Connect to elasticsearch in AWS using key credentials

Question

I'm trying to post a request using curl to my es cluster in AWS using my accessKey and secretKey. I have successfully done this through postman (details here) where you can specify AWS credentials but I would like to make this work with curl. Postman can auto-generate your curl request for you but all I get are errors.

This is the generated curl request along with the response

curl -X GET \

  https://search-00000000000001.eu-west-1.es.amazonaws.com/_cat/indices \

  -H 'Authorization: AWS4-HMAC-SHA256 Credential=11111111111111111111/20181119/eu-west-1/es/aws4_request, SignedHeaders=cache-control;content-type;host;postman-token;x-amz-date, Signature=11111111116401882398f46011f14fdb9d55e012a4fb912706d67c1111111111' \

  -H 'Content-Type: application/x-www-form-urlencoded' \

  -H 'Host: search-00000000000001.eu-west-1.es.amazonaws.com' \

  -H 'Postman-Token: 00000000-0000-4001-8006-9291e208a000' \

  -H 'X-Amz-Date: 20181119T220000Z' \

  -H 'cache-control: no-cache'

{"message":"The request signature we calculated does not match the signature you provided. Check your AWS Secret Access Key and signing method. Consult the service documentation for details."}%

IDs have been changed to protect the innocent.

I have checked all my keys and region, and like I said this works through postman. Is it possible to access this AWS service using my keys through curl?

Answer 1

This API Gateway documentation might help.

https://docs.aws.amazon.com/apigateway/api-reference/signing-requests/

This script provided Ribose is available in Github.

https://github.com/riboseinc/aws-authenticating-secgroup-scripts