I get a "User: anonymous is not authorized" error when I try to access my Elasticsearch cluster

Last updated: 2020-02-05

When I try to access my Amazon Elasticsearch Service (Amazon ES) domain or Kibana, I receive the following error message: “User: anonymous is not authorized”.

Short Description

Requests return this error when they are unsigned and come from a source IP address that isn't allowed in the access policy. Requests also return this error when there is an error in the syntax of the access policy.


If you are using a client that doesn't support request signing, such as a browser:

  • Use an IP-based access policy. IP-based policies allow unsigned requests to an Amazon ES domain.
  • Make sure that the IP addresses specified in the access policy uses CIDR notation. Access policies use CIDR notation when checking IP address against the access policy.
  • Verify that the IP addresses specified in the access policy match the IP addresses that you're using to access your Elasticsearch cluster. Your IP address might have changed since the time that the access policy was first configured. You can get the public IP address of your local computer at https://checkip.amazonaws.com/.

If you are using a client that supports request signing, check the following:

Did this article help you?

Anything we could improve?

Need more help?