com.pulumi.aws.elasticsearch.Domain Maven / Gradle / Ivy
Go to download
Show more of this group Show more artifacts with this name
Show all versions of aws Show documentation
Show all versions of aws Show documentation
A Pulumi package for creating and managing Amazon Web Services (AWS) cloud resources.
// *** WARNING: this file was generated by pulumi-java-gen. ***
// *** Do not edit by hand unless you're certain you know what you are doing! ***
package com.pulumi.aws.elasticsearch;
import com.pulumi.aws.Utilities;
import com.pulumi.aws.elasticsearch.DomainArgs;
import com.pulumi.aws.elasticsearch.inputs.DomainState;
import com.pulumi.aws.elasticsearch.outputs.DomainAdvancedSecurityOptions;
import com.pulumi.aws.elasticsearch.outputs.DomainAutoTuneOptions;
import com.pulumi.aws.elasticsearch.outputs.DomainClusterConfig;
import com.pulumi.aws.elasticsearch.outputs.DomainCognitoOptions;
import com.pulumi.aws.elasticsearch.outputs.DomainDomainEndpointOptions;
import com.pulumi.aws.elasticsearch.outputs.DomainEbsOptions;
import com.pulumi.aws.elasticsearch.outputs.DomainEncryptAtRest;
import com.pulumi.aws.elasticsearch.outputs.DomainLogPublishingOption;
import com.pulumi.aws.elasticsearch.outputs.DomainNodeToNodeEncryption;
import com.pulumi.aws.elasticsearch.outputs.DomainSnapshotOptions;
import com.pulumi.aws.elasticsearch.outputs.DomainVpcOptions;
import com.pulumi.core.Output;
import com.pulumi.core.annotations.Export;
import com.pulumi.core.annotations.ResourceType;
import com.pulumi.core.internal.Codegen;
import java.lang.String;
import java.util.List;
import java.util.Map;
import java.util.Optional;
import javax.annotation.Nullable;
/**
* Manages an AWS Elasticsearch Domain.
*
* ## Example Usage
*
* ### Basic Usage
*
* <!--Start PulumiCodeChooser -->
*
* {@code
* package generated_program;
*
* import com.pulumi.Context;
* import com.pulumi.Pulumi;
* import com.pulumi.core.Output;
* import com.pulumi.aws.elasticsearch.Domain;
* import com.pulumi.aws.elasticsearch.DomainArgs;
* import com.pulumi.aws.elasticsearch.inputs.DomainClusterConfigArgs;
* import java.util.List;
* import java.util.ArrayList;
* import java.util.Map;
* import java.io.File;
* import java.nio.file.Files;
* import java.nio.file.Paths;
*
* public class App {
* public static void main(String[] args) {
* Pulumi.run(App::stack);
* }
*
* public static void stack(Context ctx) {
* var example = new Domain("example", DomainArgs.builder()
* .domainName("example")
* .elasticsearchVersion("7.10")
* .clusterConfig(DomainClusterConfigArgs.builder()
* .instanceType("r4.large.elasticsearch")
* .build())
* .tags(Map.of("Domain", "TestDomain"))
* .build());
*
* }
* }
* }
*
* <!--End PulumiCodeChooser -->
*
* ### Access Policy
*
* > See also: `aws.elasticsearch.DomainPolicy` resource
*
* <!--Start PulumiCodeChooser -->
*
* {@code
* package generated_program;
*
* import com.pulumi.Context;
* import com.pulumi.Pulumi;
* import com.pulumi.core.Output;
* import com.pulumi.aws.AwsFunctions;
* import com.pulumi.aws.inputs.GetRegionArgs;
* import com.pulumi.aws.inputs.GetCallerIdentityArgs;
* import com.pulumi.aws.elasticsearch.Domain;
* import com.pulumi.aws.elasticsearch.DomainArgs;
* import java.util.List;
* import java.util.ArrayList;
* import java.util.Map;
* import java.io.File;
* import java.nio.file.Files;
* import java.nio.file.Paths;
*
* public class App {
* public static void main(String[] args) {
* Pulumi.run(App::stack);
* }
*
* public static void stack(Context ctx) {
