Amazon OpenSearch Service

2022/11/08 - Amazon OpenSearch Service - 9 new api methods

Changes  Amazon OpenSearch Service now offers managed VPC endpoints to connect to your Amazon OpenSearch Service VPC-enabled domain in a Virtual Private Cloud (VPC). This feature allows you to privately access OpenSearch Service domain without using public IPs or requiring traffic to traverse the Internet.

ListVpcEndpoints (new) Link ¶

Retrieves all Amazon OpenSearch Service-managed VPC endpoints in the current Amazon Web Services account and Region.

See also: AWS API Documentation

Request Syntax

client.list_vpc_endpoints(
    NextToken='string'
)
type NextToken

string

param NextToken

If your initial ListVpcEndpoints operation returns a nextToken , you can include the returned nextToken in subsequent ListVpcEndpoints operations, which returns results in the next page.

rtype

dict

returns

Response Syntax

{
    'VpcEndpointSummaryList': [
        {
            'VpcEndpointId': 'string',
            'VpcEndpointOwner': 'string',
            'DomainArn': 'string',
            'Status': 'CREATING'|'CREATE_FAILED'|'ACTIVE'|'UPDATING'|'UPDATE_FAILED'|'DELETING'|'DELETE_FAILED'
        },
    ],
    'NextToken': 'string'
}

Response Structure

  • (dict) --

    • VpcEndpointSummaryList (list) --

      Information about each endpoint.

      • (dict) --

        Summary information for an Amazon OpenSearch Service-managed VPC endpoint.

        • VpcEndpointId (string) --

          The unique identifier of the endpoint.

        • VpcEndpointOwner (string) --

          The creator of the endpoint.

        • DomainArn (string) --

          The Amazon Resource Name (ARN) of the domain associated with the endpoint.

        • Status (string) --

          The current status of the endpoint.

    • NextToken (string) --

      When nextToken is returned, there are more results available. The value of nextToken is a unique pagination token for each page. Make the call again using the returned token to retrieve the next page.

UpdateVpcEndpoint (new) Link ¶

Modifies an Amazon OpenSearch Service-managed interface VPC endpoint.

See also: AWS API Documentation

Request Syntax

client.update_vpc_endpoint(
    VpcEndpointId='string',
    VpcOptions={
        'SubnetIds': [
            'string',
        ],
        'SecurityGroupIds': [
            'string',
        ]
    }
)
type VpcEndpointId

string

param VpcEndpointId

[REQUIRED]

The unique identifier of the endpoint.

type VpcOptions

dict

param VpcOptions

[REQUIRED]

The security groups and/or subnets to add, remove, or modify.

  • SubnetIds (list) --

    A list of subnet IDs associated with the VPC endpoints for the domain. If your domain uses multiple Availability Zones, you need to provide two subnet IDs, one per zone. Otherwise, provide only one.

    • (string) --

  • SecurityGroupIds (list) --

    The list of security group IDs associated with the VPC endpoints for the domain. If you do not provide a security group ID, OpenSearch Service uses the default security group for the VPC.

    • (string) --

rtype

dict

returns

Response Syntax

{
    'VpcEndpoint': {
        'VpcEndpointId': 'string',
        'VpcEndpointOwner': 'string',
        'DomainArn': 'string',
        'VpcOptions': {
            'VPCId': 'string',
            'SubnetIds': [
                'string',
            ],
            'AvailabilityZones': [
                'string',
            ],
            'SecurityGroupIds': [
                'string',
            ]
        },
        'Status': 'CREATING'|'CREATE_FAILED'|'ACTIVE'|'UPDATING'|'UPDATE_FAILED'|'DELETING'|'DELETE_FAILED',
        'Endpoint': 'string'
    }
}

Response Structure

  • (dict) --

    • VpcEndpoint (dict) --

      The endpoint to be updated.

      • VpcEndpointId (string) --

        The unique identifier of the endpoint.

      • VpcEndpointOwner (string) --

        The creator of the endpoint.

      • DomainArn (string) --

        The Amazon Resource Name (ARN) of the domain associated with the endpoint.

      • VpcOptions (dict) --

        Options to specify the subnets and security groups for an Amazon OpenSearch Service VPC endpoint.

        • VPCId (string) --

          The ID for your VPC. Amazon VPC generates this value when you create a VPC.

        • SubnetIds (list) --

          A list of subnet IDs associated with the VPC endpoints for the domain.

          • (string) --

        • AvailabilityZones (list) --

          The list of Availability Zones associated with the VPC subnets.

