Docs Home
Aiven v6.37.0 published on Thursday, Apr 10, 2025 by Pulumi
aiven.OpenSearchAclRule
Explore with Pulumi AI
The OpenSearch ACL Rule resource models a single ACL Rule for an Aiven OpenSearch service.
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as aiven from "@pulumi/aiven";
const osUser = new aiven.OpensearchUser("os_user", {
project: aivenProjectName,
serviceName: osTest.serviceName,
username: "documentation-user-1",
});
const osUser2 = new aiven.OpensearchUser("os_user_2", {
project: aivenProjectName,
serviceName: osTest.serviceName,
username: "documentation-user-2",
});
const osAclsConfig = new aiven.OpenSearchAclConfig("os_acls_config", {
project: aivenProjectName,
serviceName: osTest.serviceName,
enabled: true,
extendedAcl: false,
});
const aclRules = [
{
username: osUser.username,
index: "index2",
permission: "readwrite",
},
{
username: osUser.username,
index: "index3",
permission: "read",
},
{
username: osUser.username,
index: "index5",
permission: "deny",
},
{
username: osUser2.username,
index: "index3",
permission: "write",
},
{
username: osUser2.username,
index: "index7",
permission: "readwrite",
},
];
const osAclRule: aiven.OpenSearchAclRule[] = [];
pulumi.all(aclRules.map((v, k) => [k, v]).reduce((__obj, [i, v]) => ({ ...__obj, [i]: v }))).apply(rangeBody => {
for (const range of Object.entries(rangeBody).map(([k, v]) => ({key: k, value: v}))) {
osAclRule.push(new aiven.OpenSearchAclRule(`os_acl_rule-${range.key}`, {
project: osAclsConfig.project,
serviceName: osAclsConfig.serviceName,
username: range.value.username,
index: range.value.index,
permission: range.value.permission,
}));
}
});
import pulumi
import pulumi_aiven as aiven
os_user = aiven.OpensearchUser("os_user",
project=aiven_project_name,
service_name=os_test["serviceName"],
username="documentation-user-1")
os_user2 = aiven.OpensearchUser("os_user_2",
project=aiven_project_name,
service_name=os_test["serviceName"],
username="documentation-user-2")
os_acls_config = aiven.OpenSearchAclConfig("os_acls_config",
project=aiven_project_name,
service_name=os_test["serviceName"],
enabled=True,
extended_acl=False)
acl_rules = [
{
"username": os_user.username,
"index": "index2",
"permission": "readwrite",
},
{
"username": os_user.username,
"index": "index3",
"permission": "read",
},
{
"username": os_user.username,
"index": "index5",
"permission": "deny",
},
{
"username": os_user2.username,
"index": "index3",
"permission": "write",
},
{
"username": os_user2.username,
"index": "index7",
"permission": "readwrite",
},
]
os_acl_rule = []
def create_os_acl_rule(range_body):
for range in [{"key": k, "value": v} for [k, v] in enumerate(range_body)]:
os_acl_rule.append(aiven.OpenSearchAclRule(f"os_acl_rule-{range['key']}",
project=os_acls_config.project.apply(lambda project: project),
service_name=os_acls_config.service_name.apply(lambda service_name: service_name),
username=range["value"]["username"],
index=range["value"]["index"],
permission=range["value"]["permission"]))
pulumi.Output.all({i: v for i, v in acl_rules}).apply(lambda resolved_outputs: create_os_acl_rule(resolved_outputs[0]))
Coming soon!
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aiven = Pulumi.Aiven;
return await Deployment.RunAsync(() =>
{
var osUser = new Aiven.OpensearchUser("os_user", new()
{
Project = aivenProjectName,
ServiceName = osTest.ServiceName,
Username = "documentation-user-1",
});
var osUser2 = new Aiven.OpensearchUser("os_user_2", new()
{
Project = aivenProjectName,
ServiceName = osTest.ServiceName,
Username = "documentation-user-2",
});
var osAclsConfig = new Aiven.OpenSearchAclConfig("os_acls_config", new()
{
Project = aivenProjectName,
ServiceName = osTest.ServiceName,
Enabled = true,
ExtendedAcl = false,
});
var aclRules = new[]
{
{
{ "username", osUser.Username },
{ "index", "index2" },
{ "permission", "readwrite" },
},
{
{ "username", osUser.Username },
{ "index", "index3" },
{ "permission", "read" },
},
{
{ "username", osUser.Username },
{ "index", "index5" },
{ "permission", "deny" },
},
{
{ "username", osUser2.Username },
{ "index", "index3" },
{ "permission", "write" },
},
{
{ "username", osUser2.Username },
{ "index", "index7" },
{ "permission", "readwrite" },
},
};
var osAclRule = new List<Aiven.OpenSearchAclRule>();
foreach (var range in aclRules.Select((value, i) => new { Key = i.ToString(), Value = pair.Value }).Select(pair => new { pair.Key, pair.Value }))
{
osAclRule.Add(new Aiven.OpenSearchAclRule($"os_acl_rule-{range.Key}", new()
{
Project = osAclsConfig.Project,
ServiceName = osAclsConfig.ServiceName,
Username = range.Value.Username,
Index = range.Value.Index,
Permission = range.Value.Permission,
}));
}
});
Coming soon!
