1. Packages
  2. Aiven
  3. API Docs
  4. OpenSearchAclRule
Aiven v6.7.2 published on Tuesday, Oct 31, 2023 by Pulumi

aiven.OpenSearchAclRule

Explore with Pulumi AI

aiven logo
Aiven v6.7.2 published on Tuesday, Oct 31, 2023 by Pulumi

    The OpenSearch ACL Rule resource models a single ACL Rule for an Aiven OpenSearch service.

    Example Usage

    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using Aiven = Pulumi.Aiven;
    
    return await Deployment.RunAsync(() => 
    {
        var osUser = new Aiven.OpensearchUser("osUser", new()
        {
            Project = @var.Aiven_project_name,
            ServiceName = aiven_opensearch.Os_test.Service_name,
            Username = "documentation-user-1",
        });
    
        var osUser2 = new Aiven.OpensearchUser("osUser2", new()
        {
            Project = @var.Aiven_project_name,
            ServiceName = aiven_opensearch.Os_test.Service_name,
            Username = "documentation-user-2",
        });
    
        var osAclsConfig = new Aiven.OpenSearchAclConfig("osAclsConfig", new()
        {
            Project = @var.Aiven_project_name,
            ServiceName = aiven_opensearch.Os_test.Service_name,
            Enabled = true,
            ExtendedAcl = false,
        });
    
        var aclRules = new[]
        {
            
            {
                { "username", osUser.Username },
                { "index", "index2" },
                { "permission", "readwrite" },
            },
            
            {
                { "username", osUser.Username },
                { "index", "index3" },
                { "permission", "read" },
            },
            
            {
                { "username", osUser.Username },
                { "index", "index5" },
                { "permission", "deny" },
            },
            
            {
                { "username", osUser2.Username },
                { "index", "index3" },
                { "permission", "write" },
            },
            
            {
                { "username", osUser2.Username },
                { "index", "index7" },
                { "permission", "readwrite" },
            },
        };
    
        var osAclRule = new List<Aiven.OpenSearchAclRule>();
        foreach (var range in aclRules.Select((value, i) => new { Key = i.ToString(), Value = pair.Value }).Select(pair => new { pair.Key, pair.Value }))
        {
            osAclRule.Add(new Aiven.OpenSearchAclRule($"osAclRule-{range.Key}", new()
            {
                Project = osAclsConfig.Project,
                ServiceName = osAclsConfig.ServiceName,
                Username = range.Value.Username,
                Index = range.Value.Index,
                Permission = range.Value.Permission,
            }));
        }
    });
    