          • (string) --

        • SecurityGroupIds (list) --

          The list of security group IDs associated with the VPC endpoints for the domain.

          • (string) --

      • Status (string) --

        The current status of the endpoint.

      • Endpoint (string) --

        The connection endpoint ID for connecting to the domain.

RevokeVpcEndpointAccess (new) Link ¶

Revokes access to an Amazon OpenSearch Service domain that was provided through an interface VPC endpoint.

See also: AWS API Documentation

Request Syntax

client.revoke_vpc_endpoint_access(
    DomainName='string',
    Account='string'
)
type DomainName

string

param DomainName

[REQUIRED]

The name of the OpenSearch Service domain.

type Account

string

param Account

[REQUIRED]

The account ID to revoke access from.

rtype

dict

returns

Response Syntax

{}

Response Structure

  • (dict) --

ListVpcEndpointAccess (new) Link ¶

Retrieves information about each Amazon Web Services principal that is allowed to access a given Amazon OpenSearch Service domain through the use of an interface VPC endpoint.

See also: AWS API Documentation

Request Syntax

client.list_vpc_endpoint_access(
    DomainName='string',
    NextToken='string'
)
type DomainName

string

param DomainName

[REQUIRED]

The name of the OpenSearch Service domain to retrieve access information for.

type NextToken

string

param NextToken

If your initial ListVpcEndpointAccess operation returns a nextToken , you can include the returned nextToken in subsequent ListVpcEndpointAccess operations, which returns results in the next page.

rtype

dict

returns

Response Syntax

{
    'AuthorizedPrincipalList': [
        {
            'PrincipalType': 'AWS_ACCOUNT'|'AWS_SERVICE',
            'Principal': 'string'
        },
    ],
    'NextToken': 'string'
}

Response Structure

  • (dict) --

    • AuthorizedPrincipalList (list) --

      A list of IAM principals that can currently access the domain.

      • (dict) --

        Information about an Amazon Web Services account or service that has access to an Amazon OpenSearch Service domain through the use of an interface VPC endpoint.

        • PrincipalType (string) --

          The type of principal.

        • Principal (string) --

          The IAM principal that is allowed access to the domain.

    • NextToken (string) --

      When nextToken is returned, there are more results available. The value of nextToken is a unique pagination token for each page. Make the call again using the returned token to retrieve the next page.

DescribeVpcEndpoints (new) Link ¶

Describes one or more Amazon OpenSearch Service-managed VPC endpoints.

See also: AWS API Documentation

Request Syntax

client.describe_vpc_endpoints(
    VpcEndpointIds=[
        'string',
    ]
)
type VpcEndpointIds

list

param VpcEndpointIds

[REQUIRED]

The unique identifiers of the endpoints to get information about.

  • (string) --

rtype

dict

returns

Response Syntax

{
    'VpcEndpoints': [
        {
            'VpcEndpointId': 'string',
            'VpcEndpointOwner': 'string',
            'DomainArn': 'string',
            'VpcOptions': {
                'VPCId': 'string',
                'SubnetIds': [
                    'string',
                ],
                'AvailabilityZones': [
                    'string',
                ],
                'SecurityGroupIds': [
                    'string',
                ]
            },
            'Status': 'CREATING'|'CREATE_FAILED'|'ACTIVE'|'UPDATING'|'UPDATE_FAILED'|'DELETING'|'DELETE_FAILED',
            'Endpoint': 'string'
        },
    ],
    'VpcEndpointErrors': [
        {
            'VpcEndpointId': 'string',
            'ErrorCode': 'ENDPOINT_NOT_FOUND'|'SERVER_ERROR',
            'ErrorMessage': 'string'
        },
    ]
}

Response Structure

  • (dict) --

    • VpcEndpoints (list) --

      Information about each requested VPC endpoint.

      • (dict) --

        The connection endpoint for connecting to an Amazon OpenSearch Service domain through a proxy.

        • VpcEndpointId (string) --

          The unique identifier of the endpoint.

        • VpcEndpointOwner (string) --

          The creator of the endpoint.

        • DomainArn (string) --

          The Amazon Resource Name (ARN) of the domain associated with the endpoint.

        • VpcOptions (dict) --

          Options to specify the subnets and security groups for an Amazon OpenSearch Service VPC endpoint.

          • VPCId (string) --

            The ID for your VPC. Amazon VPC generates this value when you create a VPC.

          • SubnetIds (list) --

            A list of subnet IDs associated with the VPC endpoints for the domain.

