@pulumi/aws 5.2.0-alpha.1650047579 → 5.2.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/apigateway/stage.d.ts +18 -6
- package/apigateway/stage.js +2 -0
- package/apigateway/stage.js.map +1 -1
- package/athena/database.d.ts +42 -0
- package/athena/database.js +26 -0
- package/athena/database.js.map +1 -1
- package/autoscaling/attachment.d.ts +1 -1
- package/autoscaling/attachment.js +1 -1
- package/autoscaling/group.d.ts +19 -10
- package/autoscaling/group.js +4 -1
- package/autoscaling/group.js.map +1 -1
- package/backup/plan.d.ts +3 -0
- package/backup/plan.js +3 -0
- package/backup/plan.js.map +1 -1
- package/cfg/rule.d.ts +39 -12
- package/cfg/rule.js +27 -0
- package/cfg/rule.js.map +1 -1
- package/cloudformation/stackSet.d.ts +12 -0
- package/cloudformation/stackSet.js +2 -0
- package/cloudformation/stackSet.js.map +1 -1
- package/cloudformation/stackSetInstance.d.ts +19 -1
- package/cloudformation/stackSetInstance.js +9 -1
- package/cloudformation/stackSetInstance.js.map +1 -1
- package/cloudtrail/trail.d.ts +31 -30
- package/cloudtrail/trail.js +31 -30
- package/cloudtrail/trail.js.map +1 -1
- package/cloudwatch/getEventBus.d.ts +51 -0
- package/cloudwatch/getEventBus.js +38 -0
- package/cloudwatch/getEventBus.js.map +1 -0
- package/cloudwatch/index.d.ts +1 -0
- package/cloudwatch/index.js +1 -0
- package/cloudwatch/index.js.map +1 -1
- package/cognito/index.d.ts +1 -0
- package/cognito/index.js +5 -0
- package/cognito/index.js.map +1 -1
- package/cognito/userInGroup.d.ts +100 -0
- package/cognito/userInGroup.js +90 -0
- package/cognito/userInGroup.js.map +1 -0
- package/cognito/userPoolClient.d.ts +22 -0
- package/cognito/userPoolClient.js +22 -0
- package/cognito/userPoolClient.js.map +1 -1
- package/datasync/fsxOpenZfsFileSystem.d.ts +175 -0
- package/datasync/fsxOpenZfsFileSystem.js +104 -0
- package/datasync/fsxOpenZfsFileSystem.js.map +1 -0
- package/datasync/index.d.ts +1 -0
- package/datasync/index.js +5 -0
- package/datasync/index.js.map +1 -1
- package/dynamodb/contributorInsights.d.ts +82 -0
- package/dynamodb/contributorInsights.js +76 -0
- package/dynamodb/contributorInsights.js.map +1 -0
- package/dynamodb/index.d.ts +1 -0
- package/dynamodb/index.js +5 -0
- package/dynamodb/index.js.map +1 -1
- package/dynamodb/tableItem.d.ts +6 -9
- package/dynamodb/tableItem.js.map +1 -1
- package/ec2/amiLaunchPermission.d.ts +70 -10
- package/ec2/amiLaunchPermission.js +32 -5
- package/ec2/amiLaunchPermission.js.map +1 -1
- package/ec2/defaultNetworkAcl.d.ts +1 -1
- package/ec2/defaultNetworkAcl.js +1 -1
- package/ec2/getEips.d.ts +1 -1
- package/ec2/getNatGateways.d.ts +65 -0
- package/ec2/getNatGateways.js +28 -0
- package/ec2/getNatGateways.js.map +1 -0
- package/ec2/getRoute.d.ts +9 -0
- package/ec2/getRoute.js +1 -0
- package/ec2/getRoute.js.map +1 -1
- package/ec2/index.d.ts +1 -0
- package/ec2/index.js +1 -0
- package/ec2/index.js.map +1 -1
- package/ec2/instance.d.ts +18 -6
- package/ec2/instance.js +2 -0
- package/ec2/instance.js.map +1 -1
- package/ec2/keyPair.d.ts +3 -12
- package/ec2/keyPair.js.map +1 -1
- package/ec2/route.d.ts +12 -0
- package/ec2/route.js +2 -0
- package/ec2/route.js.map +1 -1
- package/ec2/spotInstanceRequest.d.ts +18 -6
- package/ec2/spotInstanceRequest.js +2 -0
- package/ec2/spotInstanceRequest.js.map +1 -1
- package/ec2/vpc.d.ts +3 -3
- package/ec2/vpcEndpointService.d.ts +4 -4
- package/ec2/vpcIpam.d.ts +12 -0
- package/ec2/vpcIpam.js +2 -0
- package/ec2/vpcIpam.js.map +1 -1
- package/ec2/vpnConnection.d.ts +16 -0
- package/ec2/vpnConnection.js +4 -0
- package/ec2/vpnConnection.js.map +1 -1
- package/eks/addon.d.ts +18 -6
- package/eks/addon.js +2 -0
- package/eks/addon.js.map +1 -1
- package/eks/getAddonVersion.d.ts +82 -0
- package/eks/getAddonVersion.js +51 -0
- package/eks/getAddonVersion.js.map +1 -0
- package/eks/index.d.ts +1 -0
- package/eks/index.js +1 -0
- package/eks/index.js.map +1 -1
- package/elasticache/cluster.d.ts +64 -3
- package/elasticache/cluster.js +32 -0
- package/elasticache/cluster.js.map +1 -1
- package/elasticache/getCluster.d.ts +4 -0
- package/elasticache/getCluster.js.map +1 -1
- package/elasticache/getReplicationGroup.d.ts +5 -0
- package/elasticache/getReplicationGroup.js.map +1 -1
- package/elasticache/index.d.ts +1 -0
- package/elasticache/index.js +5 -0
- package/elasticache/index.js.map +1 -1
- package/elasticache/replicationGroup.d.ts +54 -6
- package/elasticache/replicationGroup.js +32 -0
- package/elasticache/replicationGroup.js.map +1 -1
- package/elasticache/userGroupAssociation.d.ts +100 -0
- package/elasticache/userGroupAssociation.js +97 -0
- package/elasticache/userGroupAssociation.js.map +1 -0
- package/emr/cluster.d.ts +6 -6
- package/gamelift/alias.d.ts +2 -2
- package/gamelift/alias.js +2 -2
- package/gamelift/build.d.ts +6 -6
- package/gamelift/build.js +2 -2
- package/gamelift/fleet.d.ts +10 -14
- package/gamelift/fleet.js +2 -2
- package/gamelift/fleet.js.map +1 -1
- package/gamelift/gameServerGroup.d.ts +5 -5
- package/gamelift/gameServerGroup.js +3 -3
- package/gamelift/gameSessionQueue.d.ts +2 -2
- package/gamelift/gameSessionQueue.js +2 -2
- package/gamelift/script.d.ts +4 -4
- package/gamelift/script.js +2 -2
- package/getCanonicalUserId.d.ts +2 -0
- package/getCanonicalUserId.js +2 -0
- package/getCanonicalUserId.js.map +1 -1
- package/glue/schema.d.ts +3 -3
- package/grafana/index.d.ts +1 -0
- package/grafana/index.js +5 -0
- package/grafana/index.js.map +1 -1
- package/grafana/roleAssociation.d.ts +121 -0
- package/grafana/roleAssociation.js +98 -0
- package/grafana/roleAssociation.js.map +1 -0
- package/guardduty/ipset.d.ts +0 -1
- package/guardduty/ipset.js +0 -1
- package/guardduty/ipset.js.map +1 -1
- package/iam/getSamlProvider.d.ts +81 -0
- package/iam/getSamlProvider.js +39 -0
- package/iam/getSamlProvider.js.map +1 -0
- package/iam/group.d.ts +0 -2
- package/iam/group.js +0 -2
- package/iam/group.js.map +1 -1
- package/iam/index.d.ts +1 -0
- package/iam/index.js +1 -0
- package/iam/index.js.map +1 -1
- package/imagebuilder/getImagePipelines.d.ts +57 -0
- package/imagebuilder/getImagePipelines.js +40 -0
- package/imagebuilder/getImagePipelines.js.map +1 -0
- package/imagebuilder/index.d.ts +1 -0
- package/imagebuilder/index.js +1 -0
- package/imagebuilder/index.js.map +1 -1
- package/index.d.ts +3 -1
- package/index.js +7 -3
- package/index.js.map +1 -1
- package/iot/authorizer.d.ts +12 -0
- package/iot/authorizer.js +2 -0
- package/iot/authorizer.js.map +1 -1
- package/iot/index.d.ts +3 -0
- package/iot/index.js +15 -0
- package/iot/index.js.map +1 -1
- package/iot/indexingConfiguration.d.ts +98 -0
- package/iot/indexingConfiguration.js +88 -0
- package/iot/indexingConfiguration.js.map +1 -0
- package/iot/loggingOptions.d.ts +87 -0
- package/iot/loggingOptions.js +74 -0
