户和密码不同)。如果我需要那些,我该如何传递它们?如果不是,我做错了什么?
django-elasticsearch-dsl 似乎不支持 AWS ES 请求签名,这在您启用 IAM 身份验证时是必需的: https://docs.aws.amazon.com/elasticsearch-service/latest/developerguide/es-request-signing.html
您可以通过完全打开 AWS ES 实例(无身份验证)来检查是否是问题所在。
如果其他人有问题,下面进行排序
from elasticsearch import Elasticsearch, RequestsHttpConnection
from requests_aws4auth import AWS4Auth
AWS_ACCESS_KEY_ID = os.environ.get('AWS_ACCESS_KEY_ID',"some key")
AWS_SECRET_ACCESS_KEY = os.environ.get('AWS_SECRET_ACCESS_KEY',"another secret key")
AWS_SERVICE = 'es'
AWS_ELASTICSEARCH = os.environ.get('AWS_ELASTICSEARCH','search-elastic7-zoqohjbiedz2ozmthfi4a3ccm4.eu-west-2.es.amazonaws.com')
http_auth = AWS4Auth(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY, AWS_REGION, AWS_SERVICE)
ELASTICSEARCH_DSL = {
'default': {
'hosts': [{'host': AWS_ELASTICSEARCH, 'port': 443}],
'http_auth' : http_auth,
'use_ssl' : True,
'verify_certs' : True,
'connection_class' : RequestsHttpConnection
},