Docs Home
AWS v6.74.0 published on Wednesday, Mar 26, 2025 by Pulumi
aws.opensearch.ServerlessAccessPolicy
Explore with Pulumi AI
- Example Usage
- Grant all collection and index permissions
- Grant read-only collection and index permissions
- Grant SAML identity permissions
- Create ServerlessAccessPolicy Resource
- Constructor syntax
- Constructor example
- ServerlessAccessPolicy Resource Properties
- Inputs
- Outputs
- Look up Existing ServerlessAccessPolicy Resource
- Import
- Package Details
Resource for managing an AWS OpenSearch Serverless Access Policy. See AWS documentation for data access policies and supported data access policy permissions.
Example Usage
Grant all collection and index permissions
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const current = aws.getCallerIdentity({});
const example = new aws.opensearch.ServerlessAccessPolicy("example", {
name: "example",
type: "data",
description: "read and write permissions",
policy: JSON.stringify([{
Rules: [
{
ResourceType: "index",
Resource: ["index/example-collection/*"],
Permission: ["aoss:*"],
},
{
ResourceType: "collection",
Resource: ["collection/example-collection"],
Permission: ["aoss:*"],
},
],
Principal: [current.then(current => current.arn)],
}]),
});
import pulumi
import json
import pulumi_aws as aws
current = aws.get_caller_identity()
example = aws.opensearch.ServerlessAccessPolicy("example",
name="example",
type="data",
description="read and write permissions",
policy=json.dumps([{
"Rules": [
{
"ResourceType": "index",
"Resource": ["index/example-collection/*"],
"Permission": ["aoss:*"],
},
{
"ResourceType": "collection",
"Resource": ["collection/example-collection"],
"Permission": ["aoss:*"],
},
],
"Principal": [current.arn],
}]))
package main
import (
"encoding/json"
"github.com/pulumi/pulumi-aws/sdk/v6/go/aws"
"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/opensearch"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
current, err := aws.GetCallerIdentity(ctx, &aws.GetCallerIdentityArgs{}, nil)
if err != nil {
return err
}
tmpJSON0, err := json.Marshal([]map[string]interface{}{
map[string]interface{}{
"Rules": []map[string]interface{}{
map[string]interface{}{
"ResourceType": "index",
"Resource": []string{
"index/example-collection/*",
},
"Permission": []string{
"aoss:*",
},
},
map[string]interface{}{
"ResourceType": "collection",
"Resource": []string{
"collection/example-collection",
},
"Permission": []string{
"aoss:*",
},
},
},
"Principal": []*string{
current.Arn,
},
},
})
if err != nil {
return err
}
json0 := string(tmpJSON0)
_, err = opensearch.NewServerlessAccessPolicy(ctx, "example", &opensearch.ServerlessAccessPolicyArgs{
Name: pulumi.String("example"),
Type: pulumi.String("data"),
Description: pulumi.String("read and write permissions"),
Policy: pulumi.String(json0),
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using System.Text.Json;
using Pulumi;
using Aws = Pulumi.Aws;
return await Deployment.RunAsync(() =>
{
var current = Aws.GetCallerIdentity.Invoke();
var example = new Aws.OpenSearch.ServerlessAccessPolicy("example", new()
{
Name = "example",
Type = "data",
Description = "read and write permissions",
Policy = JsonSerializer.Serialize(new[]
{
new Dictionary<string, object?>
{
["Rules"] = new[]
{
new Dictionary<string, object?>
{
["ResourceType"] = "index",
["Resource"] = new[]
{
"index/example-collection/*",
},
["Permission"] = new[]
{
"aoss:*",
},
},
new Dictionary<string, object?>
{
["ResourceType"] = "collection",
["Resource"] = new[]
{
"collection/example-collection",
},
["Permission"] = new[]
{
"aoss:*",
},
},
},
["Principal"] = new[]
{
current.Apply(getCallerIdentityResult => getCallerIdentityResult.Arn),
},
},
}),
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.AwsFunctions;
import com.pulumi.aws.inputs.GetCallerIdentityArgs;
import com.pulumi.aws.opensearch.ServerlessAccessPolicy;
import com.pulumi.aws.opensearch.ServerlessAccessPolicyArgs;