- package/iot/loggingOptions.js.map +1 -0
- package/iot/provisioningTemplate.d.ts +232 -0
- package/iot/provisioningTemplate.js +144 -0
- package/iot/provisioningTemplate.js.map +1 -0
- package/keyspaces/index.d.ts +1 -0
- package/keyspaces/index.js +37 -0
- package/keyspaces/index.js.map +1 -0
- package/keyspaces/keyspace.d.ts +114 -0
- package/keyspaces/keyspace.js +77 -0
- package/keyspaces/keyspace.js.map +1 -0
- package/lambda/function.d.ts +44 -0
- package/lambda/function.js +34 -0
- package/lambda/function.js.map +1 -1
- package/lambda/functionUrl.d.ts +153 -0
- package/lambda/functionUrl.js +111 -0
- package/lambda/functionUrl.js.map +1 -0
- package/lambda/getFunction.d.ts +4 -0
- package/lambda/getFunction.js.map +1 -1
- package/lambda/getFunctionUrl.d.ts +85 -0
- package/lambda/getFunctionUrl.js +39 -0
- package/lambda/getFunctionUrl.js.map +1 -0
- package/lambda/index.d.ts +2 -0
- package/lambda/index.js +6 -0
- package/lambda/index.js.map +1 -1
- package/lambda/permission.d.ts +18 -6
- package/lambda/permission.js +2 -0
- package/lambda/permission.js.map +1 -1
- package/memorydb/getAcl.d.ts +75 -0
- package/memorydb/getAcl.js +37 -0
- package/memorydb/getAcl.js.map +1 -0
- package/memorydb/getCluster.d.ts +152 -0
- package/memorydb/getCluster.js +37 -0
- package/memorydb/getCluster.js.map +1 -0
- package/memorydb/getParameterGroup.d.ts +83 -0
- package/memorydb/getParameterGroup.js +37 -0
- package/memorydb/getParameterGroup.js.map +1 -0
- package/memorydb/getSnapshot.d.ts +87 -0
- package/memorydb/getSnapshot.js +37 -0
- package/memorydb/getSnapshot.js.map +1 -0
- package/memorydb/getSubnetGroup.d.ts +79 -0
- package/memorydb/getSubnetGroup.js +37 -0
- package/memorydb/getSubnetGroup.js.map +1 -0
- package/memorydb/getUser.d.ts +80 -0
- package/memorydb/getUser.js +37 -0
- package/memorydb/getUser.js.map +1 -0
- package/memorydb/index.d.ts +6 -0
- package/memorydb/index.js +6 -0
- package/memorydb/index.js.map +1 -1
- package/msk/getCluster.d.ts +4 -0
- package/msk/getCluster.js.map +1 -1
- package/mskconnect/connector.d.ts +270 -0
- package/mskconnect/connector.js +166 -0
- package/mskconnect/connector.js.map +1 -0
- package/mskconnect/getConnector.d.ts +57 -0
- package/mskconnect/getConnector.js +36 -0
- package/mskconnect/getConnector.js.map +1 -0
- package/mskconnect/index.d.ts +2 -0
- package/mskconnect/index.js +6 -0
- package/mskconnect/index.js.map +1 -1
- package/mwaa/environment.d.ts +12 -0
- package/mwaa/environment.js +2 -0
- package/mwaa/environment.js.map +1 -1
- package/neptune/clusterEndpoint.d.ts +9 -0
- package/neptune/clusterEndpoint.js.map +1 -1
- package/opensearch/domain.d.ts +445 -0
- package/opensearch/domain.js +273 -0
- package/opensearch/domain.js.map +1 -0
- package/opensearch/domainPolicy.d.ts +93 -0
- package/opensearch/domainPolicy.js +90 -0
- package/opensearch/domainPolicy.js.map +1 -0
- package/opensearch/domainSamlOptions.d.ts +105 -0
- package/opensearch/domainSamlOptions.js +98 -0
- package/opensearch/domainSamlOptions.js.map +1 -0
- package/opensearch/getDomain.d.ts +144 -0
- package/opensearch/getDomain.js +37 -0
- package/opensearch/getDomain.js.map +1 -0
- package/opensearch/index.d.ts +4 -0
- package/opensearch/index.js +48 -0
- package/opensearch/index.js.map +1 -0
- package/organizations/account.d.ts +17 -5
- package/organizations/account.js +4 -2
- package/organizations/account.js.map +1 -1
- package/package.json +2 -2
- package/package.json.dev +2 -2
- package/qldb/getLedger.d.ts +10 -0
- package/qldb/getLedger.js +1 -0
- package/qldb/getLedger.js.map +1 -1
- package/qldb/index.d.ts +1 -0
- package/qldb/index.js +5 -0
- package/qldb/index.js.map +1 -1
- package/qldb/ledger.d.ts +12 -0
- package/qldb/ledger.js +2 -0
- package/qldb/ledger.js.map +1 -1
- package/qldb/stream.d.ts +159 -0
- package/qldb/stream.js +104 -0
- package/qldb/stream.js.map +1 -0
- package/rds/cluster.d.ts +3 -3
- package/rds/clusterActivityStream.d.ts +138 -0
- package/rds/clusterActivityStream.js +112 -0
- package/rds/clusterActivityStream.js.map +1 -0
- package/rds/index.d.ts +2 -0
- package/rds/index.js +10 -0
- package/rds/index.js.map +1 -1
- package/rds/instance.d.ts +3 -3
- package/rds/instanceAutomatedBackupsReplication.d.ts +153 -0
- package/rds/instanceAutomatedBackupsReplication.js +127 -0
- package/rds/instanceAutomatedBackupsReplication.js.map +1 -0
- package/route53/getTrafficPolicyDocument.d.ts +125 -0
- package/route53/getTrafficPolicyDocument.js +72 -0
- package/route53/getTrafficPolicyDocument.js.map +1 -0
- package/route53/index.d.ts +3 -0
- package/route53/index.js +11 -0
- package/route53/index.js.map +1 -1
- package/route53/trafficPolicy.d.ts +122 -0
- package/route53/trafficPolicy.js +94 -0
- package/route53/trafficPolicy.js.map +1 -0
- package/route53/trafficPolicyInstance.d.ts +121 -0
- package/route53/trafficPolicyInstance.js +94 -0
- package/route53/trafficPolicyInstance.js.map +1 -0
- package/s3/bucketObject.d.ts +2 -12
- package/s3/bucketObject.js +2 -0
- package/s3/bucketObject.js.map +1 -1
- package/s3/bucketObjectLockConfigurationV2.d.ts +35 -2
- package/s3/bucketObjectLockConfigurationV2.js +35 -2
- package/s3/bucketObjectLockConfigurationV2.js.map +1 -1
- package/s3/bucketV2.d.ts +518 -32
- package/s3/bucketV2.js +378 -12
- package/s3/bucketV2.js.map +1 -1
- package/s3/getCanonicalUserId.d.ts +2 -0
- package/s3/getCanonicalUserId.js +2 -0
- package/s3/getCanonicalUserId.js.map +1 -1
- package/ses/identityNotificationTopic.d.ts +10 -10
- package/ses/identityNotificationTopic.js +1 -1
- package/ssm/getDocument.d.ts +3 -3
- package/ssm/getMaintenanceWindows.d.ts +53 -0
- package/ssm/getMaintenanceWindows.js +40 -0
- package/ssm/getMaintenanceWindows.js.map +1 -0
- package/ssm/index.d.ts +1 -0
- package/ssm/index.js +1 -0
- package/ssm/index.js.map +1 -1
- package/ssm/maintenanceWindowTask.d.ts +30 -2
- package/ssm/maintenanceWindowTask.js +6 -6
- package/ssm/maintenanceWindowTask.js.map +1 -1
- package/storagegateway/gateway.d.ts +12 -0
- package/storagegateway/gateway.js +2 -0
- package/storagegateway/gateway.js.map +1 -1
- package/storagegateway/nfsFileShare.d.ts +24 -0
- package/storagegateway/nfsFileShare.js +4 -0
- package/storagegateway/nfsFileShare.js.map +1 -1
- package/types/input.d.ts +1658 -413
- package/types/output.d.ts +1672 -285
- package/xray/group.d.ts +17 -0
- package/xray/group.js +6 -0
- package/xray/group.js.map +1 -1
|
@@ -0,0 +1,273 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. ***
|
|
3
|
+
// *** Do not edit by hand unless you're certain you know what you are doing! ***
|
|
4
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
5
|
+
exports.Domain = void 0;
|
|
6
|
+
const pulumi = require("@pulumi/pulumi");
|
|
7
|
+
const utilities = require("../utilities");
|
|
8
|
+
/**
|
|
9
|
+
* Manages an Amazon OpenSearch Domain.
