Manage OpenSearch REST resources from AWS CDK.

Navigation

Verified details

These details have been verified by PyPI
Maintainers
Avatar for tmokmss from gravatar.com tmokmss

Unverified details

These details have not been verified by PyPI
Project links
GitHub Statistics

View statistics for this project via Libraries.io, or by using our public dataset on Google BigQuery

Meta

License: OSI Approved (MIT)

Author: tmokmss<tomookam@live.jp>

Requires: Python ~=3.8

Classifiers

Project description

Custom Resources Library for Amazon OpenSearch Service

An AWS CDK construct library to manage OpenSearch resources via CloudFormation custom resource. This is especially useful if you use fine-grained access control feature on OpenSearch, where you have to create resources such as role or role mapping via OpenSearch REST API.

architecture

Currently supported resources

You can manage any other REST resources via our low level API (ResourceBase class).

Usage

Install it via npm:

npm install opensearch-rest-resources

Then you can create OpenSearch resources using Domain construct.

import { IVpc } from 'aws-cdk-lib/aws-ec2';
import { IRole } from 'aws-cdk-lib/aws-iam';
import { Domain } from 'aws-cdk-lib/aws-opensearchservice';
import { OpenSearchRole, OpenSearchRoleMapping } from 'opensearch-rest-resources';

declare const vpc: IVpc;
declare const backendRole: IRole;
declare const domain: Domain;

const role = new OpenSearchRole(this, 'Role1', {
    vpc,
    domain,
    roleName: 'Role1',
    payload: {
        clusterPermissions: ['indices:data/write/bulk'],
        indexPermissions: [
            {
                indexPatterns: ['*'],
                allowedActions: ['read', 'write', 'index', 'create_index'],
            },
        ],
    }
});

const roleMapping = new OpenSearchRoleMapping(this, 'RoleMapping1', {
    vpc,
    domain,
    roleName: 'Role1',
    payload: {
        backendRoles: [backendRole.roleArn],
    },
    removalPolicy: RemovalPolicy.RETAIN,
});
roleMapping.node.addDependency(role);

Limitation

Currently this library assumes your OpenSearch domain is configured such that:

{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Effect": "Allow",
      "Principal": {
        "AWS": "*"
      },
      "Action": "es:ESHttp*",
      "Resource": "domain-arn/*"
    }
  ]
}

Most of the above follow the current operational best practices of Amazon OpenSearch Service. If you want other configuration supported, please submit an issue.

Project details

Verified details

These details have been verified by PyPI
Maintainers
Avatar for tmokmss from gravatar.com tmokmss

Unverified details

These details have not been verified by PyPI
Project links
GitHub Statistics

View statistics for this project via Libraries.io, or by using our public dataset on Google BigQuery

Meta

License: OSI Approved (MIT)

Author: tmokmss<tomookam@live.jp>

Requires: Python ~=3.8

Classifiers

Release history Release notifications | RSS feed

This version

0.0.10

0.0.9

0.0.8

0.0.7

0.0.6

0.0.5

0.0.4

0.0.3

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

opensearch-rest-resources-0.0.10.tar.gz (98.3 kB view hashes)

Uploaded Source

Built Distribution

opensearch_rest_resources-0.0.10-py3-none-any.whl (96.6 kB view hashes)

Uploaded Python 3

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page