    package main
    
    import (
    	"github.com/pulumi/pulumi-aiven/sdk/v6/go/aiven"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		osUser, err := aiven.NewOpensearchUser(ctx, "osUser", &aiven.OpensearchUserArgs{
    			Project:     pulumi.Any(_var.Aiven_project_name),
    			ServiceName: pulumi.Any(aiven_opensearch.Os_test.Service_name),
    			Username:    pulumi.String("documentation-user-1"),
    		})
    		if err != nil {
    			return err
    		}
    		osUser2, err := aiven.NewOpensearchUser(ctx, "osUser2", &aiven.OpensearchUserArgs{
    			Project:     pulumi.Any(_var.Aiven_project_name),
    			ServiceName: pulumi.Any(aiven_opensearch.Os_test.Service_name),
    			Username:    pulumi.String("documentation-user-2"),
    		})
    		if err != nil {
    			return err
    		}
    		osAclsConfig, err := aiven.NewOpenSearchAclConfig(ctx, "osAclsConfig", &aiven.OpenSearchAclConfigArgs{
    			Project:     pulumi.Any(_var.Aiven_project_name),
    			ServiceName: pulumi.Any(aiven_opensearch.Os_test.Service_name),
    			Enabled:     pulumi.Bool(true),
    			ExtendedAcl: pulumi.Bool(false),
    		})
    		if err != nil {
    			return err
    		}
    		aclRules := []map[string]interface{}{
    			map[string]interface{}{
    				"username":   osUser.Username,
    				"index":      "index2",
    				"permission": "readwrite",
    			},
    			map[string]interface{}{
    				"username":   osUser.Username,
    				"index":      "index3",
    				"permission": "read",
    			},
    			map[string]interface{}{
    				"username":   osUser.Username,
    				"index":      "index5",
    				"permission": "deny",
    			},
    			map[string]interface{}{
    				"username":   osUser2.Username,
    				"index":      "index3",
    				"permission": "write",
    			},
    			map[string]interface{}{
    				"username":   osUser2.Username,
    				"index":      "index7",
    				"permission": "readwrite",
    			},
    		}
    		var osAclRule []*aiven.OpenSearchAclRule
    		for key0, val0 := range "TODO: For expression" {
    			__res, err := aiven.NewOpenSearchAclRule(ctx, fmt.Sprintf("osAclRule-%v", key0), &aiven.OpenSearchAclRuleArgs{
    				Project:     osAclsConfig.Project,
    				ServiceName: osAclsConfig.ServiceName,
    				Username:    pulumi.String(val0),
    				Index:       pulumi.String(val0),
    				Permission:  pulumi.String(val0),
    			})
    			if err != nil {
    				return err
    			}
    			osAclRule = append(osAclRule, __res)
    		}
    		return nil
    	})
    }
    

    Coming soon!

    import pulumi
    import pulumi_aiven as aiven
    
    os_user = aiven.OpensearchUser("osUser",
        project=var["aiven_project_name"],
        service_name=aiven_opensearch["os_test"]["service_name"],
        username="documentation-user-1")
    os_user2 = aiven.OpensearchUser("osUser2",
        project=var["aiven_project_name"],
        service_name=aiven_opensearch["os_test"]["service_name"],
        username="documentation-user-2")
    os_acls_config = aiven.OpenSearchAclConfig("osAclsConfig",
        project=var["aiven_project_name"],
        service_name=aiven_opensearch["os_test"]["service_name"],
        enabled=True,
        extended_acl=False)
    acl_rules = [
        {
            "username": os_user.username,
            "index": "index2",
            "permission": "readwrite",
        },
        {
            "username": os_user.username,
            "index": "index3",
            "permission": "read",
        },
        {
            "username": os_user.username,
            "index": "index5",
            "permission": "deny",
        },
        {
            "username": os_user2.username,
            "index": "index3",
            "permission": "write",
        },
        {
            "username": os_user2.username,
            "index": "index7",
            "permission": "readwrite",
        },
    ]
    os_acl_rule = []
    def create_os_acl_rule(range_body):
        for range in [{"key": k, "value": v} for [k, v] in enumerate(range_body)]:
            os_acl_rule.append(aiven.OpenSearchAclRule(f"osAclRule-{range['key']}",
                project=os_acls_config.project,
                service_name=os_acls_config.service_name,
                username=range["value"]["username"],
                index=range["value"]["index"],
                permission=range["value"]["permission"]))
    
    pulumi.Output.all({i: v for i, v in acl_rules}).apply(lambda resolved_outputs: create_os_acl_rule(resolved_outputs[0]))
    
    import * as pulumi from "@pulumi/pulumi";
    import * as aiven from "@pulumi/aiven";
    