|
|
10
|
+
*
|
|
11
|
+
* ## Elasticsearch vs. OpenSearch
|
|
12
|
+
*
|
|
13
|
+
* Amazon OpenSearch Service is the successor to Amazon Elasticsearch Service and supports OpenSearch and legacy Elasticsearch OSS (up to 7.10, the final open source version of the software).
|
|
14
|
+
*
|
|
15
|
+
* OpenSearch Domain configurations are similar in many ways to Elasticsearch Domain configurations. However, there are important differences including these:
|
|
16
|
+
*
|
|
17
|
+
* * OpenSearch has `engineVersion` while Elasticsearch has `elastisearchVersion`
|
|
18
|
+
* * Versions are specified differently - _e.g._, `Elastisearch_7.10` with OpenSearch vs. `7.10` for Elasticsearch.
|
|
19
|
+
* * `instanceType` argument values end in `search` for OpenSearch vs. `elasticsearch` for Elasticsearch (_e.g._, `t2.micro.search` vs. `t2.micro.elasticsearch`).
|
|
20
|
+
* * The AWS-managed service-linked role for OpenSearch is called `AWSServiceRoleForAmazonOpenSearchService` instead of `AWSServiceRoleForAmazonElasticsearchService` for Elasticsearch.
|
|
21
|
+
*
|
|
22
|
+
* There are also some potentially unexpected similarities in configurations:
|
|
23
|
+
*
|
|
24
|
+
* * ARNs for both are prefaced with `arn:aws:es:`.
|
|
25
|
+
* * Both OpenSearch and Elasticsearch use assume role policies that refer to the `Principal` `Service` as `es.amazonaws.com`.
|
|
26
|
+
* * IAM policy actions, such as those you will find in `accessPolicies`, are prefaced with `es:` for both.
|
|
27
|
+
*
|
|
28
|
+
* ## Example Usage
|
|
29
|
+
* ### Basic Usage
|
|
30
|
+
*
|
|
31
|
+
* ```typescript
|
|
32
|
+
* import * as pulumi from "@pulumi/pulumi";
|
|
33
|
+
* import * as aws from "@pulumi/aws";
|
|
34
|
+
*
|
|
35
|
+
* const example = new aws.opensearch.Domain("example", {
|
|
36
|
+
* clusterConfig: {
|
|
37
|
+
* instanceType: "r4.large.search",
|
|
38
|
+
* },
|
|
39
|
+
* domainName: "example",
|
|
40
|
+
* engineVersion: "Elasticsearch_7.10",
|
|
41
|
+
* tags: {
|
|
42
|
+
* Domain: "TestDomain",
|
|
43
|
+
* },
|
|
44
|
+
* });
|
|
45
|
+
* ```
|
|
46
|
+
* ### Access Policy
|
|
47
|
+
*
|
|
48
|
+
* > See also: [`aws.opensearch.DomainPolicy` resource](https://www.terraform.io/docs/providers/aws/r/opensearch_domain_policy.html)
|
|
49
|
+
*
|
|
50
|
+
* ```typescript
|
|
51
|
+
* import * as pulumi from "@pulumi/pulumi";
|
|
52
|
+
* import * as aws from "@pulumi/aws";
|
|
53
|
+
*
|
|
54
|
+
* const config = new pulumi.Config();
|
|
55
|
+
* const domain = config.get("domain") || "tf-test";
|
|
56
|
+
* const currentRegion = aws.getRegion({});
|
|
57
|
+
* const currentCallerIdentity = aws.getCallerIdentity({});
|
|
58
|
+
* const example = new aws.opensearch.Domain("example", {
|
|
59
|
+
* domainName: domain,
|
|
60
|
+
* accessPolicies: Promise.all([currentRegion, currentCallerIdentity]).then(([currentRegion, currentCallerIdentity]) => `{
|
|
61
|
+
* "Version": "2012-10-17",
|
|
62
|
+
* "Statement": [
|
|
63
|
+
* {
|
|
64
|
+
* "Action": "es:*",
|
|
65
|
+
* "Principal": "*",
|
|
66
|
+
* "Effect": "Allow",
|
|
67
|
+
* "Resource": "arn:aws:es:${currentRegion.name}:${currentCallerIdentity.accountId}:domain/${domain}/*",
|
|
68
|
+
* "Condition": {
|
|
69
|
+
* "IpAddress": {"aws:SourceIp": ["66.193.100.22/32"]}
|
|
70
|
+
* }
|
|
71
|
+
* }
|
|
72
|
+
* ]
|
|
73
|
+
* }
|
|
74
|
+
* `),
|
|
75
|
+
* });
|
|
76
|
+
* ```
|
|
77
|
+
* ### Log Publishing to CloudWatch Logs
|
|
78
|
+
*
|
|
79
|
+
* ```typescript
|
|
80
|
+
* import * as pulumi from "@pulumi/pulumi";
|
|
81
|
+
* import * as aws from "@pulumi/aws";
|
|
82
|
+
*
|
|
83
|
+
* const exampleLogGroup = new aws.cloudwatch.LogGroup("exampleLogGroup", {});
|
|
84
|
+
* const exampleLogResourcePolicy = new aws.cloudwatch.LogResourcePolicy("exampleLogResourcePolicy", {
|
|
85
|
+
* policyName: "example",
|
|
86
|
+
* policyDocument: `{
|
|
87
|
+
* "Version": "2012-10-17",
|
|
88
|
+
* "Statement": [
|
|
89
|
+
* {
|
|
90
|
+
* "Effect": "Allow",
|
|
91
|
+
* "Principal": {
|
|
92
|
+
* "Service": "es.amazonaws.com"
|
|
93
|
+
* },
|
|
94
|
+
* "Action": [
|
|
95
|
+
* "logs:PutLogEvents",
|
|
96
|
+
* "logs:PutLogEventsBatch",
|
|
97
|
+
* "logs:CreateLogStream"
|
|
98
|
+
* ],
|
|
99
|
+
* "Resource": "arn:aws:logs:*"
|
|
100
|
+
* }
|
|
101
|
+
* ]
|
|
102
|
+
* }
|
|
103
|
+
* `,
|
|
104
|
+
* });
|
|
105
|
+
* // .. other configuration ...