import static com.pulumi.codegen.internal.Serialization.*;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
final var current = AwsFunctions.getCallerIdentity();
var example = new ServerlessAccessPolicy("example", ServerlessAccessPolicyArgs.builder()
.name("example")
.type("data")
.description("read and write permissions")
.policy(serializeJson(
jsonArray(jsonObject(
jsonProperty("Rules", jsonArray(
jsonObject(
jsonProperty("ResourceType", "index"),
jsonProperty("Resource", jsonArray("index/example-collection/*")),
jsonProperty("Permission", jsonArray("aoss:*"))
),
jsonObject(
jsonProperty("ResourceType", "collection"),
jsonProperty("Resource", jsonArray("collection/example-collection")),
jsonProperty("Permission", jsonArray("aoss:*"))
)
)),
jsonProperty("Principal", jsonArray(current.applyValue(getCallerIdentityResult -> getCallerIdentityResult.arn())))
))))
.build());
}
}
resources:
example:
type: aws:opensearch:ServerlessAccessPolicy
properties:
name: example
type: data
description: read and write permissions
policy:
fn::toJSON:
- Rules:
- ResourceType: index
Resource:
- index/example-collection/*
Permission:
- aoss:*
- ResourceType: collection
Resource:
- collection/example-collection
Permission:
- aoss:*
Principal:
- ${current.arn}
variables:
current:
fn::invoke:
function: aws:getCallerIdentity
arguments: {}
Grant read-only collection and index permissions
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const current = aws.getCallerIdentity({});
const example = new aws.opensearch.ServerlessAccessPolicy("example", {
name: "example",
type: "data",
description: "read-only permissions",
policy: JSON.stringify([{
Rules: [
{
ResourceType: "index",
Resource: ["index/example-collection/*"],
Permission: [
"aoss:DescribeIndex",
"aoss:ReadDocument",
],
},
{
ResourceType: "collection",
Resource: ["collection/example-collection"],
Permission: ["aoss:DescribeCollectionItems"],
},
],
Principal: [current.then(current => current.arn)],
}]),
});
import pulumi
import json
import pulumi_aws as aws
current = aws.get_caller_identity()
example = aws.opensearch.ServerlessAccessPolicy("example",
name="example",
type="data",
description="read-only permissions",
policy=json.dumps([{
"Rules": [
{
"ResourceType": "index",
"Resource": ["index/example-collection/*"],
"Permission": [
"aoss:DescribeIndex",
"aoss:ReadDocument",
],
},
{
"ResourceType": "collection",
"Resource": ["collection/example-collection"],
"Permission": ["aoss:DescribeCollectionItems"],
},
],
"Principal": [current.arn],
}]))
package main
import (
"encoding/json"
"github.com/pulumi/pulumi-aws/sdk/v6/go/aws"
"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/opensearch"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
current, err := aws.GetCallerIdentity(ctx, &aws.GetCallerIdentityArgs{}, nil)
if err != nil {
return err
}
tmpJSON0, err := json.Marshal([]map[string]interface{}{
map[string]interface{}{
"Rules": []interface{}{
map[string]interface{}{
"ResourceType": "index",
"Resource": []string{
"index/example-collection/*",
},
"Permission": []string{
"aoss:DescribeIndex",
"aoss:ReadDocument",
},
},
map[string]interface{}{
"ResourceType": "collection",
"Resource": []string{
"collection/example-collection",
},
"Permission": []string{
"aoss:DescribeCollectionItems",
},
},
},
"Principal": []*string{
current.Arn,
},
},
})
if err != nil {
return err
}
json0 := string(tmpJSON0)
_, err = opensearch.NewServerlessAccessPolicy(ctx, "example", &opensearch.ServerlessAccessPolicyArgs{
Name: pulumi.String("example"),
Type: pulumi.String("data"),
Description: pulumi.String("read-only permissions"),
Policy: pulumi.String(json0),
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using System.Text.Json;
using Pulumi;
using Aws = Pulumi.Aws;
return await Deployment.RunAsync(() =>
{
var current = Aws.GetCallerIdentity.Invoke();
var example = new Aws.OpenSearch.ServerlessAccessPolicy("example", new()
{
Name = "example",
