Resource: awsOpensearchDomainPolicy
Allows setting policy to an OpenSearch domain while referencing domain attributes (e.g., ARN).
Example Usage
/*Provider bindings are generated by running cdktf get.
See https://cdk.tf/provider-generation for more details.*/
import * as aws from "./.gen/providers/aws";
const awsOpensearchDomainExample = new aws.opensearchDomain.OpensearchDomain(
this,
"example",
{
domainName: "tf-test",
engineVersion: "OpenSearch_1.1",
}
);
const dataAwsIamPolicyDocumentMain =
new aws.dataAwsIamPolicyDocument.DataAwsIamPolicyDocument(this, "main", {
actions: ["es:*"],
condition: [
{
test: "IpAddress",
values: "127.0.0.1/32",
variable: "aws:SourceIp",
},
],
effect: "Allow",
principals: [
{
identifiers: ["*"],
type: "*",
},
],
resources: [`\${${awsOpensearchDomainExample.arn}}/*`],
});
const awsOpensearchDomainPolicyMain =
new aws.opensearchDomainPolicy.OpensearchDomainPolicy(this, "main_2", {
accessPolicies: dataAwsIamPolicyDocumentMain.json,
domainName: awsOpensearchDomainExample.domainName,
});
/*This allows the Terraform resource name to match the original name. You can remove the call if you don't need them to match.*/
awsOpensearchDomainPolicyMain.overrideLogicalId("main");
Argument Reference
The following arguments are supported:
accessPolicies
- (Optional) IAM policy document specifying the access policies for the domaindomainName
- (Required) Name of the domain.
Attributes Reference
No additional attributes are exported.
Timeouts
update
- (Default180M
)delete
- (Default90M
)