|
|
106
|
+
* const exampleDomain = new aws.opensearch.Domain("exampleDomain", {logPublishingOptions: [{
|
|
107
|
+
* cloudwatchLogGroupArn: exampleLogGroup.arn,
|
|
108
|
+
* logType: "INDEX_SLOW_LOGS",
|
|
109
|
+
* }]});
|
|
110
|
+
* ```
|
|
111
|
+
* ### VPC based OpenSearch
|
|
112
|
+
*
|
|
113
|
+
* ```typescript
|
|
114
|
+
* import * as pulumi from "@pulumi/pulumi";
|
|
115
|
+
* import * as aws from "@pulumi/aws";
|
|
116
|
+
*
|
|
117
|
+
* const config = new pulumi.Config();
|
|
118
|
+
* const vpc = config.requireObject("vpc");
|
|
119
|
+
* const domain = config.get("domain") || "tf-test";
|
|
120
|
+
* const exampleVpc = aws.ec2.getVpc({
|
|
121
|
+
* tags: {
|
|
122
|
+
* Name: vpc,
|
|
123
|
+
* },
|
|
124
|
+
* });
|
|
125
|
+
* const exampleSubnetIds = exampleVpc.then(exampleVpc => aws.ec2.getSubnetIds({
|
|
126
|
+
* vpcId: exampleVpc.id,
|
|
127
|
+
* tags: {
|
|
128
|
+
* Tier: "private",
|
|
129
|
+
* },
|
|
130
|
+
* }));
|
|
131
|
+
* const currentRegion = aws.getRegion({});
|
|
132
|
+
* const currentCallerIdentity = aws.getCallerIdentity({});
|
|
133
|
+
* const exampleSecurityGroup = new aws.ec2.SecurityGroup("exampleSecurityGroup", {
|
|
134
|
+
* description: "Managed by Terraform",
|
|
135
|
+
* vpcId: exampleVpc.then(exampleVpc => exampleVpc.id),
|
|
136
|
+
* ingress: [{
|
|
137
|
+
* fromPort: 443,
|
|
138
|
+
* toPort: 443,
|
|
139
|
+
* protocol: "tcp",
|
|
140
|
+
* cidrBlocks: [exampleVpc.then(exampleVpc => exampleVpc.cidrBlock)],
|
|
141
|
+
* }],
|
|
142
|
+
* });
|
|
143
|
+
* const exampleServiceLinkedRole = new aws.iam.ServiceLinkedRole("exampleServiceLinkedRole", {awsServiceName: "opensearchservice.amazonaws.com"});
|
|
144
|
+
* const exampleDomain = new aws.opensearch.Domain("exampleDomain", {
|
|
145
|
+
* domainName: domain,
|
|
146
|
+
* engineVersion: "OpenSearch_1.0",
|
|
147
|
+
* clusterConfig: {
|
|
148
|
+
* instanceType: "m4.large.search",
|
|
149
|
+
* zoneAwarenessEnabled: true,
|
|
150
|
+
* },
|
|
151
|
+
* vpcOptions: {
|
|
152
|
+
* subnetIds: [
|
|
153
|
+
* exampleSubnetIds.then(exampleSubnetIds => exampleSubnetIds.ids?[0]),
|
|
154
|
+
* exampleSubnetIds.then(exampleSubnetIds => exampleSubnetIds.ids?[1]),
|
|
155
|
+
* ],
|
|
156
|
+
* securityGroupIds: [exampleSecurityGroup.id],
|
|
157
|
+
* },
|
|
158
|
+
* advancedOptions: {
|
|
159
|
+
* "rest.action.multi.allow_explicit_index": "true",
|
|
160
|
+
* },
|
|
161
|
+
* accessPolicies: Promise.all([currentRegion, currentCallerIdentity]).then(([currentRegion, currentCallerIdentity]) => `{
|
|
162
|
+
* "Version": "2012-10-17",
|
|
163
|
+
* "Statement": [
|
|
164
|
+
* {
|
|
165
|
+
* "Action": "es:*",
|
|
166
|
+
* "Principal": "*",
|
|
167
|
+
* "Effect": "Allow",
|
|
168
|
+
* "Resource": "arn:aws:es:${currentRegion.name}:${currentCallerIdentity.accountId}:domain/${domain}/*"
|
|
169
|
+
* }
|
|
170
|
+
* ]
|
|
171
|
+
* }
|
|
172
|
+
* `),
|
|
173
|
+
* tags: {
|
|
174
|
+
* Domain: "TestDomain",
|
|
175
|
+
* },
|
|
176
|
+
* }, {
|
|
177
|
+
* dependsOn: [exampleServiceLinkedRole],
|
|
178
|
+
* });
|
|
179
|
+
* ```
|
|
180
|
+
*
|
|
181
|
+
* ## Import
|
|
182
|
+
*
|
|
183
|
+
* OpenSearch domains can be imported using the `domain_name`, e.g.,
|
|
184
|
+
*
|
|
185
|
+
* ```sh
|
|
186
|
+
* $ pulumi import aws:opensearch/domain:Domain example domain_name
|
|
187
|
+
* ```
|
|
188
|
+
*/
|
|
189
|
+
class Domain extends pulumi.CustomResource {
|
|
190
|
+
constructor(name, argsOrState, opts) {
|
|
191
|
+
let resourceInputs = {};
|
|
192
|
+
opts = opts || {};
|
|
193
|
+
if (opts.id) {
|
|
194
|
+
const state = argsOrState;
|
|
195
|
+
resourceInputs["accessPolicies"] = state ? state.accessPolicies : undefined;
|
|
196
|
+
resourceInputs["advancedOptions"] = state ? state.advancedOptions : undefined;
|
|
197
|
+
resourceInputs["advancedSecurityOptions"] = state ? state.advancedSecurityOptions : undefined;
|
|
198
|
+
resourceInputs["arn"] = state ? state.arn : undefined;
|
|
199
|
+
resourceInputs["autoTuneOptions"] = state ? state.autoTuneOptions : undefined;
|
|
200
|
+
resourceInputs["clusterConfig"] = state ? state.clusterConfig : undefined;
|
|
201
|
+
resourceInputs["cognitoOptions"] = state ? state.cognitoOptions : undefined;
|
|
202
|
+
resourceInputs["domainEndpointOptions"] = state ? state.domainEndpointOptions : undefined;
|
|
203
|
+
resourceInputs["domainId"] = state ? state.domainId : undefined;
|
|
204
|
+
resourceInputs["domainName"] = state ? state.domainName : undefined;
|
|
205
|
+
resourceInputs["ebsOptions"] = state ? state.ebsOptions : undefined;
|
|
206
|
+
resourceInputs["encryptAtRest"] = state ? state.encryptAtRest : undefined;
|
|
207
|
+
resourceInputs["endpoint"] = state ? state.endpoint : undefined;
|
|
208
|
+
resourceInputs["engineVersion"] = state ? state.engineVersion : undefined;
|
|
209
|
+
resourceInputs["kibanaEndpoint"] = state ? state.kibanaEndpoint : undefined;
|
|
210
|
+
resourceInputs["logPublishingOptions"] = state ? state.logPublishingOptions : undefined;
|
|
211
|
+
resourceInputs["nodeToNodeEncryption"] = state ? state.nodeToNodeEncryption : undefined;
|
|
212
|
+
resourceInputs["snapshotOptions"] = state ? state.snapshotOptions : undefined;
|
|
213
|
+
resourceInputs["tags"] = state ? state.tags : undefined;
|
|
214
|
+
resourceInputs["tagsAll"] = state ? state.tagsAll : undefined;
|
|
215
|
+
resourceInputs["vpcOptions"] = state ? state.vpcOptions : undefined;
|
|
216
|
+
}
|
|
217
|
+
else {
|
|
218
|
+
const args = argsOrState;
|
|
219
|
+
if ((!args || args.domainName === undefined) && !opts.urn) {
|
|
220
|
+
throw new Error("Missing required property 'domainName'");
|
|
221
|
+
}
|
|
222
|
+
resourceInputs["accessPolicies"] = args ? args.accessPolicies : undefined;
|
|
223
|
+
resourceInputs["advancedOptions"] = args ? args.advancedOptions : undefined;
|
|
224
|
+
resourceInputs["advancedSecurityOptions"] = args ? args.advancedSecurityOptions : undefined;
|
|
225
|
+
resourceInputs["autoTuneOptions"] = args ? args.autoTuneOptions : undefined;
|
|
226
|
+
resourceInputs["clusterConfig"] = args ? args.clusterConfig : undefined;
|
|
227
|
+
resourceInputs["cognitoOptions"] = args ? args.cognitoOptions : undefined;
|
|
228
|
+
resourceInputs["domainEndpointOptions"] = args ? args.domainEndpointOptions : undefined;
|
|
229
|
+
resourceInputs["domainName"] = args ? args.domainName : undefined;
|
|
230
|
+
resourceInputs["ebsOptions"] = args ? args.ebsOptions : undefined;
|
|
231
|
+
resourceInputs["encryptAtRest"] = args ? args.encryptAtRest : undefined;
|
|
232
|
+
resourceInputs["engineVersion"] = args ? args.engineVersion : undefined;
|
|
233
|
+
resourceInputs["logPublishingOptions"] = args ? args.logPublishingOptions : undefined;
|
|
234
|
+
resourceInputs["nodeToNodeEncryption"] = args ? args.nodeToNodeEncryption : undefined;
|
|
235
|
+
resourceInputs["snapshotOptions"] = args ? args.snapshotOptions : undefined;
|
|
236
|
+
resourceInputs["tags"] = args ? args.tags : undefined;
|
|
237
|
+
resourceInputs["tagsAll"] = args ? args.tagsAll : undefined;
|
|
238
|
+
resourceInputs["vpcOptions"] = args ? args.vpcOptions : undefined;
|
|
239
|
+
resourceInputs["arn"] = undefined /*out*/;
|
|
240
|
+
resourceInputs["domainId"] = undefined /*out*/;
|
|
241
|
+
resourceInputs["endpoint"] = undefined /*out*/;
|
|
242
|
+
resourceInputs["kibanaEndpoint"] = undefined /*out*/;
|
|
243
|
+
}
|
|
244
|
+
opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts);
|
|
245
|
+
super(Domain.__pulumiType, name, resourceInputs, opts);
|
|
246
|
+
}
|
|
247
|
+
/**
|
|
248
|
+
* Get an existing Domain resource's state with the given name, ID, and optional extra
|
|
249
|
+
* properties used to qualify the lookup.
