elasticsearch_domain#

State module for managing Amazon Elasticsearch Service Domain

async idem_aws.states.aws.es.elasticsearch_domain.present(hub, ctx, name: str, domain_name: str, elastic_search_version: str, perform_check_only: bool = None, elastic_search_cluster_config: ~types.Configuration to specify the instance type and number of instances in the domain cluster.ElasticsearchClusterConfig = None, ebs_options: ~types.Options to enable, disable and specify the type and size of EBS storage volumes.EBSOptions = None, access_policies: str = None, snapshot_options: ~types.Option to set time, in UTC format, of the daily automated snapshot. Default value is 0 hours.SnapshotOptions = None, vpc_options: ~types.Options to specify the subnets and security groups for VPC endpointVPCOptions = None, cognito_options: ~types.Options to specify the Cognito user and identity pools for Kibana authentication.CognitoOptions = None, encryption_at_rest_options: ~types.Encryption At Rest Options.EncryptionAtRestOptions = None, node_to_node_encryption_options: ~types.Specifies the NodeToNodeEncryptionOptions.NodeToNodeEncryptionOptions = None, advanced_options: ~typing.Dict[str, str] = None, log_publishing_options: ~typing.Dict[str, ~typing.Any] = None, domain_endpoint_options: ~types.Options to specify configuration that will be applied to the domain endpoint.DomainEndpointOptions = None, advanced_security_options: ~types.Specify advanced security options.AdvancedSecurityOptions = None, auto_tune_options: ~types.Specifies Auto-Tune options.AutoTuneOptions = None, dry_run: bool = None, tags: ~typing.Dict[str, str] = None, timeout: ~types.Timeout = None, resource_id: str = None) Dict[str, Any][source]#

Creates a new Elasticsearch domain.

Parameters:
  • name (str) – An Idem name of the resource.

  • domain_name (str) – The name of the Elasticsearch domain that you are creating. Domain names are unique across the domains owned by an account within an AWS region. Domain names must start with a lowercase letter and can contain the following characters: a-z (lowercase), 0-9, and - (hyphen).

  • elastic_search_version (str) – String of format X.Y to specify version for the Elasticsearch domain eg. “1.5” or “2.3”.

  • perform_check_only (bool) –

    This flag, when set to True, indicates that an Upgrade Eligibility Check needs to be performed. This will not actually perform the Upgrade.

    Note

    This property can only be applied when elastic_search_version is upgraded

  • elastic_search_cluster_config (dict, Optional) –

    Configuration options for an Elasticsearch domain. Specifies the instance type and number of instances in the domain cluster.
    • InstanceType(str, Optional): The instance type for an Elasticsearch cluster. UltraWarm instance types are not supported for data instances.

    • InstanceCount(int, Optional): The number of instances in the specified domain cluster.

    • DedicatedMasterEnabled(bool, Optional): A boolean value to indicate whether a dedicated master node is enabled.

    • ZoneAwarenessEnabled(bool, Optional): A boolean value to indicate whether zone awareness is enabled.

    • ZoneAwarenessConfig(dict, Optional):
      Specifies the zone awareness configuration for a domain when zone awareness is enabled.
      • AvailabilityZoneCount(int, Optional): An integer value to indicate the number of availability zones for a domain when zone awareness is enabled. This should be equal to number of subnets if VPC endpoints is enabled

    • DedicatedMasterType(str, Optional): The instance type for a dedicated master node.

    • DedicatedMasterCount(int, Optional): Total number of dedicated master nodes, active and on standby, for the cluster.

    • WarmEnabled(bool, Optional): True to enable warm storage.

    • WarmType(str, Optional): The instance type for the Elasticsearch cluster’s warm nodes.

    • WarmCount(int, Optional): The number of warm nodes in the cluster.

    • ColdStorageOptions(dict, Optional):
      Specifies the ColdStorageOptions config for Elasticsearch Domain
      • Enabled(bool): Enable cold storage option. Accepted values true or false

  • ebs_options (dict, Optional) –

    Options to enable, disable and specify the type and size of EBS storage volumes.
    • EBSEnabled(bool, Optional): Specifies whether EBS-based storage is enabled.

    • VolumeType(str, Optional): Specifies the volume type for EBS-based storage.

    • VolumeSize(int, Optional): Integer to specify the size of an EBS volume.

    • Iops(int, Optional): Specifies the IOPS for Provisioned IOPS And GP3 EBS volume (SSD).

    • Throughput(int, Optional): Specifies the Throughput for GP3 EBS volume (SSD).

  • access_policies (str, Optional) – IAM access policy as a JSON-formatted string.

