Docs
Packagesaiven.OpenSearchAclRule
Explore with Pulumi AI
The OpenSearch ACL Rule resource models a single ACL Rule for an Aiven OpenSearch service.
Example Usage
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aiven = Pulumi.Aiven;
return await Deployment.RunAsync(() =>
{
var osUser = new Aiven.OpensearchUser("osUser", new()
{
Project = @var.Aiven_project_name,
ServiceName = aiven_opensearch.Os_test.Service_name,
Username = "documentation-user-1",
});
var osUser2 = new Aiven.OpensearchUser("osUser2", new()
{
Project = @var.Aiven_project_name,
ServiceName = aiven_opensearch.Os_test.Service_name,
Username = "documentation-user-2",
});
var osAclsConfig = new Aiven.OpenSearchAclConfig("osAclsConfig", new()
{
Project = @var.Aiven_project_name,
ServiceName = aiven_opensearch.Os_test.Service_name,
Enabled = true,
ExtendedAcl = false,
});
var aclRules = new[]
{
{
{ "username", osUser.Username },
{ "index", "index2" },
{ "permission", "readwrite" },
},
{
{ "username", osUser.Username },
{ "index", "index3" },
{ "permission", "read" },
},
{
{ "username", osUser.Username },
{ "index", "index5" },
{ "permission", "deny" },
},
{
{ "username", osUser2.Username },
{ "index", "index3" },
{ "permission", "write" },
},
{
{ "username", osUser2.Username },
{ "index", "index7" },
{ "permission", "readwrite" },
},
};
var osAclRule = new List<Aiven.OpenSearchAclRule>();
foreach (var range in aclRules.Select((value, i) => new { Key = i.ToString(), Value = pair.Value }).Select(pair => new { pair.Key, pair.Value }))
{
osAclRule.Add(new Aiven.OpenSearchAclRule($"osAclRule-{range.Key}", new()
{
Project = osAclsConfig.Project,
ServiceName = osAclsConfig.ServiceName,
Username = range.Value.Username,
Index = range.Value.Index,
Permission = range.Value.Permission,
}));
}
});
package main
import (
"github.com/pulumi/pulumi-aiven/sdk/v6/go/aiven"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
osUser, err := aiven.NewOpensearchUser(ctx, "osUser", &aiven.OpensearchUserArgs{
Project: pulumi.Any(_var.Aiven_project_name),
ServiceName: pulumi.Any(aiven_opensearch.Os_test.Service_name),
Username: pulumi.String("documentation-user-1"),
})
if err != nil {
return err
}
osUser2, err := aiven.NewOpensearchUser(ctx, "osUser2", &aiven.OpensearchUserArgs{
Project: pulumi.Any(_var.Aiven_project_name),
ServiceName: pulumi.Any(aiven_opensearch.Os_test.Service_name),
Username: pulumi.String("documentation-user-2"),
})
if err != nil {
return err
}
osAclsConfig, err := aiven.NewOpenSearchAclConfig(ctx, "osAclsConfig", &aiven.OpenSearchAclConfigArgs{
Project: pulumi.Any(_var.Aiven_project_name),
ServiceName: pulumi.Any(aiven_opensearch.Os_test.Service_name),
Enabled: pulumi.Bool(true),
ExtendedAcl: pulumi.Bool(false),
})
if err != nil {
return err
}
aclRules := []map[string]interface{}{
map[string]interface{}{
"username": osUser.Username,
"index": "index2",
"permission": "readwrite",
},
map[string]interface{}{
"username": osUser.Username,
"index": "index3",
"permission": "read",
},
map[string]interface{}{
"username": osUser.Username,
"index": "index5",
"permission": "deny",
},
map[string]interface{}{
"username": osUser2.Username,
"index": "index3",
"permission": "write",
},
map[string]interface{}{
"username": osUser2.Username,
"index": "index7",
"permission": "readwrite",
},
}
var osAclRule []*aiven.OpenSearchAclRule
for key0, val0 := range "TODO: For expression" {
__res, err := aiven.NewOpenSearchAclRule(ctx, fmt.Sprintf("osAclRule-%v", key0), &aiven.OpenSearchAclRuleArgs{
Project: osAclsConfig.Project,
ServiceName: osAclsConfig.ServiceName,
Username: pulumi.String(val0),
Index: pulumi.String(val0),
Permission: pulumi.String(val0),
})
if err != nil {
return err
}
osAclRule = append(osAclRule, __res)
}
return nil
})
}
Coming soon!
