Anthony helps you troubleshoot
"User: anonymous is not authorized"
errors with Elasticsearch

anthony_anonymous_not_authorized_elasticsearch

When I try to access my Amazon Elasticsearch Service (Amazon ES) domain or Kibana, I receive the message “User: anonymous is not authorized”.  

Requests return this error when they are both unsigned and come from a source IP address that is not allowed in the access policy. Requests also return this error when there is an error in the syntax of the access policy.  

If you are using a client that doesn't support request signing, such as a browser:

  • Use an IP-based access policy. IP-based policies allow unsigned requests to an Amazon ES domain.
  • Make sure that the IP addresses specified in the access policy use CIDR notation. Access policies use CIDR notation when checking IP address against the access policy.
  • Verify that the IP addresses specified in the access policy match the IP addresses you are using to access your Elasticsearch cluster. Your IP address may have changed since the access policy was first configured. You can get the public IP address of your local computer at http://checkip.amazonaws.com/.

If you are using a client that supports request signing:


Did this page help you? Yes | No

Back to the AWS Support Knowledge Center

Need help? Visit the AWS Support Center

Published: 2016-11-01

Updated: 2018-10-29