    const osUser = new aiven.OpensearchUser("osUser", {
        project: _var.aiven_project_name,
        serviceName: aiven_opensearch.os_test.service_name,
        username: "documentation-user-1",
    });
    const osUser2 = new aiven.OpensearchUser("osUser2", {
        project: _var.aiven_project_name,
        serviceName: aiven_opensearch.os_test.service_name,
        username: "documentation-user-2",
    });
    const osAclsConfig = new aiven.OpenSearchAclConfig("osAclsConfig", {
        project: _var.aiven_project_name,
        serviceName: aiven_opensearch.os_test.service_name,
        enabled: true,
        extendedAcl: false,
    });
    const aclRules = [
        {
            username: osUser.username,
            index: "index2",
            permission: "readwrite",
        },
        {
            username: osUser.username,
            index: "index3",
            permission: "read",
        },
        {
            username: osUser.username,
            index: "index5",
            permission: "deny",
        },
        {
            username: osUser2.username,
            index: "index3",
            permission: "write",
        },
        {
            username: osUser2.username,
            index: "index7",
            permission: "readwrite",
        },
    ];
    const osAclRule: aiven.OpenSearchAclRule[] = [];
    pulumi.all(aclRules.map((v, k) => [k, v]).reduce((__obj, [, ]) => ({ ...__obj, [i]: v }))).apply(rangeBody => {
        for (const range of Object.entries(rangeBody).map(([k, v]) => ({key: k, value: v}))) {
            osAclRule.push(new aiven.OpenSearchAclRule(`osAclRule-${range.key}`, {
                project: osAclsConfig.project,
                serviceName: osAclsConfig.serviceName,
                username: range.value.username,
                index: range.value.index,
                permission: range.value.permission,
            }));
        }
    });
    
    resources:
      osUser:
        type: aiven:OpensearchUser
        properties:
          project: ${var.aiven_project_name}
          serviceName: ${aiven_opensearch.os_test.service_name}
          username: documentation-user-1
      osUser2:
        type: aiven:OpensearchUser
        properties:
          project: ${var.aiven_project_name}
          serviceName: ${aiven_opensearch.os_test.service_name}
          username: documentation-user-2
      osAclsConfig:
        type: aiven:OpenSearchAclConfig
        properties:
          project: ${var.aiven_project_name}
          serviceName: ${aiven_opensearch.os_test.service_name}
          enabled: true
          extendedAcl: false
      osAclRule:
        type: aiven:OpenSearchAclRule
        properties:
          project: ${osAclsConfig.project}
          serviceName: ${osAclsConfig.serviceName}
          username: ${range.value.username}
          index: ${range.value.index}
          permission: ${range.value.permission}
        options: {}
    variables:
      aclRules:
        - username: ${osUser.username}
          index: index2
          permission: readwrite
        - username: ${osUser.username}
          index: index3
          permission: read
        - username: ${osUser.username}
          index: index5
          permission: deny
        - username: ${osUser2.username}
          index: index3
          permission: write
        - username: ${osUser2.username}
          index: index7
          permission: readwrite
    

    Create OpenSearchAclRule Resource

    new OpenSearchAclRule(name: string, args: OpenSearchAclRuleArgs, opts?: CustomResourceOptions);
    @overload
    def OpenSearchAclRule(resource_name: str,
                          opts: Optional[ResourceOptions] = None,
                          index: Optional[str] = None,
                          permission: Optional[str] = None,
                          project: Optional[str] = None,
                          service_name: Optional[str] = None,
                          username: Optional[str] = None)
    @overload
    def OpenSearchAclRule(resource_name: str,
                          args: OpenSearchAclRuleArgs,
                          opts: Optional[ResourceOptions] = None)
    func NewOpenSearchAclRule(ctx *Context, name string, args OpenSearchAclRuleArgs, opts ...ResourceOption) (*OpenSearchAclRule, error)
    public OpenSearchAclRule(string name, OpenSearchAclRuleArgs args, CustomResourceOptions? opts = null)
    public OpenSearchAclRule(String name, OpenSearchAclRuleArgs args)
    public OpenSearchAclRule(String name, OpenSearchAclRuleArgs args, CustomResourceOptions options)
    
    type: aiven:OpenSearchAclRule
    properties: # The arguments to resource properties.
    options: # Bag of options to control resource's behavior.
    