import pulumi
import pulumi_aiven as aiven
os_user = aiven.OpensearchUser("osUser",
project=var["aiven_project_name"],
service_name=aiven_opensearch["os_test"]["service_name"],
username="documentation-user-1")
os_user2 = aiven.OpensearchUser("osUser2",
project=var["aiven_project_name"],
service_name=aiven_opensearch["os_test"]["service_name"],
username="documentation-user-2")
os_acls_config = aiven.OpenSearchAclConfig("osAclsConfig",
project=var["aiven_project_name"],
service_name=aiven_opensearch["os_test"]["service_name"],
enabled=True,
extended_acl=False)
acl_rules = [
{
"username": os_user.username,
"index": "index2",
"permission": "readwrite",
},
{
"username": os_user.username,
"index": "index3",
"permission": "read",
},
{
"username": os_user.username,
"index": "index5",
"permission": "deny",
},
{
"username": os_user2.username,
"index": "index3",
"permission": "write",
},
{
"username": os_user2.username,
"index": "index7",
"permission": "readwrite",
},
]
os_acl_rule = []
def create_os_acl_rule(range_body):
for range in [{"key": k, "value": v} for [k, v] in enumerate(range_body)]:
os_acl_rule.append(aiven.OpenSearchAclRule(f"osAclRule-{range['key']}",
project=os_acls_config.project,
service_name=os_acls_config.service_name,
username=range["value"]["username"],
index=range["value"]["index"],
permission=range["value"]["permission"]))
pulumi.Output.all({i: v for i, v in acl_rules}).apply(lambda resolved_outputs: create_os_acl_rule(resolved_outputs[0]))
import * as pulumi from "@pulumi/pulumi";
import * as aiven from "@pulumi/aiven";
const osUser = new aiven.OpensearchUser("osUser", {
project: _var.aiven_project_name,
serviceName: aiven_opensearch.os_test.service_name,
username: "documentation-user-1",
});
const osUser2 = new aiven.OpensearchUser("osUser2", {
project: _var.aiven_project_name,
serviceName: aiven_opensearch.os_test.service_name,
username: "documentation-user-2",
});
const osAclsConfig = new aiven.OpenSearchAclConfig("osAclsConfig", {
project: _var.aiven_project_name,
serviceName: aiven_opensearch.os_test.service_name,
enabled: true,
extendedAcl: false,
});
const aclRules = [
{
username: osUser.username,
index: "index2",
permission: "readwrite",
},
{
username: osUser.username,
index: "index3",
permission: "read",
},
{
username: osUser.username,
index: "index5",
permission: "deny",
},
{
username: osUser2.username,
index: "index3",
permission: "write",
},
{
username: osUser2.username,
index: "index7",
permission: "readwrite",
},
];
const osAclRule: aiven.OpenSearchAclRule[] = [];
pulumi.all(aclRules.map((v, k) => [k, v]).reduce((__obj, [, ]) => ({ ...__obj, [i]: v }))).apply(rangeBody => {
for (const range of Object.entries(rangeBody).map(([k, v]) => ({key: k, value: v}))) {
osAclRule.push(new aiven.OpenSearchAclRule(`osAclRule-${range.key}`, {
project: osAclsConfig.project,
serviceName: osAclsConfig.serviceName,
username: range.value.username,
index: range.value.index,
permission: range.value.permission,
}));
}
});
resources:
osUser:
type: aiven:OpensearchUser
properties:
project: ${var.aiven_project_name}
serviceName: ${aiven_opensearch.os_test.service_name}
username: documentation-user-1
osUser2:
type: aiven:OpensearchUser
properties:
project: ${var.aiven_project_name}
serviceName: ${aiven_opensearch.os_test.service_name}
username: documentation-user-2
osAclsConfig:
type: aiven:OpenSearchAclConfig
properties:
project: ${var.aiven_project_name}
serviceName: ${aiven_opensearch.os_test.service_name}
enabled: true
extendedAcl: false
osAclRule:
type: aiven:OpenSearchAclRule
properties:
project: ${osAclsConfig.project}
serviceName: ${osAclsConfig.serviceName}
username: ${range.value.username}
index: ${range.value.index}
permission: ${range.value.permission}
options: {}
variables:
aclRules:
- username: ${osUser.username}
index: index2
permission: readwrite
- username: ${osUser.username}
index: index3
permission: read
- username: ${osUser.username}
index: index5
permission: deny
- username: ${osUser2.username}
index: index3
permission: write
- username: ${osUser2.username}
index: index7
permission: readwrite
Create OpenSearchAclRule Resource