|
|
250
|
+
*
|
|
251
|
+
* @param name The _unique_ name of the resulting resource.
|
|
252
|
+
* @param id The _unique_ provider ID of the resource to lookup.
|
|
253
|
+
* @param state Any extra arguments used during the lookup.
|
|
254
|
+
* @param opts Optional settings to control the behavior of the CustomResource.
|
|
255
|
+
*/
|
|
256
|
+
static get(name, id, state, opts) {
|
|
257
|
+
return new Domain(name, state, Object.assign(Object.assign({}, opts), { id: id }));
|
|
258
|
+
}
|
|
259
|
+
/**
|
|
260
|
+
* Returns true if the given object is an instance of Domain. This is designed to work even
|
|
261
|
+
* when multiple copies of the Pulumi SDK have been loaded into the same process.
|
|
262
|
+
*/
|
|
263
|
+
static isInstance(obj) {
|
|
264
|
+
if (obj === undefined || obj === null) {
|
|
265
|
+
return false;
|
|
266
|
+
}
|
|
267
|
+
return obj['__pulumiType'] === Domain.__pulumiType;
|
|
268
|
+
}
|
|
269
|
+
}
|
|
270
|
+
exports.Domain = Domain;
|
|
271
|
+
/** @internal */
|
|
272
|
+
Domain.__pulumiType = 'aws:opensearch/domain:Domain';
|
|
273
|
+
//# sourceMappingURL=domain.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"domain.js","sourceRoot":"","sources":["../../opensearch/domain.ts"],"names":[],"mappings":";AAAA,wFAAwF;AACxF,iFAAiF;;;AAEjF,yCAAyC;AAEzC,0CAA0C;AAE1C;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAoLG;AACH,MAAa,MAAO,SAAQ,MAAM,CAAC,cAAc;IAgH7C,YAAY,IAAY,EAAE,WAAsC,EAAE,IAAmC;QACjG,IAAI,cAAc,GAAkB,EAAE,CAAC;QACvC,IAAI,GAAG,IAAI,IAAI,EAAE,CAAC;QAClB,IAAI,IAAI,CAAC,EAAE,EAAE;YACT,MAAM,KAAK,GAAG,WAAsC,CAAC;YACrD,cAAc,CAAC,gBAAgB,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,cAAc,CAAC,CAAC,CAAC,SAAS,CAAC;YAC5E,cAAc,CAAC,iBAAiB,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,eAAe,CAAC,CAAC,CAAC,SAAS,CAAC;YAC9E,cAAc,CAAC,yBAAyB,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,uBAAuB,CAAC,CAAC,CAAC,SAAS,CAAC;YAC9F,cAAc,CAAC,KAAK,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,SAAS,CAAC;YACtD,cAAc,CAAC,iBAAiB,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,eAAe,CAAC,CAAC,CAAC,SAAS,CAAC;YAC9E,cAAc,CAAC,eAAe,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,aAAa,CAAC,CAAC,CAAC,SAAS,CAAC;YAC1E,cAAc,CAAC,gBAAgB,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,cAAc,CAAC,CAAC,CAAC,SAAS,CAAC;YAC5E,cAAc,CAAC,uBAAuB,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,qBAAqB,CAAC,CAAC,CAAC,SAAS,CAAC;YAC1F,cAAc,CAAC,UAAU,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS,CAAC;YAChE,cAAc,CAAC,YAAY,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,UAAU,CAAC,CAAC,CAAC,SAAS,CAAC;YACpE,cAAc,CAAC,YAAY,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,UAAU,CAAC,CAAC,CAAC,SAAS,CAAC;YACpE,cAAc,CAAC,eAAe,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,aAAa,CAAC,CAAC,CAAC,SAAS,CAAC;YAC1E,cAAc,CAAC,UAAU,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS,CAAC;YAChE,cAAc,CAAC,eAAe,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,aAAa,CAAC,CAAC,CAAC,SAAS,CAAC;YAC1E,cAAc,CAAC,gBAAgB,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,cAAc,CAAC,CAAC,CAAC,SAAS,CAAC;YAC5E,cAAc,CAAC,sBAAsB,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,oBAAoB,CAAC,CAAC,CAAC,SAAS,CAAC;YACxF,cAAc,CAAC,sBAAsB,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,oBAAoB,CAAC,CAAC,CAAC,SAAS,CAAC;YACxF,cAAc,CAAC,iBAAiB,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,eAAe,CAAC,CAAC,CAAC,SAAS,CAAC;YAC9E,cAAc,CAAC,MAAM,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,SAAS,CAAC;YACxD,cAAc,CAAC,SAAS,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,SAAS,CAAC;YAC9D,cAAc,CAAC,YAAY,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,UAAU,CAAC,CAAC,CAAC,SAAS,CAAC;SACvE;aAAM;YACH,MAAM,IAAI,GAAG,WAAqC,CAAC;YACnD,IAAI,CAAC,CAAC,IAAI,IAAI,IAAI,CAAC,UAAU,KAAK,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE;gBACvD,MAAM,IAAI,KAAK,CAAC,wCAAwC,CAAC,CAAC;aAC7D;YACD,cAAc,CAAC,gBAAgB,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC,CAAC,SAAS,CAAC;YAC1E,cAAc,CAAC,iBAAiB,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC,CAAC,SAAS,CAAC;YAC5E,cAAc,CAAC,yBAAyB,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,uBAAuB,CAAC,CAAC,CAAC,SAAS,CAAC;YAC5F,cAAc,CAAC,iBAAiB,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC,CAAC,SAAS,CAAC;YAC5E,cAAc,CAAC,eAAe,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC,CAAC,SAAS,CAAC;YACxE,cAAc,CAAC,gBAAgB,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC,CAAC,SAAS,CAAC;YAC1E,cAAc,CAAC,uBAAuB,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,qBAAqB,CAAC,CAAC,CAAC,SAAS,CAAC;YACxF,cAAc,CAAC,YAAY,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,CAAC,SAAS,CAAC;YAClE,cAAc,CAAC,YAAY,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,CAAC,SAAS,CAAC;YAClE,cAAc,CAAC,eAAe,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC,CAAC,SAAS,CAAC;YACxE,cAAc,CAAC,eAAe,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC,CAAC,SAAS,CAAC;YACxE,cAAc,CAAC,sBAAsB,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,oBAAoB,CAAC,CAAC,CAAC,SAAS,CAAC;YACtF,cAAc,CAAC,sBAAsB,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,oBAAoB,CAAC,CAAC,CAAC,SAAS,CAAC;YACtF,cAAc,CAAC,iBAAiB,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC,CAAC,SAAS,CAAC;YAC5E,cAAc,CAAC,MAAM,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,SAAS,CAAC;YACtD,cAAc,CAAC,SAAS,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,SAAS,CAAC;YAC5D,cAAc,CAAC,YAAY,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,CAAC,SAAS,CAAC;YAClE,cAAc,CAAC,KAAK,CAAC,GAAG,SAAS,CAAC,OAAO,CAAC;YAC1C,cAAc,CAAC,UAAU,CAAC,GAAG,SAAS,CAAC,OAAO,CAAC;YAC/C,cAAc,CAAC,UAAU,CAAC,GAAG,SAAS,CAAC,OAAO,CAAC;YAC/C,cAAc,CAAC,gBAAgB,CAAC,GAAG,SAAS,CAAC,OAAO,CAAC;SACxD;QACD,IAAI,GAAG,MAAM,CAAC,YAAY,CAAC,SAAS,CAAC,oBAAoB,EAAE,EAAE,IAAI,CAAC,CAAC;QACnE,KAAK,CAAC,MAAM,CAAC,YAAY,EAAE,IAAI,EAAE,cAAc,EAAE,IAAI,CAAC,CAAC;IAC3D,CAAC;IAtKD;;;;;;;;OAQG;IACI,MAAM,CAAC,GAAG,CAAC,IAAY,EAAE,EAA2B,EAAE,KAAmB,EAAE,IAAmC;QACjH,OAAO,IAAI,MAAM,CAAC,IAAI,EAAO,KAAK,kCAAO,IAAI,KAAE,EAAE,EAAE,EAAE,IAAG,CAAC;IAC7D,CAAC;IAKD;;;OAGG;IACI,MAAM,CAAC,UAAU,CAAC,GAAQ;QAC7B,IAAI,GAAG,KAAK,SAAS,IAAI,GAAG,KAAK,IAAI,EAAE;YACnC,OAAO,KAAK,CAAC;SAChB;QACD,OAAO,GAAG,CAAC,cAAc,CAAC,KAAK,MAAM,CAAC,YAAY,CAAC;IACvD,CAAC;;AA1BL,wBAwKC;AA1JG,gBAAgB;AACO,mBAAY,GAAG,8BAA8B,CAAC"}
|
|
@@ -0,0 +1,93 @@
|
|
|
1
|
+
import * as pulumi from "@pulumi/pulumi";
|
|
2
|
+
/**
|
|
3
|
+
* Allows setting policy to an OpenSearch domain while referencing domain attributes (e.g., ARN).
