Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Fail to upload documents to aws cloudsearch using boto.cloudsearch2

Tags:

boto

amazon-cloudsearch

This is my code to try uploading documents to cloud search

from boto.cloudsearch2.layer2 import Layer2
conn_config = {
    'region': 'us-east-1',
    'aws_access_key_id': os.getenv('AWS_ACCESS'),
    'aws_secret_access_key': os.getenv('AWS_SECRET'),
    'debug': 2
}
conn = Layer2(**conn_config)
domain = conn.lookup(my_domain)
doc_service = domain.get_document_service()
doc_service.add(my_id, my_fields)
doc_service.commit()

This is the error I got: 

Traceback (most recent call last):
line 32, in <module> doc.commit()
File "/Library/Python/2.7/site-packages/boto/cloudsearch2/document.py", line 205, in commit return CommitResponse(r, self, sdf)
File "/Library/Python/2.7/site-packages/boto/cloudsearch2/document.py", line 250, in      __init__
self.adds = self.content['adds']
KeyError: 'adds'

which is I believe is a misleading error. When I add this line to init() of /Library/Python/2.7/site-packages/boto/cloudsearch2/document.py

print self.content

the real problem seems to appears as: 

{u'status': u'error', u'message': u'User: anonymous is not authorized to perform:    cloudsearch:document on resource: arn:aws:cloudsearch:us-east-1:053216739513:domain/dev-audit', u'errors': [{u'message': u'[*Deprecated*: Use the outer message field] User: anonymous is not authorized to perform: cloudsearch:document on resource: arn:aws:cloudsearch: ...'}], u'__type': u'#AccessDenied'}

Any insights on how to overcome this annoying permission error? I am able to search with given access id and secret key but just fail to upload !!!

like image 978
Cocoa Avatar asked Oct 21 '14 20:10

Cocoa

1 Answers

CloudSearch allows you to configure separate access policies for querying vs doc submission. It sounds like maybe your doc submission policy is more restrictive than your query policy (which is a common setup).

You can leave doc submission wide open to test things and come up with an access policy later using the guide at http://docs.aws.amazon.com/cloudsearch/latest/developerguide/configuring-access.html.

Sample wide-open configuration:

{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Sid": "",
      "Effect": "Allow",
      "Principal": {
        "AWS": "*"
      },
      "Action": "cloudsearch:*"
    }
  ]
}

Here's where to go in the AWS web console:

CloudSearch access policies

like image 123
alexroussos Avatar answered Oct 06 '22 11:10

alexroussos
Sign in to Comment

Related questions

How to generate file link without expiry?
Is it possible to synchronously invoke an AWS Lambda function from Python Boto?
Django Storages AWS_QUERYSTRING_AUTH Not Working
How can I set the S3 object lifecycle using boto?
Boto AWS Glacier - Retrieve archive

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!