I am trying to create an AWS lambda using c# to access AWS ElasticSerch service. I have created a role that my lambda function is configured to use which has access to ElasticSeach. But the permission doesn't seem to be working.
Here is my setup:
- I have created an access policy with Reading and Write access to ES service.
- Created a role and assigned above policy
- I have granted permissions to this role, to my ES cluster.
I have a simple code in a lambda to see if I can connect to it.
public async Task<string> FunctionHandler()
HttpClient client = new HttpClient();
var response = await client.GetStringAsync("https://XXXXX.us-west-2.es.amazonaws.com/firstindex");
This gives me a 403 Forbidden error. I even tried setting a trust relationship with es.amazonaws.com for the role. That also did not work.
If I make the ES cluster public, I can see the response.
Will this method work with Lambda? Am I missing some permissions?