new OpenSearchAclRule(name: string, args: OpenSearchAclRuleArgs, opts?: CustomResourceOptions);@overload
def OpenSearchAclRule(resource_name: str,
opts: Optional[ResourceOptions] = None,
index: Optional[str] = None,
permission: Optional[str] = None,
project: Optional[str] = None,
service_name: Optional[str] = None,
username: Optional[str] = None)
@overload
def OpenSearchAclRule(resource_name: str,
args: OpenSearchAclRuleArgs,
opts: Optional[ResourceOptions] = None)func NewOpenSearchAclRule(ctx *Context, name string, args OpenSearchAclRuleArgs, opts ...ResourceOption) (*OpenSearchAclRule, error)public OpenSearchAclRule(string name, OpenSearchAclRuleArgs args, CustomResourceOptions? opts = null)
public OpenSearchAclRule(String name, OpenSearchAclRuleArgs args)
public OpenSearchAclRule(String name, OpenSearchAclRuleArgs args, CustomResourceOptions options)
type: aiven:OpenSearchAclRule
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args OpenSearchAclRuleArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args OpenSearchAclRuleArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args OpenSearchAclRuleArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args OpenSearchAclRuleArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args OpenSearchAclRuleArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
OpenSearchAclRule Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
The OpenSearchAclRule resource accepts the following input properties:
- Index string
The index pattern for this ACL entry. Maximum length:
249. This property cannot be changed, doing so forces recreation of the resource.- Permission string
The permissions for this ACL entry. The possible values are
deny,admin,read,readwriteandwrite.- Project string
Identifies the project this resource belongs to. To set up proper dependencies please refer to this variable as a reference. This property cannot be changed, doing so forces recreation of the resource.
- Service
Name string Specifies the name of the service that this resource belongs to. To set up proper dependencies please refer to this variable as a reference. This property cannot be changed, doing so forces recreation of the resource.
- Username string
The username for the ACL entry. Maximum length:
40. To set up proper dependencies please refer to this variable as a reference. This property cannot be changed, doing so forces recreation of the resource.
- Index string
The index pattern for this ACL entry. Maximum length:
249. This property cannot be changed, doing so forces recreation of the resource.- Permission string
The permissions for this ACL entry. The possible values are
deny,admin,read,readwriteandwrite.- Project string
Identifies the project this resource belongs to. To set up proper dependencies please refer to this variable as a reference. This property cannot be changed, doing so forces recreation of the resource.
- Service
Name string Specifies the name of the service that this resource belongs to. To set up proper dependencies please refer to this variable as a reference. This property cannot be changed, doing so forces recreation of the resource.
- Username string
The username for the ACL entry. Maximum length:
40. To set up proper dependencies please refer to this variable as a reference. This property cannot be changed, doing so forces recreation of the resource.
- index String
The index pattern for this ACL entry. Maximum length:
249. This property cannot be changed, doing so forces recreation of the resource.- permission String
The permissions for this ACL entry. The possible values are
deny,admin,read,readwriteandwrite.- project String
Identifies the project this resource belongs to. To set up proper dependencies please refer to this variable as a reference. This property cannot be changed, doing so forces recreation of the resource.
- service
Name String Specifies the name of the service that this resource belongs to. To set up proper dependencies please refer to this variable as a reference. This property cannot be changed, doing so forces recreation of the resource.