  • snapshot_options (dict, Optional) –

    Option to set time, in UTC format, of the daily automated snapshot. Default value is 0 hours.
    • AutomatedSnapshotStartHour(int, Optional): Specifies the time, in UTC format, when the service takes a daily automated snapshot of the specified Elasticsearch domain. Default value is 0 hours.

  • vpc_options (dict, Optional) –

    Options to specify the subnets and security groups for VPC endpoint.
    • SubnetIds (list[str], Optional): Specifies the subnets for VPC endpoint.

    • SecurityGroupIds (list[str], Optional): Specifies the security groups for VPC endpoint.

  • cognito_options (dict, Optional) –

    Options to specify the Cognito user and identity pools for Kibana authentication.
    • Enabled(bool, Optional): Specifies the option to enable Cognito for Kibana authentication.

    • UserPoolId(str, Optional): Specifies the Cognito user pool ID for Kibana authentication.

    • IdentityPoolId(str, Optional): Specifies the Cognito identity pool ID for Kibana authentication.

    • RoleArn(str, Optional): Specifies the role ARN that provides Elasticsearch permissions for accessing Cognito resources.

  • encryption_at_rest_options (dict, Optional) –

    Specifies the Encryption At Rest Options.
    • Enabled(bool, Optional): Specifies the option to enable Encryption At Rest.

    • KmsKeyId(str, Optional): Specifies the KMS Key ID for Encryption At Rest options.

  • node_to_node_encryption_options (dict, Optional) –

    Specifies the NodeToNodeEncryptionOptions.
    • Enabled(bool, Optional): Specify true to enable node-to-node encryption.

  • advanced_options (dict, Optional) – Option to allow references to indices in an HTTP request body. Must be false when configuring access to individual sub-resources. By default, the value is true.

  • log_publishing_options (dict, Optional) – Map of LogType and LogPublishingOption , each containing options to publish a given type of Elasticsearch log. Type of Log File, it can be one of the following: * INDEX_SLOW_LOGS: Index slow logs contain insert requests that took more time than configured index query log threshold to execute. * SEARCH_SLOW_LOGS: Search slow logs contain search queries that took more time than configured search query log threshold to execute. * ES_APPLICATION_LOGS: Elasticsearch application logs contain information about errors and warnings raised during the operation of the service and can be useful for troubleshooting. * AUDIT_LOGS: Audit logs contain records of user requests for access from the domain. Log Publishing option that is set for given domain. Attributes and their details: * CloudWatchLogsLogGroupArn: ARN of the Cloudwatch log group to which log needs to be published. * Enabled: Specifies whether given log publishing option is enabled or not.

  • domain_endpoint_options (dict, Optional) –

    Options to specify configuration that will be applied to the domain endpoint.
    • EnforceHTTPS(bool, Optional): Specify if only HTTPS endpoint should be enabled for the Elasticsearch domain.

    • TLSSecurityPolicy(str, Optional):
      Specify the TLS security policy that needs to be applied to the HTTPS endpoint of Elasticsearch domain. It can be one of the following values:

      Policy-Min-TLS-1-0-2019-07: TLS security policy which supports TLSv1.0 and higher. Policy-Min-TLS-1-2-2019-07: TLS security policy which supports only TLSv1.2

    • CustomEndpointEnabled(bool, Optional): Specify if custom endpoint should be enabled for the Elasticsearch domain.

    • CustomEndpoint(str, Optional): Specify the fully qualified domain for your custom endpoint.

    • CustomEndpointCertificateArn(str, Optional): Specify ACM certificate ARN for your custom endpoint..

  • advanced_security_options (dict, Optional) –

    Specifies advanced security options.
    • Enabled(bool, Optional): True if advanced security is enabled.

    • InternalUserDatabaseEnabled(bool, Optional): True if the internal user database is enabled.

    • MasterUserOptions(dict, Optional):
      Credentials for the master user: username and password, ARN, or both.
      • MasterUserARN(str, Optional): ARN for the master user (if IAM is enabled).

      • MasterUserName(str, Optional): The master user’s username, which is stored in the Amazon Elasticsearch Service domain’s internal database.

      • MasterUserPassword(str, Optional): The master user’s password, which is stored in the Amazon Elasticsearch Service domain’s internal database.

    • SAMLOptions(dict, Optional):
      Specifies the SAML application configuration for the domain.
      • Enabled(bool, Optional): True if SAML is enabled.

      • Idp(dict, Optional):
        Specifies the SAML Identity Provider’s information.
        • MetadataContent(str): The Metadata of the SAML application in xml format.

        • EntityId(str): The unique Entity ID of the application in SAML Identity Provider.

      • MasterUserName(str, Optional): The SAML master username, which is stored in the Amazon Elasticsearch Service domain’s internal database.

      • MasterBackendRole(str, Optional): The backend role to which the SAML master user is mapped to.