* final var config = ctx.config();
* final var domain = config.get("domain").orElse("tf-test");
* final var current = AwsFunctions.getRegion();
*
* final var currentGetCallerIdentity = AwsFunctions.getCallerIdentity();
*
* var example = new Domain("example", DomainArgs.builder()
* .domainName(domain)
* .accessPolicies("""
* {
* "Version": "2012-10-17",
* "Statement": [
* {
* "Action": "es:*",
* "Principal": "*",
* "Effect": "Allow",
* "Resource": "arn:aws:es:%s:%s:domain/%s/*",
* "Condition": {
* "IpAddress": {"aws:SourceIp": ["66.193.100.22/32"]}
* }
* }
* ]
* }
* ", current.applyValue(getRegionResult -> getRegionResult.name()),currentGetCallerIdentity.applyValue(getCallerIdentityResult -> getCallerIdentityResult.accountId()),domain))
* .build());
*
* }
* }
* }
*
* <!--End PulumiCodeChooser -->
*
* ### Log Publishing to CloudWatch Logs
*
* <!--Start PulumiCodeChooser -->
*
* {@code
* package generated_program;
*
* import com.pulumi.Context;
* import com.pulumi.Pulumi;
* import com.pulumi.core.Output;
* import com.pulumi.aws.cloudwatch.LogGroup;
* import com.pulumi.aws.cloudwatch.LogGroupArgs;
* import com.pulumi.aws.iam.IamFunctions;
* import com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;
* import com.pulumi.aws.cloudwatch.LogResourcePolicy;
* import com.pulumi.aws.cloudwatch.LogResourcePolicyArgs;
* import com.pulumi.aws.elasticsearch.Domain;
* import com.pulumi.aws.elasticsearch.DomainArgs;
* import com.pulumi.aws.elasticsearch.inputs.DomainLogPublishingOptionArgs;
* import java.util.List;
* import java.util.ArrayList;
* import java.util.Map;
* import java.io.File;
* import java.nio.file.Files;
* import java.nio.file.Paths;
*
* public class App {
* public static void main(String[] args) {
* Pulumi.run(App::stack);
* }
*
* public static void stack(Context ctx) {
* var exampleLogGroup = new LogGroup("exampleLogGroup", LogGroupArgs.builder()
* .name("example")
* .build());
*
* final var example = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()
* .statements(GetPolicyDocumentStatementArgs.builder()
* .effect("Allow")
* .principals(GetPolicyDocumentStatementPrincipalArgs.builder()
* .type("Service")
* .identifiers("es.amazonaws.com")
* .build())
* .actions(
* "logs:PutLogEvents",
* "logs:PutLogEventsBatch",
* "logs:CreateLogStream")
* .resources("arn:aws:logs:*")
* .build())
* .build());
*
* var exampleLogResourcePolicy = new LogResourcePolicy("exampleLogResourcePolicy", LogResourcePolicyArgs.builder()
* .policyName("example")
* .policyDocument(example.applyValue(getPolicyDocumentResult -> getPolicyDocumentResult.json()))
* .build());
*
* var exampleDomain = new Domain("exampleDomain", DomainArgs.builder()
* .logPublishingOptions(DomainLogPublishingOptionArgs.builder()
* .cloudwatchLogGroupArn(exampleLogGroup.arn())
* .logType("INDEX_SLOW_LOGS")
* .build())
* .build());
*
* }
* }
* }
*
* <!--End PulumiCodeChooser -->
*
* ### VPC based ES
*
* <!--Start PulumiCodeChooser -->
*
* {@code
* package generated_program;
*
* import com.pulumi.Context;
* import com.pulumi.Pulumi;
* import com.pulumi.core.Output;
* import com.pulumi.aws.ec2.Ec2Functions;
* import com.pulumi.aws.ec2.inputs.GetVpcArgs;
* import com.pulumi.aws.ec2.inputs.GetSubnetsArgs;
* import com.pulumi.aws.AwsFunctions;
* import com.pulumi.aws.inputs.GetRegionArgs;
* import com.pulumi.aws.inputs.GetCallerIdentityArgs;
* import com.pulumi.aws.ec2.SecurityGroup;
* import com.pulumi.aws.ec2.SecurityGroupArgs;
