pulumi-aws-kotlin/com.pulumi.aws.elasticsearch.kotlin/DomainPolicyArgs

DomainPolicyArgs

data class DomainPolicyArgs(val accessPolicies: Output<String>? = null, val domainName: Output<String>? = null) : ConvertibleToJava<DomainPolicyArgs>

Allows setting policy to an Elasticsearch domain while referencing domain attributes (e.g., ARN)

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const example = new aws.elasticsearch.Domain("example", {
    domainName: "tf-test",
    elasticsearchVersion: "2.3",
});
const main = new aws.elasticsearch.DomainPolicy("main", {
    domainName: example.domainName,
    accessPolicies: pulumi.interpolate`{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Action": "es:*",
            "Principal": "*",
            "Effect": "Allow",
            "Condition": {
                "IpAddress": {"aws:SourceIp": "127.0.0.1/32"}
            },
            "Resource": "${example.arn}/*"
        }
    ]
}
`,
});
Content copied to clipboard
import pulumi
import pulumi_aws as aws
example = aws.elasticsearch.Domain("example",
    domain_name="tf-test",
    elasticsearch_version="2.3")
main = aws.elasticsearch.DomainPolicy("main",
    domain_name=example.domain_name,
    access_policies=example.arn.apply(lambda arn: f"""{{
    "Version": "2012-10-17",
    "Statement": [
        {{
            "Action": "es:*",
            "Principal": "*",
            "Effect": "Allow",
            "Condition": {{
                "IpAddress": {{"aws:SourceIp": "127.0.0.1/32"}}
            }},
            "Resource": "{arn}/*"
        }}
    ]
}}
"""))
Content copied to clipboard
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;
return await Deployment.RunAsync(() =>
{
    var example = new Aws.ElasticSearch.Domain("example", new()
    {
        DomainName = "tf-test",
        ElasticsearchVersion = "2.3",
    });
    var main = new Aws.ElasticSearch.DomainPolicy("main", new()
    {
        DomainName = example.DomainName,
        AccessPolicies = example.Arn.Apply(arn => @$"{{
    ""Version"": ""2012-10-17"",
    ""Statement"": [
        {{
            ""Action"": ""es:*"",
            ""Principal"": ""*"",
            ""Effect"": ""Allow"",
            ""Condition"": {{
                ""IpAddress"": {{""aws:SourceIp"": ""127.0.0.1/32""}}
            }},
            ""Resource"": ""{arn}/*""
        }}
    ]
}}
"),
    });
});
Content copied to clipboard
package main
import (
	"fmt"
	"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/elasticsearch"
	"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		example, err := elasticsearch.NewDomain(ctx, "example", &elasticsearch.DomainArgs{
			DomainName:           pulumi.String("tf-test"),
			ElasticsearchVersion: pulumi.String("2.3"),
		})
		if err != nil {
			return err
		}
		_, err = elasticsearch.NewDomainPolicy(ctx, "main", &elasticsearch.DomainPolicyArgs{
			DomainName: example.DomainName,
			AccessPolicies: example.Arn.ApplyT(func(arn string) (string, error) {
				return fmt.Sprintf(`{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Action": "es:*",
            "Principal": "*",
            "Effect": "Allow",
            "Condition": {
                "IpAddress": {"aws:SourceIp": "127.0.0.1/32"}
            },
            "Resource": "%v/*"
        }
    ]
}
`, arn), nil
			}).(pulumi.StringOutput),
		})
		if err != nil {
			return err
		}
		return nil
	})
}
Content copied to clipboard
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.elasticsearch.Domain;
import com.pulumi.aws.elasticsearch.DomainArgs;
import com.pulumi.aws.elasticsearch.DomainPolicy;
import com.pulumi.aws.elasticsearch.DomainPolicyArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }
    public static void stack(Context ctx) {
        var example = new Domain("example", DomainArgs.builder()
            .domainName("tf-test")
            .elasticsearchVersion("2.3")
            .build());
        var main = new DomainPolicy("main", DomainPolicyArgs.builder()
            .domainName(example.domainName())
            .accessPolicies(example.arn().applyValue(_arn -> """
{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Action": "es:*",
            "Principal": "*",
            "Effect": "Allow",
            "Condition": {
                "IpAddress": {"aws:SourceIp": "127.0.0.1/32"}
            },
            "Resource": "%s/*"
        }
    ]
}
", _arn)))
            .build());
    }
}
Content copied to clipboard
resources:
  example:
    type: aws:elasticsearch:Domain
    properties:
      domainName: tf-test
      elasticsearchVersion: '2.3'
  main:
    type: aws:elasticsearch:DomainPolicy
    properties:
      domainName: ${example.domainName}
      accessPolicies: |
        {
            "Version": "2012-10-17",
            "Statement": [
                {
                    "Action": "es:*",
                    "Principal": "*",
                    "Effect": "Allow",
                    "Condition": {
                        "IpAddress": {"aws:SourceIp": "127.0.0.1/32"}
                    },
                    "Resource": "${example.arn}/*"
                }
            ]
        }
Content copied to clipboard

Constructors

Link copied to clipboard
constructor(accessPolicies: Output<String>? = null, domainName: Output<String>? = null)

Properties

Link copied to clipboard
val accessPolicies: Output<String>? = null

IAM policy document specifying the access policies for the domain

Link copied to clipboard
val domainName: Output<String>? = null

Name of the domain. //////

Functions

Link copied to clipboard
open override fun toJava(): DomainPolicyArgs