Docs
PackagesAiven v6.13.0 published on Monday, Mar 25, 2024 by Pulumi
aiven.OpenSearchAclRule
Explore with Pulumi AI
The OpenSearch ACL Rule resource models a single ACL Rule for an Aiven OpenSearch service.
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as aiven from "@pulumi/aiven";
const osUser = new aiven.OpensearchUser("osUser", {
project: _var.aiven_project_name,
serviceName: aiven_opensearch.os_test.service_name,
username: "documentation-user-1",
});
const osUser2 = new aiven.OpensearchUser("osUser2", {
project: _var.aiven_project_name,
serviceName: aiven_opensearch.os_test.service_name,
username: "documentation-user-2",
});
const osAclsConfig = new aiven.OpenSearchAclConfig("osAclsConfig", {
project: _var.aiven_project_name,
serviceName: aiven_opensearch.os_test.service_name,
enabled: true,
extendedAcl: false,
});
const aclRules = [
{
username: osUser.username,
index: "index2",
permission: "readwrite",
},
{
username: osUser.username,
index: "index3",
permission: "read",
},
{
username: osUser.username,
index: "index5",
permission: "deny",
},
{
username: osUser2.username,
index: "index3",
permission: "write",
},
{
username: osUser2.username,
index: "index7",
permission: "readwrite",
},
];
const osAclRule: aiven.OpenSearchAclRule[] = [];
pulumi.all(aclRules.map((v, k) => [k, v]).reduce((__obj, [, ]) => ({ ...__obj, [i]: v }))).apply(rangeBody => {
for (const range of Object.entries(rangeBody).map(([k, v]) => ({key: k, value: v}))) {
osAclRule.push(new aiven.OpenSearchAclRule(`osAclRule-${range.key}`, {
project: osAclsConfig.project,
serviceName: osAclsConfig.serviceName,
username: range.value.username,
index: range.value.index,
permission: range.value.permission,
}));
}
});
import pulumi
import pulumi_aiven as aiven
os_user = aiven.OpensearchUser("osUser",
project=var["aiven_project_name"],
service_name=aiven_opensearch["os_test"]["service_name"],
username="documentation-user-1")
os_user2 = aiven.OpensearchUser("osUser2",
project=var["aiven_project_name"],
service_name=aiven_opensearch["os_test"]["service_name"],
username="documentation-user-2")
os_acls_config = aiven.OpenSearchAclConfig("osAclsConfig",
project=var["aiven_project_name"],
service_name=aiven_opensearch["os_test"]["service_name"],
enabled=True,
extended_acl=False)
acl_rules = [
{
"username": os_user.username,
"index": "index2",
"permission": "readwrite",
},
{
"username": os_user.username,
"index": "index3",
"permission": "read",
},
{
"username": os_user.username,
"index": "index5",
"permission": "deny",
},
{
"username": os_user2.username,
"index": "index3",
"permission": "write",
},
{
"username": os_user2.username,
"index": "index7",
"permission": "readwrite",
},
]
os_acl_rule = []
def create_os_acl_rule(range_body):
for range in [{"key": k, "value": v} for [k, v] in enumerate(range_body)]:
os_acl_rule.append(aiven.OpenSearchAclRule(f"osAclRule-{range['key']}",
project=os_acls_config.project,
service_name=os_acls_config.service_name,
username=range["value"]["username"],
index=range["value"]["index"],
permission=range["value"]["permission"]))
pulumi.Output.all({i: v for i, v in acl_rules}).apply(lambda resolved_outputs: create_os_acl_rule(resolved_outputs[0]))
package main
import (
"github.com/pulumi/pulumi-aiven/sdk/v6/go/aiven"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
osUser, err := aiven.NewOpensearchUser(ctx, "osUser", &aiven.OpensearchUserArgs{