* import com.pulumi.aws.ec2.inputs.SecurityGroupIngressArgs;
* import com.pulumi.aws.iam.ServiceLinkedRole;
* import com.pulumi.aws.iam.ServiceLinkedRoleArgs;
* import com.pulumi.aws.elasticsearch.Domain;
* import com.pulumi.aws.elasticsearch.DomainArgs;
* import com.pulumi.aws.elasticsearch.inputs.DomainClusterConfigArgs;
* import com.pulumi.aws.elasticsearch.inputs.DomainVpcOptionsArgs;
* import com.pulumi.resources.CustomResourceOptions;
* import java.util.List;
* import java.util.ArrayList;
* import java.util.Map;
* import java.io.File;
* import java.nio.file.Files;
* import java.nio.file.Paths;
*
* public class App {
* public static void main(String[] args) {
* Pulumi.run(App::stack);
* }
*
* public static void stack(Context ctx) {
* final var config = ctx.config();
* final var vpc = config.get("vpc");
* final var domain = config.get("domain").orElse("tf-test");
* final var selected = Ec2Functions.getVpc(GetVpcArgs.builder()
* .tags(Map.of("Name", vpc))
* .build());
*
* final var selectedGetSubnets = Ec2Functions.getSubnets(GetSubnetsArgs.builder()
* .filters(GetSubnetsFilterArgs.builder()
* .name("vpc-id")
* .values(selected.applyValue(getVpcResult -> getVpcResult.id()))
* .build())
* .tags(Map.of("Tier", "private"))
* .build());
*
* final var current = AwsFunctions.getRegion();
*
* final var currentGetCallerIdentity = AwsFunctions.getCallerIdentity();
*
* var es = new SecurityGroup("es", SecurityGroupArgs.builder()
* .name(String.format("%s-elasticsearch-%s", vpc,domain))
* .description("Managed by Pulumi")
* .vpcId(selected.applyValue(getVpcResult -> getVpcResult.id()))
* .ingress(SecurityGroupIngressArgs.builder()
* .fromPort(443)
* .toPort(443)
* .protocol("tcp")
* .cidrBlocks(selected.applyValue(getVpcResult -> getVpcResult.cidrBlock()))
* .build())
* .build());
*
* var esServiceLinkedRole = new ServiceLinkedRole("esServiceLinkedRole", ServiceLinkedRoleArgs.builder()
* .awsServiceName("opensearchservice.amazonaws.com")
* .build());
*
* var esDomain = new Domain("esDomain", DomainArgs.builder()
* .domainName(domain)
* .elasticsearchVersion("6.3")
* .clusterConfig(DomainClusterConfigArgs.builder()
* .instanceType("m4.large.elasticsearch")
* .zoneAwarenessEnabled(true)
* .build())
* .vpcOptions(DomainVpcOptionsArgs.builder()
* .subnetIds(
* selectedGetSubnets.applyValue(getSubnetsResult -> getSubnetsResult.ids()[0]),
* selectedGetSubnets.applyValue(getSubnetsResult -> getSubnetsResult.ids()[1]))
* .securityGroupIds(es.id())
* .build())
* .advancedOptions(Map.of("rest.action.multi.allow_explicit_index", "true"))
* .accessPolicies("""
* {
* "Version": "2012-10-17",
* "Statement": [
* {
* "Action": "es:*",
* "Principal": "*",
* "Effect": "Allow",
* "Resource": "arn:aws:es:%s:%s:domain/%s/*"
* }
* ]
* }
* ", current.applyValue(getRegionResult -> getRegionResult.name()),currentGetCallerIdentity.applyValue(getCallerIdentityResult -> getCallerIdentityResult.accountId()),domain))
* .tags(Map.of("Domain", "TestDomain"))
* .build(), CustomResourceOptions.builder()
* .dependsOn(esServiceLinkedRole)
* .build());
*
* }
* }
* }
*
* <!--End PulumiCodeChooser -->
*
* ## Import
*
* Using `pulumi import`, import Elasticsearch domains using the `domain_name`. For example:
*
* ```sh
* $ pulumi import aws:elasticsearch/domain:Domain example domain_name
* ```
*
*/
@ResourceType(type="aws:elasticsearch/domain:Domain")
public class Domain extends com.pulumi.resources.CustomResource {
/**
* IAM policy document specifying the access policies for the domain.