Type = "data",
Description = "read-only permissions",
Policy = JsonSerializer.Serialize(new[]
{
new Dictionary<string, object?>
{
["Rules"] = new[]
{
new Dictionary<string, object?>
{
["ResourceType"] = "index",
["Resource"] = new[]
{
"index/example-collection/*",
},
["Permission"] = new[]
{
"aoss:DescribeIndex",
"aoss:ReadDocument",
},
},
new Dictionary<string, object?>
{
["ResourceType"] = "collection",
["Resource"] = new[]
{
"collection/example-collection",
},
["Permission"] = new[]
{
"aoss:DescribeCollectionItems",
},
},
},
["Principal"] = new[]
{
current.Apply(getCallerIdentityResult => getCallerIdentityResult.Arn),
},
},
}),
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.AwsFunctions;
import com.pulumi.aws.inputs.GetCallerIdentityArgs;
import com.pulumi.aws.opensearch.ServerlessAccessPolicy;
import com.pulumi.aws.opensearch.ServerlessAccessPolicyArgs;
import static com.pulumi.codegen.internal.Serialization.*;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
final var current = AwsFunctions.getCallerIdentity();
var example = new ServerlessAccessPolicy("example", ServerlessAccessPolicyArgs.builder()
.name("example")
.type("data")
.description("read-only permissions")
.policy(serializeJson(
jsonArray(jsonObject(
jsonProperty("Rules", jsonArray(
jsonObject(
jsonProperty("ResourceType", "index"),
jsonProperty("Resource", jsonArray("index/example-collection/*")),
jsonProperty("Permission", jsonArray(
"aoss:DescribeIndex",
"aoss:ReadDocument"
))
),
jsonObject(
jsonProperty("ResourceType", "collection"),
jsonProperty("Resource", jsonArray("collection/example-collection")),
jsonProperty("Permission", jsonArray("aoss:DescribeCollectionItems"))
)
)),
jsonProperty("Principal", jsonArray(current.applyValue(getCallerIdentityResult -> getCallerIdentityResult.arn())))
))))
.build());
}
}
resources:
example:
type: aws:opensearch:ServerlessAccessPolicy
properties:
name: example
type: data
description: read-only permissions
policy:
fn::toJSON:
- Rules:
- ResourceType: index
Resource:
- index/example-collection/*
Permission:
- aoss:DescribeIndex
- aoss:ReadDocument
- ResourceType: collection
Resource:
- collection/example-collection
Permission:
- aoss:DescribeCollectionItems
Principal:
- ${current.arn}
variables:
current:
fn::invoke:
function: aws:getCallerIdentity
arguments: {}
Grant SAML identity permissions
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const example = new aws.opensearch.ServerlessAccessPolicy("example", {
name: "example",
type: "data",
description: "saml permissions",
policy: JSON.stringify([{
Rules: [
{
ResourceType: "index",
Resource: ["index/example-collection/*"],
Permission: ["aoss:*"],
},
{
ResourceType: "collection",
Resource: ["collection/example-collection"],
Permission: ["aoss:*"],
},
],
Principal: [
"saml/123456789012/myprovider/user/Annie",
"saml/123456789012/anotherprovider/group/Accounting",
],
}]),
});
import pulumi
import json
import pulumi_aws as aws
example = aws.opensearch.ServerlessAccessPolicy("example",
name="example",
type="data",
description="saml permissions",
policy=json.dumps([{
"Rules": [
{
"ResourceType": "index",
"Resource": ["index/example-collection/*"],
"Permission": ["aoss:*"],
},
{
"ResourceType": "collection",
"Resource": ["collection/example-collection"],
"Permission": ["aoss:*"],
},
],
"Principal": [
"saml/123456789012/myprovider/user/Annie",
"saml/123456789012/anotherprovider/group/Accounting",
],
}]))
package main
import (
"encoding/json"
"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/opensearch"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
tmpJSON0, err := json.Marshal([]map[string]interface{}{
map[string]interface{}{
"Rules": []map[string]interface{}{
map[string]interface{}{
"ResourceType": "index",
"Resource": []string{
"index/example-collection/*",
},
"Permission": []string{
"aoss:*",
},
},
map[string]interface{}{
"ResourceType": "collection",
"Resource": []string{
