https://pulumi.com
Join Slack
Hi, love pulumi but I could use some guidance with a project I am working on. I am trying to deploy ...
# general
l
Hi, love pulumi but I could use some guidance with a project I am working on. I am trying to deploy AWS OpenSearch Serverless using typescript but Googling doesn't yield a lot of results. I keep running into encryption related errors when deploying to AWS. Anyone know if it's possible to deploy OpenSearch Serverless right now or can provide some insights/working examples?
Copy code
// Create a new encryption policy
const analyticsEncryptionPolicy = new aws_native.opensearchserverless.SecurityPolicy("analytics-encryption-policy", {
  securityPolicyName: "analytics-encryption-policy",
  securityPolicyDescription: "Encryption policy for OpenSearch Serverless",
  keyId: "alias/aws/opensearchserverless",
  keyType: "AWS_OWNED_KEY",
  policy: JSON.stringify({
    accessType: "PUBLIC",
    Type: "Encryption",
    Rules: [
      {
        ResourceType: "*",
        Subject: {
          AWS: "*",
        },
        Effect: "Allow",
        Action: "*",
      },
    ],
  }),
});

// Create a serverless collection for OpenSearch
const elasticsearchServerless = new aws_native.opensearchserverless.Collection("collection", {
  name: "analytics-es-serverless",
  description: "Analytics OpenSearch Serverless Collection",
  collectionType: "TimeSeries",
  encryptionPolicies: [
    {
      securityPolicyName: analyticsEncryptionPolicy.securityPolicyName,
    }
  ],
  networkPolicy: {
    accessType: "PUBLIC",
    resourceType: ["COLLECTION", "DASHBOARD"],
    prefixCollectionNmae: "analytics",
  },
  dataPolicy: {
    policyName: "analytics-data-policy",
    rules: [
      {
        grantedResources: ["index/analytics/*"],
        resourceType: "INDEX",
        permissions: ["aoss:CreateIndex", "aoss:DeleteIndex", "aoss:UpdateIndex", "aoss:ReadIndex", "aossReadDocument", "aoss:WriteDocument"],
        principal: firehoseRole,
      }
    ],
  },
});
3 Views
Open in Slack
PreviousNext
Powered by

Pulumi Community

No matter how you like to participate in developer communities, Pulumi wants to meet you there. If you want to meet other Pulumi users to share use-cases and best practices, contribute code or documentation, see us at an event, or just tell a story about something cool you did with Pulumi, you are part of our community.

Powered by