*
*/
@Export(name="accessPolicies", refs={String.class}, tree="[0]")
private Output accessPolicies;
/**
* @return IAM policy document specifying the access policies for the domain.
*
*/
public Output accessPolicies() {
return this.accessPolicies;
}
/**
* Key-value string pairs to specify advanced configuration options. Note that the values for these configuration options must be strings (wrapped in quotes) or they may be wrong and cause a perpetual diff, causing the provider to want to recreate your Elasticsearch domain on every apply.
*
*/
@Export(name="advancedOptions", refs={Map.class,String.class}, tree="[0,1,1]")
private Output> advancedOptions;
/**
* @return Key-value string pairs to specify advanced configuration options. Note that the values for these configuration options must be strings (wrapped in quotes) or they may be wrong and cause a perpetual diff, causing the provider to want to recreate your Elasticsearch domain on every apply.
*
*/
public Output> advancedOptions() {
return this.advancedOptions;
}
/**
* Configuration block for [fine-grained access control](https://docs.aws.amazon.com/elasticsearch-service/latest/developerguide/fgac.html). Detailed below.
*
*/
@Export(name="advancedSecurityOptions", refs={DomainAdvancedSecurityOptions.class}, tree="[0]")
private Output advancedSecurityOptions;
/**
* @return Configuration block for [fine-grained access control](https://docs.aws.amazon.com/elasticsearch-service/latest/developerguide/fgac.html). Detailed below.
*
*/
public Output advancedSecurityOptions() {
return this.advancedSecurityOptions;
}
/**
* ARN of the domain.
*
*/
@Export(name="arn", refs={String.class}, tree="[0]")
private Output arn;
/**
* @return ARN of the domain.
*
*/
public Output arn() {
return this.arn;
}
/**
* Configuration block for the Auto-Tune options of the domain. Detailed below.
*
*/
@Export(name="autoTuneOptions", refs={DomainAutoTuneOptions.class}, tree="[0]")
private Output autoTuneOptions;
/**
* @return Configuration block for the Auto-Tune options of the domain. Detailed below.
*
*/
public Output autoTuneOptions() {
return this.autoTuneOptions;
}
/**
* Configuration block for the cluster of the domain. Detailed below.
*
*/
@Export(name="clusterConfig", refs={DomainClusterConfig.class}, tree="[0]")
private Output clusterConfig;
/**
* @return Configuration block for the cluster of the domain. Detailed below.
*
*/
public Output clusterConfig() {
return this.clusterConfig;
}
/**
* Configuration block for authenticating Kibana with Cognito. Detailed below.
*
*/
@Export(name="cognitoOptions", refs={DomainCognitoOptions.class}, tree="[0]")
private Output cognitoOptions;
/**
* @return Configuration block for authenticating Kibana with Cognito. Detailed below.
*
*/
public Output> cognitoOptions() {
return Codegen.optional(this.cognitoOptions);
}
/**
* Configuration block for domain endpoint HTTP(S) related options. Detailed below.
*
*/
@Export(name="domainEndpointOptions", refs={DomainDomainEndpointOptions.class}, tree="[0]")
private Output domainEndpointOptions;
/**
* @return Configuration block for domain endpoint HTTP(S) related options. Detailed below.
*
*/
public Output domainEndpointOptions() {
return this.domainEndpointOptions;
}
/**
* Unique identifier for the domain.
*
*/
@Export(name="domainId", refs={String.class}, tree="[0]")
private Output domainId;
/**
* @return Unique identifier for the domain.
