Authenticating to a remote domain or cluster from within Python has been quite challenging, but it now works following these steps.
- Create an Iam User with permissions for the OpenSearch service
- Copy the arn for this user: arn:aws:iam::840560325987:user/boto3user
- Under the OpenSearch domain that was created > Security Config > Edit > Set IAM ARN as master user (paste in ARN)
- Install the boto3 python package
- Modify the config and credentials files: .aws/config and credentials C:\Users\Vincent.aws\config and C:\Users\Vincent.aws\credentials
- Add in the access key and secret access key ids, also set the default region for boto3 - make sure this is the same region as your OpenSearch domain is located in
- Once we have a solid boto3 client set up, we can confirm it's able to authN to our AWS account (boto3_test.py)
- Run app.py to see how we are now able to create an index in our remote cluster with Python on the local machine.