|
|
4
|
+
*
|
|
5
|
+
* ## Example Usage
|
|
6
|
+
*
|
|
7
|
+
* ```typescript
|
|
8
|
+
* import * as pulumi from "@pulumi/pulumi";
|
|
9
|
+
* import * as aws from "@pulumi/aws";
|
|
10
|
+
*
|
|
11
|
+
* const example = new aws.opensearch.Domain("example", {
|
|
12
|
+
* domainName: "tf-test",
|
|
13
|
+
* engineVersion: "OpenSearch_1.1",
|
|
14
|
+
* });
|
|
15
|
+
* const main = new aws.opensearch.DomainPolicy("main", {
|
|
16
|
+
* domainName: example.domainName,
|
|
17
|
+
* accessPolicies: pulumi.interpolate`{
|
|
18
|
+
* "Version": "2012-10-17",
|
|
19
|
+
* "Statement": [
|
|
20
|
+
* {
|
|
21
|
+
* "Action": "es:*",
|
|
22
|
+
* "Principal": "*",
|
|
23
|
+
* "Effect": "Allow",
|
|
24
|
+
* "Condition": {
|
|
25
|
+
* "IpAddress": {"aws:SourceIp": "127.0.0.1/32"}
|
|
26
|
+
* },
|
|
27
|
+
* "Resource": "${example.arn}/*"
|
|
28
|
+
* }
|
|
29
|
+
* ]
|
|
30
|
+
* }
|
|
31
|
+
* `,
|
|
32
|
+
* });
|
|
33
|
+
* ```
|
|
34
|
+
*/
|
|
35
|
+
export declare class DomainPolicy extends pulumi.CustomResource {
|
|
36
|
+
/**
|
|
37
|
+
* Get an existing DomainPolicy resource's state with the given name, ID, and optional extra
|
|
38
|
+
* properties used to qualify the lookup.
|
|
39
|
+
*
|
|
40
|
+
* @param name The _unique_ name of the resulting resource.
|
|
41
|
+
* @param id The _unique_ provider ID of the resource to lookup.
|
|
42
|
+
* @param state Any extra arguments used during the lookup.
|
|
43
|
+
* @param opts Optional settings to control the behavior of the CustomResource.
|
|
44
|
+
*/
|
|
45
|
+
static get(name: string, id: pulumi.Input<pulumi.ID>, state?: DomainPolicyState, opts?: pulumi.CustomResourceOptions): DomainPolicy;
|
|
46
|
+
/**
|
|
47
|
+
* Returns true if the given object is an instance of DomainPolicy. This is designed to work even
|
|
48
|
+
* when multiple copies of the Pulumi SDK have been loaded into the same process.
|
|
49
|
+
*/
|
|
50
|
+
static isInstance(obj: any): obj is DomainPolicy;
|
|
51
|
+
/**
|
|
52
|
+
* IAM policy document specifying the access policies for the domain
|
|
53
|
+
*/
|
|
54
|
+
readonly accessPolicies: pulumi.Output<string>;
|
|
55
|
+
/**
|
|
56
|
+
* Name of the domain.
|
|
57
|
+
*/
|
|
58
|
+
readonly domainName: pulumi.Output<string>;
|
|
59
|
+
/**
|
|
60
|
+
* Create a DomainPolicy resource with the given unique name, arguments, and options.
|
|
61
|
+
*
|
|
62
|
+
* @param name The _unique_ name of the resource.
|
|
63
|
+
* @param args The arguments to use to populate this resource's properties.
|
|
64
|
+
* @param opts A bag of options that control this resource's behavior.
|
|
65
|
+
*/
|
|
66
|
+
constructor(name: string, args: DomainPolicyArgs, opts?: pulumi.CustomResourceOptions);
|
|
67
|
+
}
|
|
68
|
+
/**
|
|
69
|
+
* Input properties used for looking up and filtering DomainPolicy resources.
|
|
70
|
+
*/
|
|
71
|
+
export interface DomainPolicyState {
|
|
72
|
+
/**
|
|
73
|
+
* IAM policy document specifying the access policies for the domain
|
|
74
|
+
*/
|
|
75
|
+
accessPolicies?: pulumi.Input<string>;
|
|
76
|
+
/**
|
|
77
|
+
* Name of the domain.
|
|
78
|
+
*/
|
|
79
|
+
domainName?: pulumi.Input<string>;
|
|
80
|
+
}
|
|
81
|
+
/**
|
|
82
|
+
* The set of arguments for constructing a DomainPolicy resource.
|
|
83
|
+
*/
|
|
84
|
+
export interface DomainPolicyArgs {
|
|
85
|
+
/**
|
|
86
|
+
* IAM policy document specifying the access policies for the domain
|
|
87
|
+
*/
|
|
88
|
+
accessPolicies: pulumi.Input<string>;
|
|
89
|
+
/**
|
|
90
|
+
* Name of the domain.
|
|
91
|
+
*/
|
|
92
|
+
domainName: pulumi.Input<string>;
|
|
93
|
+
}
|
|
@@ -0,0 +1,90 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. ***
|
|
3
|
+
// *** Do not edit by hand unless you're certain you know what you are doing! ***
|
|
4
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
5
|
+
exports.DomainPolicy = void 0;
|
|
6
|
+
const pulumi = require("@pulumi/pulumi");
|
|
7
|
+
const utilities = require("../utilities");
|
|
8
|
+
/**
|
|
9
|
+
* Allows setting policy to an OpenSearch domain while referencing domain attributes (e.g., ARN).
|
|
10
|
+
*
|
|
11
|
+
* ## Example Usage
|
|
12
|
+
*
|
|
13
|
+
* ```typescript
|
|
14
|
+
* import * as pulumi from "@pulumi/pulumi";
|
|
15
|
+
* import * as aws from "@pulumi/aws";
|
|
16
|
+
*
|
|
17
|
+
* const example = new aws.opensearch.Domain("example", {
|
|
18
|
+
* domainName: "tf-test",
|
|
19
|
+
* engineVersion: "OpenSearch_1.1",
|
|
20
|
+
* });
|
|
21
|
+
* const main = new aws.opensearch.DomainPolicy("main", {
|
|
22
|
+
* domainName: example.domainName,
|
|
23
|
+
* accessPolicies: pulumi.interpolate`{
|
|
24
|
+
* "Version": "2012-10-17",
|
|
25
|
+
* "Statement": [
|
|
26
|
+
* {
|
|
27
|
+
* "Action": "es:*",
|
|
28
|
+
* "Principal": "*",
|
|
29
|
+
* "Effect": "Allow",
|
|
30
|
+
* "Condition": {
|
|
31
|
+
* "IpAddress": {"aws:SourceIp": "127.0.0.1/32"}
|
|
32
|
+
* },
|
|
33
|
+
* "Resource": "${example.arn}/*"
|
|
34
|
+
* }
|
|
35
|
+
* ]
|
|
36
|
+
* }
|
|
37
|
+
* `,
|
|
38
|
+
* });
|
|
39
|
+
* ```
|
|
40
|
+
*/
|
|
41
|
+
class DomainPolicy extends pulumi.CustomResource {
|
|
42
|
+
constructor(name, argsOrState, opts) {
|
|
43
|
+
let resourceInputs = {};
|
|
44
|
+
opts = opts || {};
|
|
45
|
+
if (opts.id) {
|
|
46
|
+
const state = argsOrState;
|
|
47
|
+
resourceInputs["accessPolicies"] = state ? state.accessPolicies : undefined;
|
|
48
|
+
resourceInputs["domainName"] = state ? state.domainName : undefined;
|
|
49
|
+
}
|
|
50
|
+
else {
|
|
51
|
+
const args = argsOrState;
|
|
52
|
+
if ((!args || args.accessPolicies === undefined) && !opts.urn) {
|
|
53
|
+
throw new Error("Missing required property 'accessPolicies'");
|
|
54
|
+
}
|
|
55
|
+
if ((!args || args.domainName === undefined) && !opts.urn) {
|
|
56
|
+
throw new Error("Missing required property 'domainName'");
|
|
57
|
+
}
|
|
58
|
+
resourceInputs["accessPolicies"] = args ? args.accessPolicies : undefined;
|
|
59
|
+
resourceInputs["domainName"] = args ? args.domainName : undefined;
|
|
60
|
+
}
|
|
61
|
+
opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts);
|
|
62
|
+
super(DomainPolicy.__pulumiType, name, resourceInputs, opts);
|
|
63
|
+
}
|
|
64
|
+
/**
|
|
65
|
+
* Get an existing DomainPolicy resource's state with the given name, ID, and optional extra
|
|
66
|
+
* properties used to qualify the lookup.