    
    name string
    The unique name of the resource.
    args OpenSearchAclRuleArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    resource_name str
    The unique name of the resource.
    args OpenSearchAclRuleArgs
    The arguments to resource properties.
    opts ResourceOptions
    Bag of options to control resource's behavior.
    ctx Context
    Context object for the current deployment.
    name string
    The unique name of the resource.
    args OpenSearchAclRuleArgs
    The arguments to resource properties.
    opts ResourceOption
    Bag of options to control resource's behavior.
    name string
    The unique name of the resource.
    args OpenSearchAclRuleArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    name String
    The unique name of the resource.
    args OpenSearchAclRuleArgs
    The arguments to resource properties.
    options CustomResourceOptions
    Bag of options to control resource's behavior.

    OpenSearchAclRule Resource Properties

    To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

    Inputs

    The OpenSearchAclRule resource accepts the following input properties:

    Index string

    The index pattern for this ACL entry. Maximum length: 249. This property cannot be changed, doing so forces recreation of the resource.

    Permission string

    The permissions for this ACL entry. The possible values are deny, admin, read, readwrite and write.

    Project string

    Identifies the project this resource belongs to. To set up proper dependencies please refer to this variable as a reference. This property cannot be changed, doing so forces recreation of the resource.

    ServiceName string

    Specifies the name of the service that this resource belongs to. To set up proper dependencies please refer to this variable as a reference. This property cannot be changed, doing so forces recreation of the resource.

    Username string

    The username for the ACL entry. Maximum length: 40. To set up proper dependencies please refer to this variable as a reference. This property cannot be changed, doing so forces recreation of the resource.

    Index string

    The index pattern for this ACL entry. Maximum length: 249. This property cannot be changed, doing so forces recreation of the resource.

    Permission string

    The permissions for this ACL entry. The possible values are deny, admin, read, readwrite and write.

    Project string

    Identifies the project this resource belongs to. To set up proper dependencies please refer to this variable as a reference. This property cannot be changed, doing so forces recreation of the resource.

    ServiceName string

    Specifies the name of the service that this resource belongs to. To set up proper dependencies please refer to this variable as a reference. This property cannot be changed, doing so forces recreation of the resource.

    Username string

    The username for the ACL entry. Maximum length: 40. To set up proper dependencies please refer to this variable as a reference. This property cannot be changed, doing so forces recreation of the resource.

    index String

    The index pattern for this ACL entry. Maximum length: 249. This property cannot be changed, doing so forces recreation of the resource.

    permission String

    The permissions for this ACL entry. The possible values are deny, admin, read, readwrite and write.

    project String

    Identifies the project this resource belongs to. To set up proper dependencies please refer to this variable as a reference. This property cannot be changed, doing so forces recreation of the resource.

    serviceName String

    Specifies the name of the service that this resource belongs to. To set up proper dependencies please refer to this variable as a reference. This property cannot be changed, doing so forces recreation of the resource.

    username String

    The username for the ACL entry. Maximum length: 40. To set up proper dependencies please refer to this variable as a reference. This property cannot be changed, doing so forces recreation of the resource.

    index string

    The index pattern for this ACL entry. Maximum length: 249. This property cannot be changed, doing so forces recreation of the resource.

    permission string

    The permissions for this ACL entry. The possible values are deny, admin, read, readwrite and write.

    project string

    Identifies the project this resource belongs to. To set up proper dependencies please refer to this variable as a reference. This property cannot be changed, doing so forces recreation of the resource.

    serviceName string

    Specifies the name of the service that this resource belongs to. To set up proper dependencies please refer to this variable as a reference. This property cannot be changed, doing so forces recreation of the resource.

    username string

    The username for the ACL entry. Maximum length: 40. To set up proper dependencies please refer to this variable as a reference. This property cannot be changed, doing so forces recreation of the resource.

    index str

    The index pattern for this ACL entry. Maximum length: 249. This property cannot be changed, doing so forces recreation of the resource.