"collection/example-collection",
},
"Permission": []string{
"aoss:*",
},
},
},
"Principal": []string{
"saml/123456789012/myprovider/user/Annie",
"saml/123456789012/anotherprovider/group/Accounting",
},
},
})
if err != nil {
return err
}
json0 := string(tmpJSON0)
_, err = opensearch.NewServerlessAccessPolicy(ctx, "example", &opensearch.ServerlessAccessPolicyArgs{
Name: pulumi.String("example"),
Type: pulumi.String("data"),
Description: pulumi.String("saml permissions"),
Policy: pulumi.String(json0),
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using System.Text.Json;
using Pulumi;
using Aws = Pulumi.Aws;
return await Deployment.RunAsync(() =>
{
var example = new Aws.OpenSearch.ServerlessAccessPolicy("example", new()
{
Name = "example",
Type = "data",
Description = "saml permissions",
Policy = JsonSerializer.Serialize(new[]
{
new Dictionary<string, object?>
{
["Rules"] = new[]
{
new Dictionary<string, object?>
{
["ResourceType"] = "index",
["Resource"] = new[]
{
"index/example-collection/*",
},
["Permission"] = new[]
{
"aoss:*",
},
},
new Dictionary<string, object?>
{
["ResourceType"] = "collection",
["Resource"] = new[]
{
"collection/example-collection",
},
["Permission"] = new[]
{
"aoss:*",
},
},
},
["Principal"] = new[]
{
"saml/123456789012/myprovider/user/Annie",
"saml/123456789012/anotherprovider/group/Accounting",
},
},
}),
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.opensearch.ServerlessAccessPolicy;
import com.pulumi.aws.opensearch.ServerlessAccessPolicyArgs;
import static com.pulumi.codegen.internal.Serialization.*;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var example = new ServerlessAccessPolicy("example", ServerlessAccessPolicyArgs.builder()
.name("example")
.type("data")
.description("saml permissions")
.policy(serializeJson(
jsonArray(jsonObject(
jsonProperty("Rules", jsonArray(
jsonObject(
jsonProperty("ResourceType", "index"),
jsonProperty("Resource", jsonArray("index/example-collection/*")),
jsonProperty("Permission", jsonArray("aoss:*"))
),
jsonObject(
jsonProperty("ResourceType", "collection"),
jsonProperty("Resource", jsonArray("collection/example-collection")),
jsonProperty("Permission", jsonArray("aoss:*"))
)
)),
jsonProperty("Principal", jsonArray(
"saml/123456789012/myprovider/user/Annie",
"saml/123456789012/anotherprovider/group/Accounting"
))
))))
.build());
}
}
resources:
example:
type: aws:opensearch:ServerlessAccessPolicy
properties:
name: example
type: data
description: saml permissions
policy:
fn::toJSON:
- Rules:
- ResourceType: index
Resource:
- index/example-collection/*
Permission:
- aoss:*
- ResourceType: collection
Resource:
- collection/example-collection
Permission:
- aoss:*
Principal:
- saml/123456789012/myprovider/user/Annie
- saml/123456789012/anotherprovider/group/Accounting
Create ServerlessAccessPolicy Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new ServerlessAccessPolicy(name: string, args: ServerlessAccessPolicyArgs, opts?: CustomResourceOptions);@overload
def ServerlessAccessPolicy(resource_name: str,
args: ServerlessAccessPolicyArgs,
opts: Optional[ResourceOptions] = None)
@overload
def ServerlessAccessPolicy(resource_name: str,
opts: Optional[ResourceOptions] = None,
policy: Optional[str] = None,
type: Optional[str] = None,
description: Optional[str] = None,
name: Optional[str] = None)func NewServerlessAccessPolicy(ctx *Context, name string, args ServerlessAccessPolicyArgs, opts ...ResourceOption) (*ServerlessAccessPolicy, error)public ServerlessAccessPolicy(string name, ServerlessAccessPolicyArgs args, CustomResourceOptions? opts = null)public ServerlessAccessPolicy(String name, ServerlessAccessPolicyArgs args)
public ServerlessAccessPolicy(String name, ServerlessAccessPolicyArgs args, CustomResourceOptions options)
type: aws:opensearch:ServerlessAccessPolicy
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name
This property is required. string - The unique name of the resource.
