无法从EC2实例连接到AWS Elasticsearch实例

时间:2018-08-29 18:44:35

标签: python amazon-web-services elasticsearch amazon-ec2

我在同一vpc中有一个EC2实例和一个Elasticsearch实例。我正在尝试通过request_aws4auth软件包和python elasticsearch连接器进行连接。

host = cfg.AWS_HOST # For example, my-test-domain.us-east-1.es.amazonaws.com
region = cfg.AWS_REGION # e.g. us-west-1

service = 'es'

awsauth = AWS4Auth(cfg.AWS_ACCESS_KEY, cfg.AWS_SECRET_KEY, region, service)

es = Elasticsearch(
hosts = [{'host': host, 'port': 443}],
http_auth = awsauth,
use_ssl = True,
verify_certs = True,
connection_class = RequestsHttpConnection
)

尝试连接时出现此 ERROR 错误

Traceback (most recent call last):
  File "writeData.py", line 27, in <module>
    print(es.info())
  File "/usr/lib/python2.7/site-packages/elasticsearch/client/utils.py", line 76, in _wrapped
    return func(*args, params=params, **kwargs)
  File "/usr/lib/python2.7/site-packages/elasticsearch/client/__init__.py", line 241, in info
    return self.transport.perform_request('GET', '/', params=params)
  File "/usr/lib/python2.7/site-packages/elasticsearch/transport.py", line 318, in perform_request
    status, headers_response, data = connection.perform_request(method, url, params, body, headers=headers, ignore=ignore, timeout=timeout)
  File "/usr/lib/python2.7/site-packages/elasticsearch/connection/http_requests.py", line 90, in perform_request
    self._raise_error(response.status_code, raw_data)
  File "/usr/lib/python2.7/site-packages/elasticsearch/connection/base.py", line 125, in _raise_error
    raise HTTP_EXCEPTIONS.get(status_code, TransportError)(status_code, error_message, additional_info)
elasticsearch.exceptions.AuthorizationException: AuthorizationException(403, u'{"message":"The security token included in the request is invalid."}')

2 个答案:

答案 0 :(得分:1)

您可能还需要将session_token信息作为参数传递。

喜欢这个。

auth = AWS4Auth(credentials.access_key, credentials.secret_key, 
              region, service, session_token=credentials.token)

如图here

答案 1 :(得分:0)

如果要在同一VPC内进行连接,则不想使用外部主机地址。而是根据您的ES设置使用弹性机的内部ip或内部负载平衡器。