Project: pulumi.Any(_var.Aiven_project_name),
ServiceName: pulumi.Any(aiven_opensearch.Os_test.Service_name),
Username: pulumi.String("documentation-user-1"),
})
if err != nil {
return err
}
osUser2, err := aiven.NewOpensearchUser(ctx, "osUser2", &aiven.OpensearchUserArgs{
Project: pulumi.Any(_var.Aiven_project_name),
ServiceName: pulumi.Any(aiven_opensearch.Os_test.Service_name),
Username: pulumi.String("documentation-user-2"),
})
if err != nil {
return err
}
osAclsConfig, err := aiven.NewOpenSearchAclConfig(ctx, "osAclsConfig", &aiven.OpenSearchAclConfigArgs{
Project: pulumi.Any(_var.Aiven_project_name),
ServiceName: pulumi.Any(aiven_opensearch.Os_test.Service_name),
Enabled: pulumi.Bool(true),
ExtendedAcl: pulumi.Bool(false),
})
if err != nil {
return err
}
aclRules := []map[string]interface{}{
map[string]interface{}{
"username": osUser.Username,
"index": "index2",
"permission": "readwrite",
},
map[string]interface{}{
"username": osUser.Username,
"index": "index3",
"permission": "read",
},
map[string]interface{}{
"username": osUser.Username,
"index": "index5",
"permission": "deny",
},
map[string]interface{}{
"username": osUser2.Username,
"index": "index3",
"permission": "write",
},
map[string]interface{}{
"username": osUser2.Username,
"index": "index7",
"permission": "readwrite",
},
}
var osAclRule []*aiven.OpenSearchAclRule
for key0, val0 := range "TODO: For expression" {
__res, err := aiven.NewOpenSearchAclRule(ctx, fmt.Sprintf("osAclRule-%v", key0), &aiven.OpenSearchAclRuleArgs{
Project: osAclsConfig.Project,
ServiceName: osAclsConfig.ServiceName,
Username: pulumi.String(val0),
Index: pulumi.String(val0),
Permission: pulumi.String(val0),
})
if err != nil {
return err
}
osAclRule = append(osAclRule, __res)
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aiven = Pulumi.Aiven;
return await Deployment.RunAsync(() =>
{
var osUser = new Aiven.OpensearchUser("osUser", new()
{
Project = @var.Aiven_project_name,
ServiceName = aiven_opensearch.Os_test.Service_name,
Username = "documentation-user-1",
});
var osUser2 = new Aiven.OpensearchUser("osUser2", new()
{
Project = @var.Aiven_project_name,
ServiceName = aiven_opensearch.Os_test.Service_name,
Username = "documentation-user-2",
});
var osAclsConfig = new Aiven.OpenSearchAclConfig("osAclsConfig", new()
{
Project = @var.Aiven_project_name,
ServiceName = aiven_opensearch.Os_test.Service_name,
Enabled = true,
ExtendedAcl = false,
});
var aclRules = new[]
{
{
{ "username", osUser.Username },
{ "index", "index2" },
{ "permission", "readwrite" },
},
{
{ "username", osUser.Username },
{ "index", "index3" },
{ "permission", "read" },
},
{
{ "username", osUser.Username },
{ "index", "index5" },
{ "permission", "deny" },
},
{
{ "username", osUser2.Username },
{ "index", "index3" },
{ "permission", "write" },
},
{
{ "username", osUser2.Username },
{ "index", "index7" },
{ "permission", "readwrite" },
},
};
var osAclRule = new List<Aiven.OpenSearchAclRule>();
foreach (var range in aclRules.Select((value, i) => new { Key = i.ToString(), Value = pair.Value }).Select(pair => new { pair.Key, pair.Value }))
{
osAclRule.Add(new Aiven.OpenSearchAclRule($"osAclRule-{range.Key}", new()
{
Project = osAclsConfig.Project,
ServiceName = osAclsConfig.ServiceName,
Username = range.Value.Username,
Index = range.Value.Index,
Permission = range.Value.Permission,
}));
}
});
Coming soon!
