I have a problem registering repository to aws elastic search. Here is the link I use to do that:
And as is mentioned in the link I copied the following code and ran it:
from boto.connection import AWSAuthConnection
class ESConnection(AWSAuthConnection):
def __init__(self, region, **kwargs):
super(ESConnection, self).__init__(**kwargs)
self._set_auth_region_name(region)
self._set_auth_service_name("es")
def _required_auth_capability(self):
return ['hmac-v4']
if __name__ == "__main__":
client = ESConnection(
region='us-east-1',
host='search-weblogs-etrt4mbbu254nsfupy6oiytuz4.us-east-1.es.example.com',
aws_access_key_id='my-access-key-id',
aws_secret_access_key='my-access-key', is_secure=False)
print 'Registering Snapshot Repository'
resp = client.make_request(method='POST',
path='/_snapshot/weblogs-index-backups',
data='{"type": "s3","settings": { "bucket": "es-index-backups","region": "us-east-1","role_arn": "arn:aws:iam::123456789012:role/TheServiceRole"}}')
body = resp.read()
print body
I also adapt the security and account id and ... to mine. When I run it I get the following error:
b'{"Message":"Cross-account pass role is not allowed."}'
Whatever I am using is in the same account also I added the following inline policy to my user in
{
"Version": "2012-10-17",
"Statement": {
"Effect": "Allow",
"Action": "iam:PassRole",
"Resource": "arn:aws:iam::xxxxxxxxxx:role/myrole"
}
}
Can anyone help what is my issue?