- args
This property is required. ServerlessAccessPolicyArgs - The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name
This property is required. str - The unique name of the resource.
- args
This property is required. ServerlessAccessPolicyArgs - The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name
This property is required. string - The unique name of the resource.
- args
This property is required. ServerlessAccessPolicyArgs - The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name
This property is required. string - The unique name of the resource.
- args
This property is required. ServerlessAccessPolicyArgs - The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name
This property is required. String - The unique name of the resource.
- args
This property is required. ServerlessAccessPolicyArgs - The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var serverlessAccessPolicyResource = new Aws.OpenSearch.ServerlessAccessPolicy("serverlessAccessPolicyResource", new()
{
Policy = "string",
Type = "string",
Description = "string",
Name = "string",
});
example, err := opensearch.NewServerlessAccessPolicy(ctx, "serverlessAccessPolicyResource", &opensearch.ServerlessAccessPolicyArgs{
Policy: pulumi.String("string"),
Type: pulumi.String("string"),
Description: pulumi.String("string"),
Name: pulumi.String("string"),
})
var serverlessAccessPolicyResource = new ServerlessAccessPolicy("serverlessAccessPolicyResource", ServerlessAccessPolicyArgs.builder()
.policy("string")
.type("string")
.description("string")
.name("string")
.build());
serverless_access_policy_resource = aws.opensearch.ServerlessAccessPolicy("serverlessAccessPolicyResource",
policy="string",
type="string",
description="string",
name="string")
const serverlessAccessPolicyResource = new aws.opensearch.ServerlessAccessPolicy("serverlessAccessPolicyResource", {
policy: "string",
type: "string",
description: "string",
name: "string",
});
type: aws:opensearch:ServerlessAccessPolicy
properties:
description: string
name: string
policy: string
type: string
ServerlessAccessPolicy Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The ServerlessAccessPolicy resource accepts the following input properties:
- Policy
This property is required. string - JSON policy document to use as the content for the new policy
- Type
This property is required. string Type of access policy. Must be
data.The following arguments are optional:
- Description string
- Description of the policy. Typically used to store information about the permissions defined in the policy.
- Name string
- Name of the policy.
- Policy
This property is required. string - JSON policy document to use as the content for the new policy
- Type
This property is required. string Type of access policy. Must be
data.The following arguments are optional:
- Description string
- Description of the policy. Typically used to store information about the permissions defined in the policy.
- Name string
- Name of the policy.
- policy
This property is required. String - JSON policy document to use as the content for the new policy
- type
This property is required. String Type of access policy. Must be
data.The following arguments are optional:
- description String
- Description of the policy. Typically used to store information about the permissions defined in the policy.
- name String
- Name of the policy.
- policy
This property is required. string - JSON policy document to use as the content for the new policy
- type
This property is required. string Type of access policy. Must be
data.The following arguments are optional:
- description string
- Description of the policy. Typically used to store information about the permissions defined in the policy.
- name string
- Name of the policy.
- policy
This property is required. str - JSON policy document to use as the content for the new policy
- type
This property is required. str Type of access policy. Must be
data.The following arguments are optional:
- description str
- Description of the policy. Typically used to store information about the permissions defined in the policy.
- name str
- Name of the policy.
- policy
This property is required. String - JSON policy document to use as the content for the new policy
- type
This property is required. String Type of access policy. Must be
data.The following arguments are optional:
- description String
- Description of the policy. Typically used to store information about the permissions defined in the policy.
- name String
- Name of the policy.
Outputs
All input properties are implicitly available as output properties. Additionally, the ServerlessAccessPolicy resource produces the following output properties:
- Id string
- The provider-assigned unique ID for this managed resource.
- Policy
Version string - Version of the policy.
- Id string
- The provider-assigned unique ID for this managed resource.
- Policy
Version string - Version of the policy.
- id String
- The provider-assigned unique ID for this managed resource.
- policy
Version String - Version of the policy.
