Resource: awsCloudsearchDomainServiceAccessPolicy
Provides an CloudSearch domain service access policy resource.
Terraform waits for the domain service access policy to become active
when applying a configuration.
Example Usage
/*Provider bindings are generated by running cdktf get.
See https://cdk.tf/provider-generation for more details.*/
import * as aws from "./.gen/providers/aws";
const awsCloudsearchDomainExample = new aws.cloudsearchDomain.CloudsearchDomain(
this,
"example",
{
name: "example-domain",
}
);
const dataAwsIamPolicyDocumentExample =
new aws.dataAwsIamPolicyDocument.DataAwsIamPolicyDocument(this, "example_1", {
statement: [
{
actions: ["cloudsearch:search", "cloudsearch:document"],
condition: [
{
test: "IpAddress",
values: ["192.0.2.0/32"],
variable: "aws:SourceIp",
},
],
effect: "Allow",
principals: [
{
identifiers: ["*"],
type: "*",
},
],
sid: "search_only",
},
],
});
/*This allows the Terraform resource name to match the original name. You can remove the call if you don't need them to match.*/
dataAwsIamPolicyDocumentExample.overrideLogicalId("example");
const awsCloudsearchDomainServiceAccessPolicyExample =
new aws.cloudsearchDomainServiceAccessPolicy.CloudsearchDomainServiceAccessPolicy(
this,
"example_2",
{
accessPolicy: dataAwsIamPolicyDocumentExample.json,
domainName: awsCloudsearchDomainExample.id,
}
);
/*This allows the Terraform resource name to match the original name. You can remove the call if you don't need them to match.*/
awsCloudsearchDomainServiceAccessPolicyExample.overrideLogicalId("example");
Argument Reference
The following arguments are supported:
accessPolicy
- (Required) The access rules you want to configure. These rules replace any existing rules. See the AWS documentation for details.domainName
- (Required) The CloudSearch domain name the policy applies to.
Attributes Reference
No additional attributes are exported.
Timeouts
update
- (Default20M
)delete
- (Default20M
)
Import
CloudSearch domain service access policies can be imported using the domain name, e.g.,