error creating user: &{403 map[Access-Control-Allow-Origin:[*] Content-Length:[333] Content-Type:[application/json; charset=UTF-8]

phillbaker / terraform-provider-elasticsearch

An elasticsearch provider for terraform

https://registry.terraform.io/providers/phillbaker/elasticsearch

Mozilla Public License 2.0

304 stars 134 forks source link

error creating user: &{403 map[Access-Control-Allow-Origin:[*] Content-Length:[333] Content-Type:[application/json; charset=UTF-8] #304

Closed nirsv closed 2 years ago

nirsv commented 2 years ago

I am using AWS Opensearch with Saml enabled and whatever I try to do I get error 403.

I tried using aws_assume_role_arn, aws_profile, master username and password all the combination but I always get this error 403.

Maybe the provider is not supported for AWS Opensearch with enabled SAML ?

phillbaker commented 2 years ago

Hello - Kibana SAML credentials do not work with authenticating to the underlying ES API, see https://github.com/phillbaker/terraform-provider-elasticsearch/issues/217. Please see the docs for AWS authentication options: https://github.com/phillbaker/terraform-provider-elasticsearch/blob/master/docs/index.md#AWS-authentication

nirsv commented 2 years ago

@phillbaker So how can I authenticate? I tried all the options (master username and password/ Using my aws profile/ using aws_assume_role_arn ) none of them works.

phillbaker commented 2 years ago

@nirsv it depends on the domain access policy applied to the cluster, whether it's a VPC only cluster and other options applied to the cluster. If you can use curl to access the cluster, use the same credentials in this provider.