resources:
osUser:
type: aiven:OpensearchUser
name: os_user
properties:
project: ${aivenProjectName}
serviceName: ${osTest.serviceName}
username: documentation-user-1
osUser2:
type: aiven:OpensearchUser
name: os_user_2
properties:
project: ${aivenProjectName}
serviceName: ${osTest.serviceName}
username: documentation-user-2
osAclsConfig:
type: aiven:OpenSearchAclConfig
name: os_acls_config
properties:
project: ${aivenProjectName}
serviceName: ${osTest.serviceName}
enabled: true
extendedAcl: false
osAclRule:
type: aiven:OpenSearchAclRule
name: os_acl_rule
properties:
project: ${osAclsConfig.project}
serviceName: ${osAclsConfig.serviceName}
username: ${range.value.username}
index: ${range.value.index}
permission: ${range.value.permission}
options: {}
variables:
aclRules:
- username: ${osUser.username}
index: index2
permission: readwrite
- username: ${osUser.username}
index: index3
permission: read
- username: ${osUser.username}
index: index5
permission: deny
- username: ${osUser2.username}
index: index3
permission: write
- username: ${osUser2.username}
index: index7
permission: readwrite
Create OpenSearchAclRule Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new OpenSearchAclRule(name: string, args: OpenSearchAclRuleArgs, opts?: CustomResourceOptions);@overload
def OpenSearchAclRule(resource_name: str,
args: OpenSearchAclRuleArgs,
opts: Optional[ResourceOptions] = None)
@overload
def OpenSearchAclRule(resource_name: str,
opts: Optional[ResourceOptions] = None,
index: Optional[str] = None,
permission: Optional[str] = None,
project: Optional[str] = None,
service_name: Optional[str] = None,
username: Optional[str] = None)func NewOpenSearchAclRule(ctx *Context, name string, args OpenSearchAclRuleArgs, opts ...ResourceOption) (*OpenSearchAclRule, error)public OpenSearchAclRule(string name, OpenSearchAclRuleArgs args, CustomResourceOptions? opts = null)
public OpenSearchAclRule(String name, OpenSearchAclRuleArgs args)
public OpenSearchAclRule(String name, OpenSearchAclRuleArgs args, CustomResourceOptions options)
type: aiven:OpenSearchAclRule
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args OpenSearchAclRuleArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args OpenSearchAclRuleArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args OpenSearchAclRuleArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args OpenSearchAclRuleArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args OpenSearchAclRuleArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var openSearchAclRuleResource = new Aiven.OpenSearchAclRule("openSearchAclRuleResource", new()
{
Index = "string",
Permission = "string",
Project = "string",
ServiceName = "string",
Username = "string",
});
example, err := aiven.NewOpenSearchAclRule(ctx, "openSearchAclRuleResource", &aiven.OpenSearchAclRuleArgs{
Index: pulumi.String("string"),
Permission: pulumi.String("string"),
Project: pulumi.String("string"),
ServiceName: pulumi.String("string"),
Username: pulumi.String("string"),
})
var openSearchAclRuleResource = new OpenSearchAclRule("openSearchAclRuleResource", OpenSearchAclRuleArgs.builder()
.index("string")
.permission("string")
.project("string")
.serviceName("string")
.username("string")
.build());
open_search_acl_rule_resource = aiven.OpenSearchAclRule("openSearchAclRuleResource",
index="string",
permission="string",
project="string",
service_name="string",
username="string")
const openSearchAclRuleResource = new aiven.OpenSearchAclRule("openSearchAclRuleResource", {
index: "string",
permission: "string",
project: "string",
serviceName: "string",
username: "string",
});
type: aiven:OpenSearchAclRule
properties:
index: string
permission: string
project: string
serviceName: string
username: string
OpenSearchAclRule Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The OpenSearchAclRule resource accepts the following input properties:
- Index string
- The index pattern for this ACL entry. Maximum length:
249. Changing this property forces recreation of the resource. - Permission string
- The permissions for this ACL entry. The possible values are
admin,deny,read,readwriteandwrite. - Project string
- The name of the project this resource belongs to. To set up proper dependencies please refer to this variable as a reference. Changing this property forces recreation of the resource.