resources:
osUser:
type: aiven:OpensearchUser
properties:
project: ${var.aiven_project_name}
serviceName: ${aiven_opensearch.os_test.service_name}
username: documentation-user-1
osUser2:
type: aiven:OpensearchUser
properties:
project: ${var.aiven_project_name}
serviceName: ${aiven_opensearch.os_test.service_name}
username: documentation-user-2
osAclsConfig:
type: aiven:OpenSearchAclConfig
properties:
project: ${var.aiven_project_name}
serviceName: ${aiven_opensearch.os_test.service_name}
enabled: true
extendedAcl: false
osAclRule:
type: aiven:OpenSearchAclRule
properties:
project: ${osAclsConfig.project}
serviceName: ${osAclsConfig.serviceName}
username: ${range.value.username}
index: ${range.value.index}
permission: ${range.value.permission}
options: {}
variables:
aclRules:
- username: ${osUser.username}
index: index2
permission: readwrite
- username: ${osUser.username}
index: index3
permission: read
- username: ${osUser.username}
index: index5
permission: deny
- username: ${osUser2.username}
index: index3
permission: write
- username: ${osUser2.username}
index: index7
permission: readwrite
Create OpenSearchAclRule Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new OpenSearchAclRule(name: string, args: OpenSearchAclRuleArgs, opts?: CustomResourceOptions);@overload
def OpenSearchAclRule(resource_name: str,
args: OpenSearchAclRuleArgs,
opts: Optional[ResourceOptions] = None)
@overload
def OpenSearchAclRule(resource_name: str,
opts: Optional[ResourceOptions] = None,
index: Optional[str] = None,
permission: Optional[str] = None,
project: Optional[str] = None,
service_name: Optional[str] = None,
username: Optional[str] = None)func NewOpenSearchAclRule(ctx *Context, name string, args OpenSearchAclRuleArgs, opts ...ResourceOption) (*OpenSearchAclRule, error)public OpenSearchAclRule(string name, OpenSearchAclRuleArgs args, CustomResourceOptions? opts = null)
public OpenSearchAclRule(String name, OpenSearchAclRuleArgs args)
public OpenSearchAclRule(String name, OpenSearchAclRuleArgs args, CustomResourceOptions options)
type: aiven:OpenSearchAclRule
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args OpenSearchAclRuleArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args OpenSearchAclRuleArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args OpenSearchAclRuleArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args OpenSearchAclRuleArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args OpenSearchAclRuleArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Example
The following reference example uses placeholder values for all input properties.
var openSearchAclRuleResource = new Aiven.OpenSearchAclRule("openSearchAclRuleResource", new()
{
Index = "string",
Permission = "string",
Project = "string",
ServiceName = "string",
Username = "string",
});
example, err := aiven.NewOpenSearchAclRule(ctx, "openSearchAclRuleResource", &aiven.OpenSearchAclRuleArgs{
Index: pulumi.String("string"),
Permission: pulumi.String("string"),
Project: pulumi.String("string"),
ServiceName: pulumi.String("string"),
Username: pulumi.String("string"),
})
var openSearchAclRuleResource = new OpenSearchAclRule("openSearchAclRuleResource", OpenSearchAclRuleArgs.builder()
.index("string")
.permission("string")
.project("string")
.serviceName("string")
.username("string")
.build());
open_search_acl_rule_resource = aiven.OpenSearchAclRule("openSearchAclRuleResource",
index="string",
permission="string",
project="string",
service_name="string",
username="string")
const openSearchAclRuleResource = new aiven.OpenSearchAclRule("openSearchAclRuleResource", {
index: "string",
permission: "string",
project: "string",
serviceName: "string",
username: "string",
});
type: aiven:OpenSearchAclRule
properties:
index: string
permission: string
project: string
serviceName: string
username: string
OpenSearchAclRule Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
The OpenSearchAclRule resource accepts the following input properties:
- Index string
- The index pattern for this ACL entry. Maximum length:
249. Changing this property forces recreation of the resource. - Permission string
- The permissions for this ACL entry. The possible values are
deny,admin,read,readwriteandwrite. - Project string
- Identifies the project this resource belongs to. To set up proper dependencies please refer to this variable as a reference. Changing this property forces recreation of the resource.
- Service
Name string - Specifies the name of the service that this resource belongs to. To set up proper dependencies please refer to this variable as a reference. Changing this property forces recreation of the resource.
- Username string
- The username for the ACL entry. Maximum length:
40. To set up proper dependencies please refer to this variable as a reference. Changing this property forces recreation of the resource.
- Index string
- The index pattern for this ACL entry. Maximum length:
249. Changing this property forces recreation of the resource. - Permission string
- The permissions for this ACL entry. The possible values are
deny,admin,read,readwriteandwrite. - Project string
- Identifies the project this resource belongs to. To set up proper dependencies please refer to this variable as a reference. Changing this property forces recreation of the resource.
