OpenSearch
A managed service that makes it easy to deploy, operate, and scale OpenSearch clusters in the AWS Cloud.
Example yaml file:
apiVersion: aws.boundless.software/v1alpha1
kind: OpenSearch
metadata:
name: example-opensearch
spec:
provider:
region: us-east-1
collection:
name: example-collection
type: VECTORSEARCH
networkPolicy:
- rules:
- resourceType: dashboard
resources:
- tst
- resourceType: collection
resources:
- example-collection
accessPolicy:
- principals:
- arn:aws:iam::123456789012:role/example-role
rules:
- resourceType: collection
permissions:
- aoss:DeleteCollectionItems
resources:
- example-collection
encryptionPolicy:
kmsKeyArn: arn:aws:kms:us-east-1:123456789012:key/example-key
rules:
- resourceType: collection
resources:
- example-collection
- example-collection2
domain:
name: example-opensearch
vpcId: vpc-12345678
volumeSize: 100
iamArn: arn:aws:iam::123456789012:role/example-role
clusterConfig:
instanceType: r6g.large.search
instanceCount: 2
masterNodeCount: 2
masterNodeType: m6g.large.search
vpcConfig:
subnetIds:
- subnet-12345678
securityGroupIds:
- sg-12345678
OpenSearchSpec
| Name | Type | Description |
|---|
| provider* | AwsProviderSpec | Provider specifies the AWS provider settings for this OpenSearch domain. Required |
| domain* | DomainSpec | Domain specifies the OpenSearch domain settings. Required |
| collection | CollectionSpec | CollectionSpec specifies the OpenSearch collection settings. Optional |
CollectionSpec
| Name | Type | Description |
|---|
| name* | string | Name is the name of the OpenSearch collection. Required |
| type* | string | Type is the type of the OpenSearch collection. Required |
| accessPolicy | []AccessRuleSpec | Access policy configuration for the collection |
| networkPolicy | []NetworkRuleSpec | Network policy configuration for the collection |
| encryptionPolicy | EncryptionPolicySpec | Encryption policy configuration for the collection |
| tags | map[string]string | Tags specifies the database tags. Optional |
NetworkRuleSpec
| Name | Type | Description |
|---|
| rules | []RuleSpec | Rules is the list of rules to be applied to the OpenSearch collection. Required |
| vpcEndpoint | string | VpcEndpoint is the VPC endpoint to be used by the OpenSearch collection. Optional |
EncryptionPolicySpec
| Name | Type | Description |
|---|
| rules | []RuleSpec | Rules is the list of rules to be applied to the OpenSearch collection. Required |
| kmsKeyArn | string | KmsKeyId is the KMS key ID to be used by the OpenSearch collection. Required |
RuleSpec
| Name | Type | Description |
|---|
| resourceType* | string | ResourceType is the type of the resource to be allowed, Dashboard and collection are the only acceptable inputs. Required |
| resources* | []string | Resource is the resource to be allowed. Required |
| permissions | []string | Permissions is the list of permissions to be allowed. Required for access policy |
AccessRuleSpec
| Name | Type | Description |
|---|
| principals* | []string | Principal is the principal to be allowed. Required |
| rules* | []RuleSpec | Rules is the list of rules to be applied to the OpenSearch collection. Required |
DomainSpec
| Name | Type | Description |
|---|
| name* | string | Name is the name of the OpenSearch domain. Required |
| vpcId* | string | VpcID is the ID of the VPC where the OpenSearch domain should be created. Required |
| iamArn* | string | IamArn is the ARN of the IAM role to be used by the OpenSearch domain. Required |
| volumeSize | int32 | VolumeSize is the size of the volume to be used for the OpenSearch domain. Optional |
| clusterConfig | ClusterConfig | ClusterConfig is the cluster configuration for the OpenSearch domain. Optional |
| vpcConfig | VPCConfig | VPCConfig is the VPC configuration for the OpenSearch domain. Optional |
| tags | map[string]string | Tags are the tags to be applied to the OpenSearch domain. Optional |
VPCConfig
| Name | Type | Description |
|---|
| subnetIds | []string | SubnetIds is the list of subnet IDs to be used for the OpenSearch domain. Optional |
| securityGroupIds | []string | SecurityGroupIds is the list of security group IDs to be used for the OpenSearch domain. Optional |
ClusterConfig
| Name | Type | Description |
|---|
| instanceType* | string | InstanceType is the instance type to be used for the OpenSearch cluster. Optional |
| instanceCount* | int32 | InstanceCount is the number of instances to be used for the OpenSearch cluster. Optional |
| masterNodeCount* | int32 | MasterNodeCount is the number of master nodes to be used for the OpenSearch cluster. Optional |
| masterNodeType* | string | MasterNodeType is the instance type to be used for the OpenSearch master nodes. Optional |
Outputs
OpenSearchStatus
| Name | Type | Description |
|---|
| domain | DomainStatus | Domain provides the current status of this OpenSearch domain |
| collection | CollectionStatus | Collection provides the current status of this OpenSearch collection |
DomainStatus
| Name | Type | Description |
|---|
| condition | metav1.Condition | Condition provides the current condition of this OpenSearch domain |
| arn | string | Arn is the ARN of the OpenSearch domain |
| name | string | Name is the name of the OpenSearch domain |
| endpoint | string | Endpoint is the endpoint of the OpenSearch domain |
CollectionStatus
| Name | Type | Description |
|---|
| condition | metav1.Condition | Condition provides the current condition of this OpenSearch domain |
| arn | string | Arn is the ARN of the OpenSearch domain |
| accessPolicy | AccessPolicyStatus | Current status of the access policy |
| encryptionPolicy | EncryptionPolicyStatus | Current status of the encryption policy |
| networkPolicy | NetworkPolicyStatus | Current status of the network policy |
| id | string | Id is the ID of the OpenSearch domain |
| name | string | Name is the name of the OpenSearch domain |
NetworkPolicyStatus
| Name | Type | Description |
|---|
| condition | metav1.Condition | Current condition of the network policy |
| name | string | Name of the network policy |
| arn | string | ARN of the network policy |
| policyVersion | string | Version of the network policy |
AccessPolicyStatus
| Name | Type | Description |
|---|
| condition | metav1.Condition | Current condition of the access policy |
| name | string | Name of the access policy |
| arn | string | ARN of the access policy |
| policyVersion | string | Version of the access policy |
EncryptionPolicyStatus
| Name | Type | Description |
|---|
| condition | metav1.Condition | Current condition of the encryption policy |
| name | string | Name of the encryption policy |
| arn | string | ARN of the encryption policy |
| policyVersion | string | Version of the encryption policy |