*
*/
public Output domainId() {
return this.domainId;
}
/**
* Name of the domain.
*
* The following arguments are optional:
*
*/
@Export(name="domainName", refs={String.class}, tree="[0]")
private Output domainName;
/**
* @return Name of the domain.
*
* The following arguments are optional:
*
*/
public Output domainName() {
return this.domainName;
}
/**
* Configuration block for EBS related options, may be required based on chosen [instance size](https://aws.amazon.com/elasticsearch-service/pricing/). Detailed below.
*
*/
@Export(name="ebsOptions", refs={DomainEbsOptions.class}, tree="[0]")
private Output ebsOptions;
/**
* @return Configuration block for EBS related options, may be required based on chosen [instance size](https://aws.amazon.com/elasticsearch-service/pricing/). Detailed below.
*
*/
public Output ebsOptions() {
return this.ebsOptions;
}
/**
* Version of Elasticsearch to deploy. Defaults to `1.5`.
*
*/
@Export(name="elasticsearchVersion", refs={String.class}, tree="[0]")
private Output elasticsearchVersion;
/**
* @return Version of Elasticsearch to deploy. Defaults to `1.5`.
*
*/
public Output> elasticsearchVersion() {
return Codegen.optional(this.elasticsearchVersion);
}
/**
* Configuration block for encrypt at rest options. Only available for [certain instance types](http://docs.aws.amazon.com/elasticsearch-service/latest/developerguide/aes-supported-instance-types.html). Detailed below.
*
*/
@Export(name="encryptAtRest", refs={DomainEncryptAtRest.class}, tree="[0]")
private Output encryptAtRest;
/**
* @return Configuration block for encrypt at rest options. Only available for [certain instance types](http://docs.aws.amazon.com/elasticsearch-service/latest/developerguide/aes-supported-instance-types.html). Detailed below.
*
*/
public Output encryptAtRest() {
return this.encryptAtRest;
}
/**
* Domain-specific endpoint used to submit index, search, and data upload requests.
*
*/
@Export(name="endpoint", refs={String.class}, tree="[0]")
private Output endpoint;
/**
* @return Domain-specific endpoint used to submit index, search, and data upload requests.
*
*/
public Output endpoint() {
return this.endpoint;
}
/**
* Domain-specific endpoint for kibana without https scheme.
*
*/
@Export(name="kibanaEndpoint", refs={String.class}, tree="[0]")
private Output kibanaEndpoint;
/**
* @return Domain-specific endpoint for kibana without https scheme.
*
*/
public Output kibanaEndpoint() {
return this.kibanaEndpoint;
}
/**
* Configuration block for publishing slow and application logs to CloudWatch Logs. This block can be declared multiple times, for each log_type, within the same resource. Detailed below.
*
*/
@Export(name="logPublishingOptions", refs={List.class,DomainLogPublishingOption.class}, tree="[0,1]")
private Output> logPublishingOptions;
/**
* @return Configuration block for publishing slow and application logs to CloudWatch Logs. This block can be declared multiple times, for each log_type, within the same resource. Detailed below.
*
*/
public Output>> logPublishingOptions() {
return Codegen.optional(this.logPublishingOptions);
}
/**
* Configuration block for node-to-node encryption options. Detailed below.
*
*/
@Export(name="nodeToNodeEncryption", refs={DomainNodeToNodeEncryption.class}, tree="[0]")
private Output nodeToNodeEncryption;
/**
* @return Configuration block for node-to-node encryption options. Detailed below.
*
*/
public Output nodeToNodeEncryption() {
return this.nodeToNodeEncryption;
}
/**
* Configuration block for snapshot related options. Detailed below. DEPRECATED. For domains running Elasticsearch 5.3 and later, Amazon ES takes hourly automated snapshots, making this setting irrelevant. For domains running earlier versions of Elasticsearch, Amazon ES takes daily automated snapshots.
*
*/
@Export(name="snapshotOptions", refs={DomainSnapshotOptions.class}, tree="[0]")
private Output snapshotOptions;
/**
* @return Configuration block for snapshot related options. Detailed below. DEPRECATED. For domains running Elasticsearch 5.3 and later, Amazon ES takes hourly automated snapshots, making this setting irrelevant. For domains running earlier versions of Elasticsearch, Amazon ES takes daily automated snapshots.