    permission str

    The permissions for this ACL entry. The possible values are deny, admin, read, readwrite and write.

    project str

    Identifies the project this resource belongs to. To set up proper dependencies please refer to this variable as a reference. This property cannot be changed, doing so forces recreation of the resource.

    service_name str

    Specifies the name of the service that this resource belongs to. To set up proper dependencies please refer to this variable as a reference. This property cannot be changed, doing so forces recreation of the resource.

    username str

    The username for the ACL entry. Maximum length: 40. To set up proper dependencies please refer to this variable as a reference. This property cannot be changed, doing so forces recreation of the resource.

    index String

    The index pattern for this ACL entry. Maximum length: 249. This property cannot be changed, doing so forces recreation of the resource.

    permission String

    The permissions for this ACL entry. The possible values are deny, admin, read, readwrite and write.

    project String

    Identifies the project this resource belongs to. To set up proper dependencies please refer to this variable as a reference. This property cannot be changed, doing so forces recreation of the resource.

    serviceName String

    Specifies the name of the service that this resource belongs to. To set up proper dependencies please refer to this variable as a reference. This property cannot be changed, doing so forces recreation of the resource.

    username String

    The username for the ACL entry. Maximum length: 40. To set up proper dependencies please refer to this variable as a reference. This property cannot be changed, doing so forces recreation of the resource.

    Outputs

    All input properties are implicitly available as output properties. Additionally, the OpenSearchAclRule resource produces the following output properties:

    Id string

    The provider-assigned unique ID for this managed resource.

    Id string

    The provider-assigned unique ID for this managed resource.

    id String

    The provider-assigned unique ID for this managed resource.

    id string

    The provider-assigned unique ID for this managed resource.

    id str

    The provider-assigned unique ID for this managed resource.

    id String

    The provider-assigned unique ID for this managed resource.

    Look up Existing OpenSearchAclRule Resource

    Get an existing OpenSearchAclRule resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

    public static get(name: string, id: Input<ID>, state?: OpenSearchAclRuleState, opts?: CustomResourceOptions): OpenSearchAclRule
    @staticmethod
    def get(resource_name: str,
            id: str,
            opts: Optional[ResourceOptions] = None,
            index: Optional[str] = None,
            permission: Optional[str] = None,
            project: Optional[str] = None,
            service_name: Optional[str] = None,
            username: Optional[str] = None) -> OpenSearchAclRule
    func GetOpenSearchAclRule(ctx *Context, name string, id IDInput, state *OpenSearchAclRuleState, opts ...ResourceOption) (*OpenSearchAclRule, error)
    public static OpenSearchAclRule Get(string name, Input<string> id, OpenSearchAclRuleState? state, CustomResourceOptions? opts = null)
    public static OpenSearchAclRule get(String name, Output<String> id, OpenSearchAclRuleState state, CustomResourceOptions options)
    Resource lookup is not supported in YAML
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    resource_name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    The following state arguments are supported:
    Index string

    The index pattern for this ACL entry. Maximum length: 249. This property cannot be changed, doing so forces recreation of the resource.

    Permission string

    The permissions for this ACL entry. The possible values are deny, admin, read, readwrite and write.

    Project string

    Identifies the project this resource belongs to. To set up proper dependencies please refer to this variable as a reference. This property cannot be changed, doing so forces recreation of the resource.

    ServiceName string

    Specifies the name of the service that this resource belongs to. To set up proper dependencies please refer to this variable as a reference. This property cannot be changed, doing so forces recreation of the resource.

    Username string

    The username for the ACL entry. Maximum length: 40. To set up proper dependencies please refer to this variable as a reference. This property cannot be changed, doing so forces recreation of the resource.

    Index string

    The index pattern for this ACL entry. Maximum length: 249. This property cannot be changed, doing so forces recreation of the resource.

    Permission string

    The permissions for this ACL entry. The possible values are deny, admin, read, readwrite and write.