      • SubjectKey(str, Optional): The key to use for matching the SAML Subject attribute.

      • MasterUserName(str, Optional): The SAML master username, which is stored in the Amazon Elasticsearch Service domain’s internal database.

      • MasterBackendRole(str, Optional): The backend role to which the SAML master user is mapped to.

      • SubjectKey(str, Optional): The key to use for matching the SAML Subject attribute.

      • RolesKey(str, Optional): The key to use for matching the SAML Roles attribute

      • SessionTimeoutMinutes(int, Optional): The duration, in minutes, after which a user session becomes inactive. Acceptable values are between 1 and 1440, and the default value is 60.

    • AnonymousAuthEnabled(bool, Optional): True if Anonymous auth is enabled. Anonymous auth can be enabled only when AdvancedSecurity is enabled on existing domains.

  • auto_tune_options (dict, Optional) –

    Specifies Auto-Tune options.
    • DesiredState(str, Optional): Specifies the Auto-Tune desired state. Valid values are ENABLED, DISABLED.

    • RollbackOnDisable(str, Optional):

      Specifies the rollback state while disabling Auto-Tune for the domain. Valid values are NO_ROLLBACK, DEFAULT_ROLLBACK.

      Note

      This property is only applied on Update of the resource

    • MaintenanceSchedules(list[dict[str, Any]], Optional):
      Specifies list of maintenance schedules.
      • StartAt(datetime, Optional): Specifies timestamp at which Auto-Tune maintenance schedule start.

      • Duration(dict, Optional):
        Specifies maintenance schedule duration: duration value and duration unit.
        • Value(int, Optional): Integer to specify the value of a maintenance schedule duration.

        • Unit(str, Optional): Specifies the unit of a maintenance schedule duration. Valid value is HOURS.

      • CronExpressionForRecurrence(str, Optional): Specifies cron expression for a recurring maintenance schedule.

  • dry_run (bool, Optional) –

    This flag, when set to True, specifies whether the update request should return the results of validation checks without actually applying the change. This will not actually perform the Update.

    Note

    This property is only applied on Update of the resource

  • tags (dict, Optional) – Dict in the format of {tag-key: tag-value} Tag keys must be unique for the Elasticsearch domain to which they are attached. Tag values can be null and do not have to be unique in a tag set. For example, you can have a key value pair in a tag set of project : Trinity and cost-center : Trinity Defaults to None.

  • timeout (dict, Optional) –

    Timeout configuration for create/update of AWS Elasticsearch domain
    • create(dict, Optional):
      Timeout configuration for creating AWS Elasticsearch domain
      • delay(int, Optional): The amount of time in seconds to wait between attempts. Default value is 30.

      • max_attempts(int, Optional): Customized timeout configuration containing delay and max attempts. Default value is 60.

    • update(dict, Optional):
      Timeout configuration for updating AWS Elasticsearch domain
      • delay(int, Optional): The amount of time in seconds to wait between attempts. Default value is 30.

      • max_attempts(int, Optional): Customized timeout configuration containing delay and max attempts. Default value is 60.

  • resource_id (str, Optional) – The name of the Elasticsearch domain. Defaults to None.

Returns:

Dict[str, Any]

Examples

resource_is_present:
     aws.es.elasticsearch_domain.present:
       - name: value
       - domain_name: value
       - elastic_search_version: value
async idem_aws.states.aws.es.elasticsearch_domain.absent(hub, ctx, name: str, resource_id: str = None, timeout: ~types.Specifies timeout for deletion of domain.Timeout = None) Dict[str, Any][source]#

Deletes the specified Elasticsearch domain and all of its data. Once a domain is deleted, it cannot be recovered.

Parameters:
  • name (str) – An Idem name of the resource.

  • resource_id (str, Optional) – The name of the domain. Idem automatically considers this resource being absent if this field is not specified.

  • timeout (Dict, Optional) –

    Timeout configuration for AWS Elasticsearch domain
    • delete(Dict, Optional):
      Timeout configuration when deleting an AWS Elasticsearch domain
      • delay(int, Optional) – The amount of time in seconds to wait between attempts. Default value is 30.

      • max_attempts(int, Optional) – Max attempts of waiting for change. Default value is 60.

Returns:

Dict[str, Any]

Examples

test-domain-name:
  aws.es.elasticsearch_domain.absent:
    - name: test-domain-name
    - resource_id: test-domain-name
async idem_aws.states.aws.es.elasticsearch_domain.describe(hub, ctx) Dict[str, Dict[str, Any]][source]#

Retrieves a list of domain configuration information of type “Elasticsearch”

Returns:

Dict[str, Dict[str, Any]]

Examples

$ idem describe aws.es.elasticsearch_domain