diff --git a/README.md b/README.md
index eae32706..97f031f8 100644
--- a/README.md
+++ b/README.md
@@ -13,7 +13,11 @@ nvm use; npm i
 nvm use; ENV=qa npm start
 ```
 
-Note that when developing locally, you may need to [add your IP to the access control policy of the relevant ES domain](https://github.com/NYPL/aws/blob/b5c0af0ec8357af9a645d8b47a5dbb0090966071/common/elasticsearch.md#2-make-the-domain-public-restrict-by-ip).
+Note that when developing locally, if connecting to a IP ACL protected index (a practice we're currently deprecating), you may need to [add your IP to the access control policy of the relevant ES domain](https://github.com/NYPL/aws/blob/b5c0af0ec8357af9a645d8b47a5dbb0090966071/common/elasticsearch.md#2-make-the-domain-public-restrict-by-ip). If your IP has not been authorized, you will see errors such as the following in the application logs:
+
+```
+error: Error connecting to index: 403: {"Message":"User: anonymous is not authorized to perform: es:ESHttpPost because no resource-based policy allows the es:ESHttpPost action"}
+```
 
 ### Using Docker
 
diff --git a/lib/errors.js b/lib/errors.js
index 81794d54..296f517e 100644
--- a/lib/errors.js
+++ b/lib/errors.js
@@ -17,4 +17,16 @@ class NotFoundError extends Error {
     this.message = message
   }
 }
-module.exports = { InvalidParameterError, NotFoundError }
+
+/**
+* Thrown when there's an error connecting to the ES index
+*/
+class IndexConnectionError extends Error {
+  constructor (message) {
+    super()
+    this.name = 'IndexConnectionError'
+    this.message = message
+  }
+}
+
+module.exports = { InvalidParameterError, NotFoundError, IndexConnectionError }
diff --git a/lib/es-client.js b/lib/es-client.js
index f3a9df1c..09c239cd 100644
--- a/lib/es-client.js
+++ b/lib/es-client.js
@@ -2,6 +2,7 @@ const elasticsearch = require('@elastic/elasticsearch')
 const url = require('node:url')
 const { deepValue } = require('./util')
 const logger = require('./logger')
+const { IndexConnectionError } = require('./errors')
 
 const clientWrapper = {}
 
@@ -34,6 +35,14 @@ clientWrapper.search = function (body) {
     index: process.env.RESOURCES_INDEX,
     body
   })
+    .catch((e) => {
+      if (e.statusCode === 403) {
+        logger.error(`Error connecting to index: ${e.statusCode}: ${JSON.stringify(e.body)}`)
+        throw new IndexConnectionError('Error connecting to index')
+      }
+
+      throw e
+    })
 }.bind(clientWrapper)
 
 /**