- Service
Name string - The name of the service that this resource belongs to. To set up proper dependencies please refer to this variable as a reference. Changing this property forces recreation of the resource.
- Username string
- The username for the ACL entry. Maximum length:
40. To set up proper dependencies please refer to this variable as a reference. Changing this property forces recreation of the resource.
- Index string
- The index pattern for this ACL entry. Maximum length:
249. Changing this property forces recreation of the resource. - Permission string
- The permissions for this ACL entry. The possible values are
admin,deny,read,readwriteandwrite. - Project string
- The name of the project this resource belongs to. To set up proper dependencies please refer to this variable as a reference. Changing this property forces recreation of the resource.
- Service
Name string - The name of the service that this resource belongs to. To set up proper dependencies please refer to this variable as a reference. Changing this property forces recreation of the resource.
- Username string
- The username for the ACL entry. Maximum length:
40. To set up proper dependencies please refer to this variable as a reference. Changing this property forces recreation of the resource.
- index String
- The index pattern for this ACL entry. Maximum length:
249. Changing this property forces recreation of the resource. - permission String
- The permissions for this ACL entry. The possible values are
admin,deny,read,readwriteandwrite. - project String
- The name of the project this resource belongs to. To set up proper dependencies please refer to this variable as a reference. Changing this property forces recreation of the resource.
- service
Name String - The name of the service that this resource belongs to. To set up proper dependencies please refer to this variable as a reference. Changing this property forces recreation of the resource.
- username String
- The username for the ACL entry. Maximum length:
40. To set up proper dependencies please refer to this variable as a reference. Changing this property forces recreation of the resource.
- index string
- The index pattern for this ACL entry. Maximum length:
249. Changing this property forces recreation of the resource. - permission string
- The permissions for this ACL entry. The possible values are
admin,deny,read,readwriteandwrite. - project string
- The name of the project this resource belongs to. To set up proper dependencies please refer to this variable as a reference. Changing this property forces recreation of the resource.
- service
Name string - The name of the service that this resource belongs to. To set up proper dependencies please refer to this variable as a reference. Changing this property forces recreation of the resource.
- username string
- The username for the ACL entry. Maximum length:
40. To set up proper dependencies please refer to this variable as a reference. Changing this property forces recreation of the resource.
- index str
- The index pattern for this ACL entry. Maximum length:
249. Changing this property forces recreation of the resource. - permission str
- The permissions for this ACL entry. The possible values are
admin,deny,read,readwriteandwrite. - project str
- The name of the project this resource belongs to. To set up proper dependencies please refer to this variable as a reference. Changing this property forces recreation of the resource.
- service_
name str - The name of the service that this resource belongs to. To set up proper dependencies please refer to this variable as a reference. Changing this property forces recreation of the resource.
- username str
- The username for the ACL entry. Maximum length:
40. To set up proper dependencies please refer to this variable as a reference. Changing this property forces recreation of the resource.
- index String
- The index pattern for this ACL entry. Maximum length:
249. Changing this property forces recreation of the resource. - permission String
- The permissions for this ACL entry. The possible values are
admin,deny,read,readwriteandwrite. - project String
- The name of the project this resource belongs to. To set up proper dependencies please refer to this variable as a reference. Changing this property forces recreation of the resource.
- service
Name String - The name of the service that this resource belongs to. To set up proper dependencies please refer to this variable as a reference. Changing this property forces recreation of the resource.
- username String
- The username for the ACL entry. Maximum length:
40. To set up proper dependencies please refer to this variable as a reference. Changing this property forces recreation of the resource.
Outputs
All input properties are implicitly available as output properties. Additionally, the OpenSearchAclRule resource produces the following output properties:
- Id string
- The provider-assigned unique ID for this managed resource.
- Id string
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
- id string
- The provider-assigned unique ID for this managed resource.