*
*/
public Output> snapshotOptions() {
return Codegen.optional(this.snapshotOptions);
}
/**
* Map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.
*
*/
@Export(name="tags", refs={Map.class,String.class}, tree="[0,1,1]")
private Output> tags;
/**
* @return Map of tags to assign to the resource. If configured with a provider `default_tags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.
*
*/
public Output>> tags() {
return Codegen.optional(this.tags);
}
/**
* Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.
*
* @deprecated
* Please use `tags` instead.
*
*/
@Deprecated /* Please use `tags` instead. */
@Export(name="tagsAll", refs={Map.class,String.class}, tree="[0,1,1]")
private Output> tagsAll;
/**
* @return Map of tags assigned to the resource, including those inherited from the provider `default_tags` configuration block.
*
*/
public Output> tagsAll() {
return this.tagsAll;
}
/**
* Configuration block for VPC related options. Adding or removing this configuration forces a new resource ([documentation](https://docs.aws.amazon.com/elasticsearch-service/latest/developerguide/es-vpc.html#es-vpc-limitations)). Detailed below.
*
*/
@Export(name="vpcOptions", refs={DomainVpcOptions.class}, tree="[0]")
private Output vpcOptions;
/**
* @return Configuration block for VPC related options. Adding or removing this configuration forces a new resource ([documentation](https://docs.aws.amazon.com/elasticsearch-service/latest/developerguide/es-vpc.html#es-vpc-limitations)). Detailed below.
*
*/
public Output> vpcOptions() {
return Codegen.optional(this.vpcOptions);
}
/**
*
* @param name The _unique_ name of the resulting resource.
*/
public Domain(java.lang.String name) {
this(name, DomainArgs.Empty);
}
/**
*
* @param name The _unique_ name of the resulting resource.
* @param args The arguments to use to populate this resource's properties.
*/
public Domain(java.lang.String name, @Nullable DomainArgs args) {
this(name, args, null);
}
/**
*
* @param name The _unique_ name of the resulting resource.
* @param args The arguments to use to populate this resource's properties.
* @param options A bag of options that control this resource's behavior.
*/
public Domain(java.lang.String name, @Nullable DomainArgs args, @Nullable com.pulumi.resources.CustomResourceOptions options) {
super("aws:elasticsearch/domain:Domain", name, makeArgs(args, options), makeResourceOptions(options, Codegen.empty()), false);
}
private Domain(java.lang.String name, Output id, @Nullable DomainState state, @Nullable com.pulumi.resources.CustomResourceOptions options) {
super("aws:elasticsearch/domain:Domain", name, state, makeResourceOptions(options, id), false);
}
private static DomainArgs makeArgs(@Nullable DomainArgs args, @Nullable com.pulumi.resources.CustomResourceOptions options) {
if (options != null && options.getUrn().isPresent()) {
return null;
}
return args == null ? DomainArgs.Empty : args;
}
private static com.pulumi.resources.CustomResourceOptions makeResourceOptions(@Nullable com.pulumi.resources.CustomResourceOptions options, @Nullable Output id) {
var defaultOptions = com.pulumi.resources.CustomResourceOptions.builder()
.version(Utilities.getVersion())
.build();
return com.pulumi.resources.CustomResourceOptions.merge(defaultOptions, options, id);
}
/**
* Get an existing Host resource's state with the given name, ID, and optional extra
* properties used to qualify the lookup.
*
* @param name The _unique_ name of the resulting resource.
* @param id The _unique_ provider ID of the resource to lookup.
* @param state
* @param options Optional settings to control the behavior of the CustomResource.
*/
public static Domain get(java.lang.String name, Output id, @Nullable DomainState state, @Nullable com.pulumi.resources.CustomResourceOptions options) {
return new Domain(name, id, state, options);
}
}
© 2015 - 2025 Weber Informatics LLC | Privacy Policy