|
|
67
|
+
*
|
|
68
|
+
* @param name The _unique_ name of the resulting resource.
|
|
69
|
+
* @param id The _unique_ provider ID of the resource to lookup.
|
|
70
|
+
* @param state Any extra arguments used during the lookup.
|
|
71
|
+
* @param opts Optional settings to control the behavior of the CustomResource.
|
|
72
|
+
*/
|
|
73
|
+
static get(name, id, state, opts) {
|
|
74
|
+
return new DomainPolicy(name, state, Object.assign(Object.assign({}, opts), { id: id }));
|
|
75
|
+
}
|
|
76
|
+
/**
|
|
77
|
+
* Returns true if the given object is an instance of DomainPolicy. This is designed to work even
|
|
78
|
+
* when multiple copies of the Pulumi SDK have been loaded into the same process.
|
|
79
|
+
*/
|
|
80
|
+
static isInstance(obj) {
|
|
81
|
+
if (obj === undefined || obj === null) {
|
|
82
|
+
return false;
|
|
83
|
+
}
|
|
84
|
+
return obj['__pulumiType'] === DomainPolicy.__pulumiType;
|
|
85
|
+
}
|
|
86
|
+
}
|
|
87
|
+
exports.DomainPolicy = DomainPolicy;
|
|
88
|
+
/** @internal */
|
|
89
|
+
DomainPolicy.__pulumiType = 'aws:opensearch/domainPolicy:DomainPolicy';
|
|
90
|
+
//# sourceMappingURL=domainPolicy.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"domainPolicy.js","sourceRoot":"","sources":["../../opensearch/domainPolicy.ts"],"names":[],"mappings":";AAAA,wFAAwF;AACxF,iFAAiF;;;AAEjF,yCAAyC;AACzC,0CAA0C;AAE1C;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAgCG;AACH,MAAa,YAAa,SAAQ,MAAM,CAAC,cAAc;IA6CnD,YAAY,IAAY,EAAE,WAAkD,EAAE,IAAmC;QAC7G,IAAI,cAAc,GAAkB,EAAE,CAAC;QACvC,IAAI,GAAG,IAAI,IAAI,EAAE,CAAC;QAClB,IAAI,IAAI,CAAC,EAAE,EAAE;YACT,MAAM,KAAK,GAAG,WAA4C,CAAC;YAC3D,cAAc,CAAC,gBAAgB,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,cAAc,CAAC,CAAC,CAAC,SAAS,CAAC;YAC5E,cAAc,CAAC,YAAY,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,UAAU,CAAC,CAAC,CAAC,SAAS,CAAC;SACvE;aAAM;YACH,MAAM,IAAI,GAAG,WAA2C,CAAC;YACzD,IAAI,CAAC,CAAC,IAAI,IAAI,IAAI,CAAC,cAAc,KAAK,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE;gBAC3D,MAAM,IAAI,KAAK,CAAC,4CAA4C,CAAC,CAAC;aACjE;YACD,IAAI,CAAC,CAAC,IAAI,IAAI,IAAI,CAAC,UAAU,KAAK,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE;gBACvD,MAAM,IAAI,KAAK,CAAC,wCAAwC,CAAC,CAAC;aAC7D;YACD,cAAc,CAAC,gBAAgB,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC,CAAC,SAAS,CAAC;YAC1E,cAAc,CAAC,YAAY,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,CAAC,SAAS,CAAC;SACrE;QACD,IAAI,GAAG,MAAM,CAAC,YAAY,CAAC,SAAS,CAAC,oBAAoB,EAAE,EAAE,IAAI,CAAC,CAAC;QACnE,KAAK,CAAC,YAAY,CAAC,YAAY,EAAE,IAAI,EAAE,cAAc,EAAE,IAAI,CAAC,CAAC;IACjE,CAAC;IAhED;;;;;;;;OAQG;IACI,MAAM,CAAC,GAAG,CAAC,IAAY,EAAE,EAA2B,EAAE,KAAyB,EAAE,IAAmC;QACvH,OAAO,IAAI,YAAY,CAAC,IAAI,EAAO,KAAK,kCAAO,IAAI,KAAE,EAAE,EAAE,EAAE,IAAG,CAAC;IACnE,CAAC;IAKD;;;OAGG;IACI,MAAM,CAAC,UAAU,CAAC,GAAQ;QAC7B,IAAI,GAAG,KAAK,SAAS,IAAI,GAAG,KAAK,IAAI,EAAE;YACnC,OAAO,KAAK,CAAC;SAChB;QACD,OAAO,GAAG,CAAC,cAAc,CAAC,KAAK,YAAY,CAAC,YAAY,CAAC;IAC7D,CAAC;;AA1BL,oCAkEC;AApDG,gBAAgB;AACO,yBAAY,GAAG,0CAA0C,CAAC"}
|
|
@@ -0,0 +1,105 @@
|
|
|
1
|
+
import * as pulumi from "@pulumi/pulumi";
|
|
2
|
+
import { input as inputs, output as outputs } from "../types";
|
|
3
|
+
/**
|
|
4
|
+
* Manages SAML authentication options for an AWS OpenSearch Domain.
|
|
5
|
+
*
|
|
6
|
+
* ## Example Usage
|
|
7
|
+
* ### Basic Usage
|
|
8
|
+
*
|
|
9
|
+
* ```typescript
|
|
10
|
+
* import * as pulumi from "@pulumi/pulumi";
|
|
11
|
+
* import * as aws from "@pulumi/aws";
|
|
12
|
+
* import * from "fs";
|
|
13
|
+
*
|
|
14
|
+
* const exampleDomain = new aws.opensearch.Domain("exampleDomain", {
|
|
15
|
+
* domainName: "example",
|
|
16
|
+
* engineVersion: "OpenSearch_1.1",
|
|
17
|
+
* clusterConfig: {
|
|
18
|
+
* instanceType: "r4.large.search",
|
|
19
|
+
* },
|
|
20
|
+
* snapshotOptions: {
|
|
21
|
+
* automatedSnapshotStartHour: 23,
|
|
22
|
+
* },
|
|
23
|
+
* tags: {
|
|
24
|
+
* Domain: "TestDomain",
|
|
25
|
+
* },
|
|
26
|
+
* });
|
|
27
|
+
* const exampleDomainSamlOptions = new aws.opensearch.DomainSamlOptions("exampleDomainSamlOptions", {
|
|
28
|
+
* domainName: exampleDomain.domainName,
|
|
29
|
+
* samlOptions: {
|
|
30
|
+
* enabled: true,
|
|
31
|
+
* idp: {
|
|
32
|
+
* entityId: "https://example.com",
|
|
33
|
+
* metadataContent: fs.readFileSync("./saml-metadata.xml"),
|
|
34
|
+
* },
|
|
35
|
+
* },
|
|
36
|
+
* });
|
|
37
|
+
* ```
|
|
38
|
+
*
|
|
39
|
+
* ## Import
|
|
40
|
+
*
|
|
41
|
+
* OpenSearch domains can be imported using the `domain_name`, e.g.,
|
|
42
|
+
*
|
|
43
|
+
* ```sh
|
|
44
|
+
* $ pulumi import aws:opensearch/domainSamlOptions:DomainSamlOptions example domain_name
|
|
45
|
+
* ```
|
|
46
|
+
*/
|
|
47
|
+
export declare class DomainSamlOptions extends pulumi.CustomResource {
|
|
48
|
+
/**
|
|
49
|
+
* Get an existing DomainSamlOptions resource's state with the given name, ID, and optional extra
|
|
50
|
+
* properties used to qualify the lookup.
|
|
51
|
+
*
|
|
52
|
+
* @param name The _unique_ name of the resulting resource.
|
|
53
|
+
* @param id The _unique_ provider ID of the resource to lookup.
|
|
54
|
+
* @param state Any extra arguments used during the lookup.
|
|
55
|
+
* @param opts Optional settings to control the behavior of the CustomResource.