- id str
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
Look up Existing OpenSearchAclRule Resource
Get an existing OpenSearchAclRule resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: OpenSearchAclRuleState, opts?: CustomResourceOptions): OpenSearchAclRule@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
index: Optional[str] = None,
permission: Optional[str] = None,
project: Optional[str] = None,
service_name: Optional[str] = None,
username: Optional[str] = None) -> OpenSearchAclRulefunc GetOpenSearchAclRule(ctx *Context, name string, id IDInput, state *OpenSearchAclRuleState, opts ...ResourceOption) (*OpenSearchAclRule, error)public static OpenSearchAclRule Get(string name, Input<string> id, OpenSearchAclRuleState? state, CustomResourceOptions? opts = null)public static OpenSearchAclRule get(String name, Output<String> id, OpenSearchAclRuleState state, CustomResourceOptions options)resources: _: type: aiven:OpenSearchAclRule get: id: ${id}- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Index string
- The index pattern for this ACL entry. Maximum length:
249. Changing this property forces recreation of the resource. - Permission string
- The permissions for this ACL entry. The possible values are
admin,deny,read,readwriteandwrite. - Project string
- The name of the project this resource belongs to. To set up proper dependencies please refer to this variable as a reference. Changing this property forces recreation of the resource.
- Service
Name string - The name of the service that this resource belongs to. To set up proper dependencies please refer to this variable as a reference. Changing this property forces recreation of the resource.
- Username string
- The username for the ACL entry. Maximum length:
40. To set up proper dependencies please refer to this variable as a reference. Changing this property forces recreation of the resource.
- Index string
- The index pattern for this ACL entry. Maximum length:
249. Changing this property forces recreation of the resource. - Permission string
- The permissions for this ACL entry. The possible values are
admin,deny,read,readwriteandwrite. - Project string
- The name of the project this resource belongs to. To set up proper dependencies please refer to this variable as a reference. Changing this property forces recreation of the resource.
- Service
Name string - The name of the service that this resource belongs to. To set up proper dependencies please refer to this variable as a reference. Changing this property forces recreation of the resource.
- Username string
- The username for the ACL entry. Maximum length:
40. To set up proper dependencies please refer to this variable as a reference. Changing this property forces recreation of the resource.
- index String
- The index pattern for this ACL entry. Maximum length:
249. Changing this property forces recreation of the resource. - permission String
- The permissions for this ACL entry. The possible values are
admin,deny,read,readwriteandwrite. - project String
- The name of the project this resource belongs to. To set up proper dependencies please refer to this variable as a reference. Changing this property forces recreation of the resource.
- service
Name String - The name of the service that this resource belongs to. To set up proper dependencies please refer to this variable as a reference. Changing this property forces recreation of the resource.
- username String
- The username for the ACL entry. Maximum length:
40. To set up proper dependencies please refer to this variable as a reference. Changing this property forces recreation of the resource.
- index string
- The index pattern for this ACL entry. Maximum length:
249. Changing this property forces recreation of the resource. - permission string
- The permissions for this ACL entry. The possible values are
admin,deny,read,readwriteandwrite. - project string
- The name of the project this resource belongs to. To set up proper dependencies please refer to this variable as a reference. Changing this property forces recreation of the resource.
- service
Name string - The name of the service that this resource belongs to. To set up proper dependencies please refer to this variable as a reference. Changing this property forces recreation of the resource.
- username string
- The username for the ACL entry. Maximum length:
40. To set up proper dependencies please refer to this variable as a reference. Changing this property forces recreation of the resource.
- index str
- The index pattern for this ACL entry. Maximum length:
249. Changing this property forces recreation of the resource. - permission str
- The permissions for this ACL entry. The possible values are
admin,deny,read,readwriteandwrite. - project str
- The name of the project this resource belongs to. To set up proper dependencies please refer to this variable as a reference. Changing this property forces recreation of the resource.
- service_
name str - The name of the service that this resource belongs to. To set up proper dependencies please refer to this variable as a reference. Changing this property forces recreation of the resource.
- username str
- The username for the ACL entry. Maximum length:
40. To set up proper dependencies please refer to this variable as a reference. Changing this property forces recreation of the resource.
- index String
- The index pattern for this ACL entry. Maximum length:
249. Changing this property forces recreation of the resource. - permission String
- The permissions for this ACL entry. The possible values are
admin,deny,read,readwriteandwrite. - project String
- The name of the project this resource belongs to. To set up proper dependencies please refer to this variable as a reference. Changing this property forces recreation of the resource.
- service
Name String - The name of the service that this resource belongs to. To set up proper dependencies please refer to this variable as a reference. Changing this property forces recreation of the resource.
- username String
- The username for the ACL entry. Maximum length:
40. To set up proper dependencies please refer to this variable as a reference. Changing this property forces recreation of the resource.
Import
$ pulumi import aiven:index/openSearchAclRule:OpenSearchAclRule os_acl_rule PROJECT/SERVICE_NAME/USERNAME/INDEX
To learn more about importing existing cloud resources, see Importing resources.
Package Details
- Repository
- Aiven pulumi/pulumi-aiven
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
aivenTerraform Provider.