- username String
The username for the ACL entry. Maximum length:
40. To set up proper dependencies please refer to this variable as a reference. This property cannot be changed, doing so forces recreation of the resource.
- index string
The index pattern for this ACL entry. Maximum length:
249. This property cannot be changed, doing so forces recreation of the resource.- permission string
The permissions for this ACL entry. The possible values are
deny,admin,read,readwriteandwrite.- project string
Identifies the project this resource belongs to. To set up proper dependencies please refer to this variable as a reference. This property cannot be changed, doing so forces recreation of the resource.
- service
Name string Specifies the name of the service that this resource belongs to. To set up proper dependencies please refer to this variable as a reference. This property cannot be changed, doing so forces recreation of the resource.
- username string
The username for the ACL entry. Maximum length:
40. To set up proper dependencies please refer to this variable as a reference. This property cannot be changed, doing so forces recreation of the resource.
- index str
The index pattern for this ACL entry. Maximum length:
249. This property cannot be changed, doing so forces recreation of the resource.- permission str
The permissions for this ACL entry. The possible values are
deny,admin,read,readwriteandwrite.- project str
Identifies the project this resource belongs to. To set up proper dependencies please refer to this variable as a reference. This property cannot be changed, doing so forces recreation of the resource.
- service_
name str Specifies the name of the service that this resource belongs to. To set up proper dependencies please refer to this variable as a reference. This property cannot be changed, doing so forces recreation of the resource.
- username str
The username for the ACL entry. Maximum length:
40. To set up proper dependencies please refer to this variable as a reference. This property cannot be changed, doing so forces recreation of the resource.
- index String
The index pattern for this ACL entry. Maximum length:
249. This property cannot be changed, doing so forces recreation of the resource.- permission String
The permissions for this ACL entry. The possible values are
deny,admin,read,readwriteandwrite.- project String
Identifies the project this resource belongs to. To set up proper dependencies please refer to this variable as a reference. This property cannot be changed, doing so forces recreation of the resource.
- service
Name String Specifies the name of the service that this resource belongs to. To set up proper dependencies please refer to this variable as a reference. This property cannot be changed, doing so forces recreation of the resource.
- username String
The username for the ACL entry. Maximum length:
40. To set up proper dependencies please refer to this variable as a reference. This property cannot be changed, doing so forces recreation of the resource.
Outputs
All input properties are implicitly available as output properties. Additionally, the OpenSearchAclRule resource produces the following output properties:
- Id string
The provider-assigned unique ID for this managed resource.
- Id string
The provider-assigned unique ID for this managed resource.
- id String
The provider-assigned unique ID for this managed resource.
- id string
The provider-assigned unique ID for this managed resource.
- id str
The provider-assigned unique ID for this managed resource.
- id String
The provider-assigned unique ID for this managed resource.
Look up Existing OpenSearchAclRule Resource
Get an existing OpenSearchAclRule resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: OpenSearchAclRuleState, opts?: CustomResourceOptions): OpenSearchAclRule@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
index: Optional[str] = None,
permission: Optional[str] = None,
project: Optional[str] = None,
service_name: Optional[str] = None,
username: Optional[str] = None) -> OpenSearchAclRulefunc GetOpenSearchAclRule(ctx *Context, name string, id IDInput, state *OpenSearchAclRuleState, opts ...ResourceOption) (*OpenSearchAclRule, error)public static OpenSearchAclRule Get(string name, Input<string> id, OpenSearchAclRuleState? state, CustomResourceOptions? opts = null)public static OpenSearchAclRule get(String name, Output<String> id, OpenSearchAclRuleState state, CustomResourceOptions options)Resource lookup is not supported in YAML- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Index string
The index pattern for this ACL entry. Maximum length:
249. This property cannot be changed, doing so forces recreation of the resource.- Permission string
The permissions for this ACL entry. The possible values are
deny,admin,read,readwriteandwrite.- Project string
Identifies the project this resource belongs to. To set up proper dependencies please refer to this variable as a reference. This property cannot be changed, doing so forces recreation of the resource.
- Service
Name string Specifies the name of the service that this resource belongs to. To set up proper dependencies please refer to this variable as a reference. This property cannot be changed, doing so forces recreation of the resource.