- Service
Name string - Specifies the name of the service that this resource belongs to. To set up proper dependencies please refer to this variable as a reference. Changing this property forces recreation of the resource.
- Username string
- The username for the ACL entry. Maximum length:
40. To set up proper dependencies please refer to this variable as a reference. Changing this property forces recreation of the resource.
- index String
- The index pattern for this ACL entry. Maximum length:
249. Changing this property forces recreation of the resource. - permission String
- The permissions for this ACL entry. The possible values are
deny,admin,read,readwriteandwrite. - project String
- Identifies the project this resource belongs to. To set up proper dependencies please refer to this variable as a reference. Changing this property forces recreation of the resource.
- service
Name String - Specifies the name of the service that this resource belongs to. To set up proper dependencies please refer to this variable as a reference. Changing this property forces recreation of the resource.
- username String
- The username for the ACL entry. Maximum length:
40. To set up proper dependencies please refer to this variable as a reference. Changing this property forces recreation of the resource.
- index string
- The index pattern for this ACL entry. Maximum length:
249. Changing this property forces recreation of the resource. - permission string
- The permissions for this ACL entry. The possible values are
deny,admin,read,readwriteandwrite. - project string
- Identifies the project this resource belongs to. To set up proper dependencies please refer to this variable as a reference. Changing this property forces recreation of the resource.
- service
Name string - Specifies the name of the service that this resource belongs to. To set up proper dependencies please refer to this variable as a reference. Changing this property forces recreation of the resource.
- username string
- The username for the ACL entry. Maximum length:
40. To set up proper dependencies please refer to this variable as a reference. Changing this property forces recreation of the resource.
- index str
- The index pattern for this ACL entry. Maximum length:
249. Changing this property forces recreation of the resource. - permission str
- The permissions for this ACL entry. The possible values are
deny,admin,read,readwriteandwrite. - project str
- Identifies the project this resource belongs to. To set up proper dependencies please refer to this variable as a reference. Changing this property forces recreation of the resource.
- service_
name str - Specifies the name of the service that this resource belongs to. To set up proper dependencies please refer to this variable as a reference. Changing this property forces recreation of the resource.
- username str
- The username for the ACL entry. Maximum length:
40. To set up proper dependencies please refer to this variable as a reference. Changing this property forces recreation of the resource.
- index String
- The index pattern for this ACL entry. Maximum length:
249. Changing this property forces recreation of the resource. - permission String
- The permissions for this ACL entry. The possible values are
deny,admin,read,readwriteandwrite. - project String
- Identifies the project this resource belongs to. To set up proper dependencies please refer to this variable as a reference. Changing this property forces recreation of the resource.
- service
Name String - Specifies the name of the service that this resource belongs to. To set up proper dependencies please refer to this variable as a reference. Changing this property forces recreation of the resource.
- username String
- The username for the ACL entry. Maximum length:
40. To set up proper dependencies please refer to this variable as a reference. Changing this property forces recreation of the resource.
Outputs
All input properties are implicitly available as output properties. Additionally, the OpenSearchAclRule resource produces the following output properties:
- Id string
- The provider-assigned unique ID for this managed resource.
- Id string
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
- id string
- The provider-assigned unique ID for this managed resource.
- id str
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
Look up Existing OpenSearchAclRule Resource
Get an existing OpenSearchAclRule resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: OpenSearchAclRuleState, opts?: CustomResourceOptions): OpenSearchAclRule@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
index: Optional[str] = None,
permission: Optional[str] = None,
project: Optional[str] = None,
service_name: Optional[str] = None,
username: Optional[str] = None) -> OpenSearchAclRulefunc GetOpenSearchAclRule(ctx *Context, name string, id IDInput, state *OpenSearchAclRuleState, opts ...ResourceOption) (*OpenSearchAclRule, error)public static OpenSearchAclRule Get(string name, Input<string> id, OpenSearchAclRuleState? state, CustomResourceOptions? opts = null)public static OpenSearchAclRule get(String name, Output<String> id, OpenSearchAclRuleState state, CustomResourceOptions options)Resource lookup is not supported in YAML- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Index string
- The index pattern for this ACL entry. Maximum length:
249. Changing this property forces recreation of the resource. - Permission string
- The permissions for this ACL entry. The possible values are
deny,admin,read,readwriteandwrite. - Project string
- Identifies the project this resource belongs to. To set up proper dependencies please refer to this variable as a reference. Changing this property forces recreation of the resource.