|
|
56
|
+
*/
|
|
57
|
+
static get(name: string, id: pulumi.Input<pulumi.ID>, state?: DomainSamlOptionsState, opts?: pulumi.CustomResourceOptions): DomainSamlOptions;
|
|
58
|
+
/**
|
|
59
|
+
* Returns true if the given object is an instance of DomainSamlOptions. This is designed to work even
|
|
60
|
+
* when multiple copies of the Pulumi SDK have been loaded into the same process.
|
|
61
|
+
*/
|
|
62
|
+
static isInstance(obj: any): obj is DomainSamlOptions;
|
|
63
|
+
/**
|
|
64
|
+
* Name of the domain.
|
|
65
|
+
*/
|
|
66
|
+
readonly domainName: pulumi.Output<string>;
|
|
67
|
+
/**
|
|
68
|
+
* SAML authentication options for an AWS OpenSearch Domain.
|
|
69
|
+
*/
|
|
70
|
+
readonly samlOptions: pulumi.Output<outputs.opensearch.DomainSamlOptionsSamlOptions | undefined>;
|
|
71
|
+
/**
|
|
72
|
+
* Create a DomainSamlOptions resource with the given unique name, arguments, and options.
|
|
73
|
+
*
|
|
74
|
+
* @param name The _unique_ name of the resource.
|
|
75
|
+
* @param args The arguments to use to populate this resource's properties.
|
|
76
|
+
* @param opts A bag of options that control this resource's behavior.
|
|
77
|
+
*/
|
|
78
|
+
constructor(name: string, args: DomainSamlOptionsArgs, opts?: pulumi.CustomResourceOptions);
|
|
79
|
+
}
|
|
80
|
+
/**
|
|
81
|
+
* Input properties used for looking up and filtering DomainSamlOptions resources.
|
|
82
|
+
*/
|
|
83
|
+
export interface DomainSamlOptionsState {
|
|
84
|
+
/**
|
|
85
|
+
* Name of the domain.
|
|
86
|
+
*/
|
|
87
|
+
domainName?: pulumi.Input<string>;
|
|
88
|
+
/**
|
|
89
|
+
* SAML authentication options for an AWS OpenSearch Domain.
|
|
90
|
+
*/
|
|
91
|
+
samlOptions?: pulumi.Input<inputs.opensearch.DomainSamlOptionsSamlOptions>;
|
|
92
|
+
}
|
|
93
|
+
/**
|
|
94
|
+
* The set of arguments for constructing a DomainSamlOptions resource.
|
|
95
|
+
*/
|
|
96
|
+
export interface DomainSamlOptionsArgs {
|
|
97
|
+
/**
|
|
98
|
+
* Name of the domain.
|
|
99
|
+
*/
|
|
100
|
+
domainName: pulumi.Input<string>;
|
|
101
|
+
/**
|
|
102
|
+
* SAML authentication options for an AWS OpenSearch Domain.
|
|
103
|
+
*/
|
|
104
|
+
samlOptions?: pulumi.Input<inputs.opensearch.DomainSamlOptionsSamlOptions>;
|
|
105
|
+
}
|
|
@@ -0,0 +1,98 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. ***
|
|
3
|
+
// *** Do not edit by hand unless you're certain you know what you are doing! ***
|
|
4
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
5
|
+
exports.DomainSamlOptions = void 0;
|
|
6
|
+
const pulumi = require("@pulumi/pulumi");
|
|
7
|
+
const utilities = require("../utilities");
|
|
8
|
+
/**
|
|
9
|
+
* Manages SAML authentication options for an AWS OpenSearch Domain.
|
|
10
|
+
*
|
|
11
|
+
* ## Example Usage
|
|
12
|
+
* ### Basic Usage
|
|
13
|
+
*
|
|
14
|
+
* ```typescript
|
|
15
|
+
* import * as pulumi from "@pulumi/pulumi";
|
|
16
|
+
* import * as aws from "@pulumi/aws";
|
|
17
|
+
* import * from "fs";
|
|
18
|
+
*
|
|
19
|
+
* const exampleDomain = new aws.opensearch.Domain("exampleDomain", {
|
|
20
|
+
* domainName: "example",
|
|
21
|
+
* engineVersion: "OpenSearch_1.1",
|
|
22
|
+
* clusterConfig: {
|
|
23
|
+
* instanceType: "r4.large.search",
|
|
24
|
+
* },
|
|
25
|
+
* snapshotOptions: {
|
|
26
|
+
* automatedSnapshotStartHour: 23,
|
|
27
|
+
* },
|
|
28
|
+
* tags: {
|
|
29
|
+
* Domain: "TestDomain",
|
|
30
|
+
* },
|
|
31
|
+
* });
|
|
32
|
+
* const exampleDomainSamlOptions = new aws.opensearch.DomainSamlOptions("exampleDomainSamlOptions", {
|
|
33
|
+
* domainName: exampleDomain.domainName,
|
|
34
|
+
* samlOptions: {
|
|
35
|
+
* enabled: true,
|
|
36
|
+
* idp: {
|
|
37
|
+
* entityId: "https://example.com",
|
|
38
|
+
* metadataContent: fs.readFileSync("./saml-metadata.xml"),
|
|
39
|
+
* },
|
|
40
|
+
* },
|
|
41
|
+
* });
|
|
42
|
+
* ```
|
|
43
|
+
*
|
|
44
|
+
* ## Import
|
|
45
|
+
*
|
|
46
|
+
* OpenSearch domains can be imported using the `domain_name`, e.g.,
|
|
47
|
+
*
|
|
48
|
+
* ```sh
|
|
49
|
+
* $ pulumi import aws:opensearch/domainSamlOptions:DomainSamlOptions example domain_name
|
|
50
|
+
* ```
|
|
51
|
+
*/
|
|
52
|
+
class DomainSamlOptions extends pulumi.CustomResource {
|
|
53
|
+
constructor(name, argsOrState, opts) {
|
|
54
|
+
let resourceInputs = {};
|
|
55
|
+
opts = opts || {};
|
|
56
|
+
if (opts.id) {
|
|
57
|
+
const state = argsOrState;
|
|
58
|
+
resourceInputs["domainName"] = state ? state.domainName : undefined;
|
|
59
|
+
resourceInputs["samlOptions"] = state ? state.samlOptions : undefined;
|
|
60
|
+
}
|
|
61
|
+
else {
|
|
62
|
+
const args = argsOrState;
|
|
63
|
+
if ((!args || args.domainName === undefined) && !opts.urn) {
|
|
64
|
+
throw new Error("Missing required property 'domainName'");
|
|
65
|
+
}
|
|
66
|
+
resourceInputs["domainName"] = args ? args.domainName : undefined;
|
|
67
|
+
resourceInputs["samlOptions"] = args ? args.samlOptions : undefined;
|
|
68
|
+
}
|
|
69
|
+
opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts);
|
|
70
|
+
super(DomainSamlOptions.__pulumiType, name, resourceInputs, opts);
|
|
71
|
+
}
|
|
72
|
+
/**
|
|
73
|
+
* Get an existing DomainSamlOptions resource's state with the given name, ID, and optional extra
|
|
74
|
+
* properties used to qualify the lookup.
|
|
75
|
+
*
|
|
76
|
+
* @param name The _unique_ name of the resulting resource.
|
|
77
|
+
* @param id The _unique_ provider ID of the resource to lookup.
|
|
78
|
+
* @param state Any extra arguments used during the lookup.
|
|
79
|
+
* @param opts Optional settings to control the behavior of the CustomResource.
|
|
80
|
+
*/
|
|
81
|
+
static get(name, id, state, opts) {
|
|
82
|
+
return new DomainSamlOptions(name, state, Object.assign(Object.assign({}, opts), { id: id }));
|
|
83
|
+
}
|
|
84
|
+
/**
|
|
85
|
+
* Returns true if the given object is an instance of DomainSamlOptions. This is designed to work even
|
|
86
|
+
* when multiple copies of the Pulumi SDK have been loaded into the same process.
|
|
87
|
+
*/
|
|
88
|
+
static isInstance(obj) {
|
|
89
|
+
if (obj === undefined || obj === null) {
|
|
90
|
+
return false;
|
|
91
|
+
}
|
|
92
|
+
return obj['__pulumiType'] === DomainSamlOptions.__pulumiType;
|
|
93
|
+
}
|
|
94
|
+
}
|
|
95
|
+
exports.DomainSamlOptions = DomainSamlOptions;
|
|
96
|
+
/** @internal */
|
|
97
|
+
DomainSamlOptions.__pulumiType = 'aws:opensearch/domainSamlOptions:DomainSamlOptions';
|
|
98
|
+
//# sourceMappingURL=domainSamlOptions.js.map
|