Can not upload a document for CloudSearch with sdk 2.6.4

[mkjang]

I'm trying to use latest version 2.6.4 for CloudSearch and can not upload document with following exception:

java.util.concurrent.CompletionException: software.amazon.awssdk.services.cloudsearchdomain.model.CloudSearchDomainException: Request forbidden by administrative rules (Service: CloudSearchDomain, Status Code: 403, Request ID: null)
    at software.amazon.awssdk.utils.CompletableFutureUtils.errorAsCompletionException(CompletableFutureUtils.java:61)
    at software.amazon.awssdk.core.internal.http.pipeline.stages.AsyncExecutionFailureExceptionReportingStage.lambda$execute$0(AsyncExecutionFailureExceptionReportingStage.java:51)

My account have CloudSearchFullAccess permission, and changing the domain's access policies as open to all does not affect. (Also, url endpoint contains /2013-01-01/documents/batch.) Other functions like searching documents or defining an expression is working fine.

With cli or sending http request directly, upload document is working. So it could be the library's issue.

[debora-ito]

Transferred to V2 repo.

[debora-ito]

@mkjang Can you provide a code sample so we can try to reproduce the issue?

[mkjang]

Here is my code. Only urlStr and path to json file are modified. Tried with json object and the result was the same.

        String urlStr = "https://doc-test-Xxx.ap-northeast-2.cloudsearch.amazonaws.com/2013-01-01/documents/batch"
        CloudSearchDomainAsyncClient client = CloudSearchDomainAsyncClient
                .builder()
                .endpointOverride(URI.create(urlStr))
                .build();

        UploadDocumentsRequest request = UploadDocumentsRequest
                .builder()
                .contentType(ContentType.APPLICATION_JSON)
                .build();

        CompletableFuture<UploadDocumentsResponse> response = client.uploadDocuments(
                request,
                Paths.get("/somePath/data.json"));

        response.whenComplete((result, err) -> {
            try {
                if (result != null) {
                    System.out.println(result.toString());
                } else {
                    err.printStackTrace();
                }
            } catch(Exception e) {
                System.out.println(e.toString());
            } finally {
                client.close();
            }
        });

[debora-ito]

I just noticed there's a lambda in the log, are you executing the code via lambda? Have you configured the lambda function's execution role to access the cloudsearch resources?

[mkjang]

@debora-ito Thank you for your help. I don't use lambda as far as I know. I'm executing the code from local machine, just writing java code with sdk and I think that's connecting cloudsearch directly, not using lambda. And I can do search with the same client (CloudSearchDomainAsyncClient) by executing from local machine.

[mkjang]

@debora-ito I realized that the lambda from log is about Java lambda expression, not aws lambda service. CompletableFuture uses lambda expression. I tried to execute with synchronous client and the result is the same. Here is log.

software.amazon.awssdk.services.cloudsearchdomain.model.CloudSearchDomainException: Request forbidden by administrative rules (Service: CloudSearchDomain, Status Code: 403, Request ID: null)
    at software.amazon.awssdk.core.internal.http.pipeline.stages.HandleResponseStage.handleErrorResponse (HandleResponseStage.java:115)
    at software.amazon.awssdk.core.internal.http.pipeline.stages.HandleResponseStage.handleResponse (HandleResponseStage.java:73)
    at software.amazon.awssdk.core.internal.http.pipeline.stages.HandleResponseStage.execute (HandleResponseStage.java:58)
  ...

[mkjang]

I removed '/2013-01-01/documents/batch' from url endpoint and it's working now.