    Project string

    Identifies the project this resource belongs to. To set up proper dependencies please refer to this variable as a reference. This property cannot be changed, doing so forces recreation of the resource.

    ServiceName string

    Specifies the name of the service that this resource belongs to. To set up proper dependencies please refer to this variable as a reference. This property cannot be changed, doing so forces recreation of the resource.

    Username string

    The username for the ACL entry. Maximum length: 40. To set up proper dependencies please refer to this variable as a reference. This property cannot be changed, doing so forces recreation of the resource.

    index String

    The index pattern for this ACL entry. Maximum length: 249. This property cannot be changed, doing so forces recreation of the resource.

    permission String

    The permissions for this ACL entry. The possible values are deny, admin, read, readwrite and write.

    project String

    Identifies the project this resource belongs to. To set up proper dependencies please refer to this variable as a reference. This property cannot be changed, doing so forces recreation of the resource.

    serviceName String

    Specifies the name of the service that this resource belongs to. To set up proper dependencies please refer to this variable as a reference. This property cannot be changed, doing so forces recreation of the resource.

    username String

    The username for the ACL entry. Maximum length: 40. To set up proper dependencies please refer to this variable as a reference. This property cannot be changed, doing so forces recreation of the resource.

    index string

    The index pattern for this ACL entry. Maximum length: 249. This property cannot be changed, doing so forces recreation of the resource.

    permission string

    The permissions for this ACL entry. The possible values are deny, admin, read, readwrite and write.

    project string

    Identifies the project this resource belongs to. To set up proper dependencies please refer to this variable as a reference. This property cannot be changed, doing so forces recreation of the resource.

    serviceName string

    Specifies the name of the service that this resource belongs to. To set up proper dependencies please refer to this variable as a reference. This property cannot be changed, doing so forces recreation of the resource.

    username string

    The username for the ACL entry. Maximum length: 40. To set up proper dependencies please refer to this variable as a reference. This property cannot be changed, doing so forces recreation of the resource.

    index str

    The index pattern for this ACL entry. Maximum length: 249. This property cannot be changed, doing so forces recreation of the resource.

    permission str

    The permissions for this ACL entry. The possible values are deny, admin, read, readwrite and write.

    project str

    Identifies the project this resource belongs to. To set up proper dependencies please refer to this variable as a reference. This property cannot be changed, doing so forces recreation of the resource.

    service_name str

    Specifies the name of the service that this resource belongs to. To set up proper dependencies please refer to this variable as a reference. This property cannot be changed, doing so forces recreation of the resource.

    username str

    The username for the ACL entry. Maximum length: 40. To set up proper dependencies please refer to this variable as a reference. This property cannot be changed, doing so forces recreation of the resource.

    index String

    The index pattern for this ACL entry. Maximum length: 249. This property cannot be changed, doing so forces recreation of the resource.

    permission String

    The permissions for this ACL entry. The possible values are deny, admin, read, readwrite and write.

    project String

    Identifies the project this resource belongs to. To set up proper dependencies please refer to this variable as a reference. This property cannot be changed, doing so forces recreation of the resource.

    serviceName String

    Specifies the name of the service that this resource belongs to. To set up proper dependencies please refer to this variable as a reference. This property cannot be changed, doing so forces recreation of the resource.

    username String

    The username for the ACL entry. Maximum length: 40. To set up proper dependencies please refer to this variable as a reference. This property cannot be changed, doing so forces recreation of the resource.

    Import

     $ pulumi import aiven:index/openSearchAclRule:OpenSearchAclRule os_acl_rule project/service_name/username/index
    

    Package Details

    Repository
    Aiven pulumi/pulumi-aiven
    License
    Apache-2.0
    Notes

    This Pulumi package is based on the aiven Terraform Provider.

    aiven logo
    Aiven v6.7.2 published on Tuesday, Oct 31, 2023 by Pulumi