- id string
- The provider-assigned unique ID for this managed resource.
- policy
Version string - Version of the policy.
- id str
- The provider-assigned unique ID for this managed resource.
- policy_
version str - Version of the policy.
- id String
- The provider-assigned unique ID for this managed resource.
- policy
Version String - Version of the policy.
Look up Existing ServerlessAccessPolicy Resource
Get an existing ServerlessAccessPolicy resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: ServerlessAccessPolicyState, opts?: CustomResourceOptions): ServerlessAccessPolicy@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
description: Optional[str] = None,
name: Optional[str] = None,
policy: Optional[str] = None,
policy_version: Optional[str] = None,
type: Optional[str] = None) -> ServerlessAccessPolicyfunc GetServerlessAccessPolicy(ctx *Context, name string, id IDInput, state *ServerlessAccessPolicyState, opts ...ResourceOption) (*ServerlessAccessPolicy, error)public static ServerlessAccessPolicy Get(string name, Input<string> id, ServerlessAccessPolicyState? state, CustomResourceOptions? opts = null)public static ServerlessAccessPolicy get(String name, Output<String> id, ServerlessAccessPolicyState state, CustomResourceOptions options)resources: _: type: aws:opensearch:ServerlessAccessPolicy get: id: ${id}- name
This property is required. - The unique name of the resulting resource.
- id
This property is required. - The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
This property is required. - The unique name of the resulting resource.
- id
This property is required. - The unique provider ID of the resource to lookup.
- name
This property is required. - The unique name of the resulting resource.
- id
This property is required. - The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
This property is required. - The unique name of the resulting resource.
- id
This property is required. - The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
This property is required. - The unique name of the resulting resource.
- id
This property is required. - The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
The following state arguments are supported:
- Description string
- Description of the policy. Typically used to store information about the permissions defined in the policy.
- Name string
- Name of the policy.
- Policy string
- JSON policy document to use as the content for the new policy
- Policy
Version string - Version of the policy.
- Type string
Type of access policy. Must be
data.The following arguments are optional:
- Description string
- Description of the policy. Typically used to store information about the permissions defined in the policy.
- Name string
- Name of the policy.
- Policy string
- JSON policy document to use as the content for the new policy
- Policy
Version string - Version of the policy.
- Type string
Type of access policy. Must be
data.The following arguments are optional:
- description String
- Description of the policy. Typically used to store information about the permissions defined in the policy.
- name String
- Name of the policy.
- policy String
- JSON policy document to use as the content for the new policy
- policy
Version String - Version of the policy.
- type String
Type of access policy. Must be
data.The following arguments are optional:
- description string
- Description of the policy. Typically used to store information about the permissions defined in the policy.
- name string
- Name of the policy.
- policy string
- JSON policy document to use as the content for the new policy
- policy
Version string - Version of the policy.
- type string
Type of access policy. Must be
data.The following arguments are optional:
- description str
- Description of the policy. Typically used to store information about the permissions defined in the policy.
- name str
- Name of the policy.
- policy str
- JSON policy document to use as the content for the new policy
- policy_
version str - Version of the policy.
- type str
Type of access policy. Must be
data.The following arguments are optional:
- description String
- Description of the policy. Typically used to store information about the permissions defined in the policy.
- name String
- Name of the policy.
- policy String
- JSON policy document to use as the content for the new policy
- policy
Version String - Version of the policy.
- type String
Type of access policy. Must be
data.The following arguments are optional:
Import
Using pulumi import, import OpenSearchServerless Access Policy using the name and type arguments separated by a slash (/). For example:
$ pulumi import aws:opensearch/serverlessAccessPolicy:ServerlessAccessPolicy example example/data
To learn more about importing existing cloud resources, see Importing resources.
Package Details
- Repository
- AWS Classic pulumi/pulumi-aws
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
awsTerraform Provider.
- Example Usage
- Grant all collection and index permissions
- Grant read-only collection and index permissions
- Grant SAML identity permissions
- Create ServerlessAccessPolicy Resource
- Constructor syntax
- Constructor example
- ServerlessAccessPolicy Resource Properties
- Inputs
- Outputs
- Look up Existing ServerlessAccessPolicy Resource
- Import
- Package Details