- Username string
The username for the ACL entry. Maximum length:
40. To set up proper dependencies please refer to this variable as a reference. This property cannot be changed, doing so forces recreation of the resource.
- Index string
The index pattern for this ACL entry. Maximum length:
249. This property cannot be changed, doing so forces recreation of the resource.- Permission string
The permissions for this ACL entry. The possible values are
deny,admin,read,readwriteandwrite.- Project string
Identifies the project this resource belongs to. To set up proper dependencies please refer to this variable as a reference. This property cannot be changed, doing so forces recreation of the resource.
- Service
Name string Specifies the name of the service that this resource belongs to. To set up proper dependencies please refer to this variable as a reference. This property cannot be changed, doing so forces recreation of the resource.
- Username string
The username for the ACL entry. Maximum length:
40. To set up proper dependencies please refer to this variable as a reference. This property cannot be changed, doing so forces recreation of the resource.
- index String
The index pattern for this ACL entry. Maximum length:
249. This property cannot be changed, doing so forces recreation of the resource.- permission String
The permissions for this ACL entry. The possible values are
deny,admin,read,readwriteandwrite.- project String
Identifies the project this resource belongs to. To set up proper dependencies please refer to this variable as a reference. This property cannot be changed, doing so forces recreation of the resource.
- service
Name String Specifies the name of the service that this resource belongs to. To set up proper dependencies please refer to this variable as a reference. This property cannot be changed, doing so forces recreation of the resource.
- username String
The username for the ACL entry. Maximum length:
40. To set up proper dependencies please refer to this variable as a reference. This property cannot be changed, doing so forces recreation of the resource.
- index string
The index pattern for this ACL entry. Maximum length:
249. This property cannot be changed, doing so forces recreation of the resource.- permission string
The permissions for this ACL entry. The possible values are
deny,admin,read,readwriteandwrite.- project string
Identifies the project this resource belongs to. To set up proper dependencies please refer to this variable as a reference. This property cannot be changed, doing so forces recreation of the resource.
- service
Name string Specifies the name of the service that this resource belongs to. To set up proper dependencies please refer to this variable as a reference. This property cannot be changed, doing so forces recreation of the resource.
- username string
The username for the ACL entry. Maximum length:
40. To set up proper dependencies please refer to this variable as a reference. This property cannot be changed, doing so forces recreation of the resource.
- index str
The index pattern for this ACL entry. Maximum length:
249. This property cannot be changed, doing so forces recreation of the resource.- permission str
The permissions for this ACL entry. The possible values are
deny,admin,read,readwriteandwrite.- project str
Identifies the project this resource belongs to. To set up proper dependencies please refer to this variable as a reference. This property cannot be changed, doing so forces recreation of the resource.
- service_
name str Specifies the name of the service that this resource belongs to. To set up proper dependencies please refer to this variable as a reference. This property cannot be changed, doing so forces recreation of the resource.
- username str
The username for the ACL entry. Maximum length:
40. To set up proper dependencies please refer to this variable as a reference. This property cannot be changed, doing so forces recreation of the resource.
- index String
The index pattern for this ACL entry. Maximum length:
249. This property cannot be changed, doing so forces recreation of the resource.- permission String
The permissions for this ACL entry. The possible values are
deny,admin,read,readwriteandwrite.- project String
Identifies the project this resource belongs to. To set up proper dependencies please refer to this variable as a reference. This property cannot be changed, doing so forces recreation of the resource.
- service
Name String Specifies the name of the service that this resource belongs to. To set up proper dependencies please refer to this variable as a reference. This property cannot be changed, doing so forces recreation of the resource.
- username String
The username for the ACL entry. Maximum length:
40. To set up proper dependencies please refer to this variable as a reference. This property cannot be changed, doing so forces recreation of the resource.
Import
$ pulumi import aiven:index/openSearchAclRule:OpenSearchAclRule os_acl_rule project/service_name/username/index
Package Details
- Repository
- Aiven pulumi/pulumi-aiven
- License
- Apache-2.0
- Notes
This Pulumi package is based on the
aivenTerraform Provider.