Signing ElasticSearch AWS calls

It is hard to answer anything specific without a complete understanding of what is happening with the particular request, but here are some suggestions on where to start the search for solution.

1. There might be a problem with the middleware. I found another one, which seems to be cleaner and better tested. I would suggest trying it out - amazon-es-php
2. There might be an issue with your policies / VPC configuration, so make sure to check this page for possible problematic places
3. Another option is to enable loggin for your elasticsearch php client to shed some light onto what is going on with the requests. This can be done by adding monolog library to your application and creating a logger handler. Here is a guide from the official elastic search documentation.

This helped me when I had similar issue :

To troubleshoot this issue, check the following:

Verify that you are using a client that supports credential signing, and that your requests are being signed correctly. AWS uses the Signature Version 4 Signing Process to add authentication information to AWS requests; requests from clients that aren’t compatible with Signature Version 4 are rejected with an ‘anonymous is not authorized’ error. For examples of well-formed requests to Elasticsearch, see Signing an Amazon Elasticsearch Service Search Request.

Verify that the users and resources specified in the access policy have the correct Amazon Resource Name (ARN) specified. For general information about ARNs, see Amazon Resource Names (ARNs) and AWS Service Namespaces.

Ensure that IP addresses specified in the access policy use CIDR notation. Access policies use CIDR notation when checking your IP address against the IP addresses specified by the policy.

Verify that the IP addresses specified in your access policy match the IP addresses you are using to access your Elasticsearch cluster. Your IP may have changed since the access policy was originally configured. You can determine the public-facing IP address of any instance at http://checkip.amazonaws.com/.

Review Troubleshoot IAM Policies for additional troubleshooting information.

For more details check this out...