- Service
Name string - Specifies the name of the service that this resource belongs to. To set up proper dependencies please refer to this variable as a reference. Changing this property forces recreation of the resource.
- Username string
- The username for the ACL entry. Maximum length:
40. To set up proper dependencies please refer to this variable as a reference. Changing this property forces recreation of the resource.
- Index string
- The index pattern for this ACL entry. Maximum length:
249. Changing this property forces recreation of the resource. - Permission string
- The permissions for this ACL entry. The possible values are
deny,admin,read,readwriteandwrite. - Project string
- Identifies the project this resource belongs to. To set up proper dependencies please refer to this variable as a reference. Changing this property forces recreation of the resource.
- Service
Name string - Specifies the name of the service that this resource belongs to. To set up proper dependencies please refer to this variable as a reference. Changing this property forces recreation of the resource.
- Username string
- The username for the ACL entry. Maximum length:
40. To set up proper dependencies please refer to this variable as a reference. Changing this property forces recreation of the resource.
- index String
- The index pattern for this ACL entry. Maximum length:
249. Changing this property forces recreation of the resource. - permission String
- The permissions for this ACL entry. The possible values are
deny,admin,read,readwriteandwrite. - project String
- Identifies the project this resource belongs to. To set up proper dependencies please refer to this variable as a reference. Changing this property forces recreation of the resource.
- service
Name String - Specifies the name of the service that this resource belongs to. To set up proper dependencies please refer to this variable as a reference. Changing this property forces recreation of the resource.
- username String
- The username for the ACL entry. Maximum length:
40. To set up proper dependencies please refer to this variable as a reference. Changing this property forces recreation of the resource.
- index string
- The index pattern for this ACL entry. Maximum length:
249. Changing this property forces recreation of the resource. - permission string
- The permissions for this ACL entry. The possible values are
deny,admin,read,readwriteandwrite. - project string
- Identifies the project this resource belongs to. To set up proper dependencies please refer to this variable as a reference. Changing this property forces recreation of the resource.
- service
Name string - Specifies the name of the service that this resource belongs to. To set up proper dependencies please refer to this variable as a reference. Changing this property forces recreation of the resource.
- username string
- The username for the ACL entry. Maximum length:
40. To set up proper dependencies please refer to this variable as a reference. Changing this property forces recreation of the resource.
- index str
- The index pattern for this ACL entry. Maximum length:
249. Changing this property forces recreation of the resource. - permission str
- The permissions for this ACL entry. The possible values are
deny,admin,read,readwriteandwrite. - project str
- Identifies the project this resource belongs to. To set up proper dependencies please refer to this variable as a reference. Changing this property forces recreation of the resource.
- service_
name str - Specifies the name of the service that this resource belongs to. To set up proper dependencies please refer to this variable as a reference. Changing this property forces recreation of the resource.
- username str
- The username for the ACL entry. Maximum length:
40. To set up proper dependencies please refer to this variable as a reference. Changing this property forces recreation of the resource.
- index String
- The index pattern for this ACL entry. Maximum length:
249. Changing this property forces recreation of the resource. - permission String
- The permissions for this ACL entry. The possible values are
deny,admin,read,readwriteandwrite. - project String
- Identifies the project this resource belongs to. To set up proper dependencies please refer to this variable as a reference. Changing this property forces recreation of the resource.
- service
Name String - Specifies the name of the service that this resource belongs to. To set up proper dependencies please refer to this variable as a reference. Changing this property forces recreation of the resource.
- username String
- The username for the ACL entry. Maximum length:
40. To set up proper dependencies please refer to this variable as a reference. Changing this property forces recreation of the resource.
Import
$ pulumi import aiven:index/openSearchAclRule:OpenSearchAclRule os_acl_rule project/service_name/username/index
To learn more about importing existing cloud resources, see Importing resources.
Package Details
- Repository
- Aiven pulumi/pulumi-aiven
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
aivenTerraform Provider.