            • (string) --

          • AvailabilityZones (list) --

            The list of Availability Zones associated with the VPC subnets.

            • (string) --

          • SecurityGroupIds (list) --

            The list of security group IDs associated with the VPC endpoints for the domain.

            • (string) --

        • Status (string) --

          The current status of the endpoint.

        • Endpoint (string) --

          The connection endpoint ID for connecting to the domain.

    • VpcEndpointErrors (list) --

      Any errors associated with the request.

      • (dict) --

        Error information when attempting to describe an Amazon OpenSearch Service-managed VPC endpoint.

        • VpcEndpointId (string) --

          The unique identifier of the endpoint.

        • ErrorCode (string) --

          The code associated with the error.

        • ErrorMessage (string) --

          A message describing the error.

ListVpcEndpointsForDomain (new) Link ¶

Retrieves all Amazon OpenSearch Service-managed VPC endpoints associated with a particular domain.

See also: AWS API Documentation

Request Syntax

client.list_vpc_endpoints_for_domain(
    DomainName='string',
    NextToken='string'
)
type DomainName

string

param DomainName

[REQUIRED]

The name of the domain to list associated VPC endpoints for.

type NextToken

string

param NextToken

If your initial ListEndpointsForDomain operation returns a nextToken , you can include the returned nextToken in subsequent ListEndpointsForDomain operations, which returns results in the next page.

rtype

dict

returns

Response Syntax

{
    'VpcEndpointSummaryList': [
        {
            'VpcEndpointId': 'string',
            'VpcEndpointOwner': 'string',
            'DomainArn': 'string',
            'Status': 'CREATING'|'CREATE_FAILED'|'ACTIVE'|'UPDATING'|'UPDATE_FAILED'|'DELETING'|'DELETE_FAILED'
        },
    ],
    'NextToken': 'string'
}

Response Structure

  • (dict) --

    • VpcEndpointSummaryList (list) --

      Information about each endpoint associated with the domain.

      • (dict) --

        Summary information for an Amazon OpenSearch Service-managed VPC endpoint.

        • VpcEndpointId (string) --

          The unique identifier of the endpoint.

        • VpcEndpointOwner (string) --

          The creator of the endpoint.

        • DomainArn (string) --

          The Amazon Resource Name (ARN) of the domain associated with the endpoint.

        • Status (string) --

          The current status of the endpoint.

    • NextToken (string) --

      When nextToken is returned, there are more results available. The value of nextToken is a unique pagination token for each page. Make the call again using the returned token to retrieve the next page.

AuthorizeVpcEndpointAccess (new) Link ¶

Provides access to an Amazon OpenSearch Service domain through the use of an interface VPC endpoint.

See also: AWS API Documentation

Request Syntax

client.authorize_vpc_endpoint_access(
    DomainName='string',
    Account='string'
)
type DomainName

string

param DomainName

[REQUIRED]

The name of the OpenSearch Service domain to provide access to.

type Account

string

param Account

[REQUIRED]

The Amazon Web Services account ID to grant access to.

rtype

dict

returns

Response Syntax

{
    'AuthorizedPrincipal': {
        'PrincipalType': 'AWS_ACCOUNT'|'AWS_SERVICE',
        'Principal': 'string'
    }
}

Response Structure

  • (dict) --

    • AuthorizedPrincipal (dict) --

      Information about the Amazon Web Services account or service that was provided access to the domain.

      • PrincipalType (string) --

        The type of principal.

      • Principal (string) --

        The IAM principal that is allowed access to the domain.

CreateVpcEndpoint (new) Link ¶

Creates an Amazon OpenSearch Service-managed VPC endpoint.

See also: AWS API Documentation

Request Syntax

client.create_vpc_endpoint(
    DomainArn='string',
    VpcOptions={
        'SubnetIds': [
            'string',
        ],
        'SecurityGroupIds': [
            'string',
        ]
    },
    ClientToken='string'
)
type DomainArn

string

param DomainArn

[REQUIRED]

The Amazon Resource Name (ARN) of the domain to grant access to.

type VpcOptions

dict

param VpcOptions

[REQUIRED]

Options to specify the subnets and security groups for the endpoint.

  • SubnetIds (list) --

    A list of subnet IDs associated with the VPC endpoints for the domain. If your domain uses multiple Availability Zones, you need to provide two subnet IDs, one per zone. Otherwise, provide only one.

    • (string) --

  • SecurityGroupIds (list) --

    The list of security group IDs associated with the VPC endpoints for the domain. If you do not provide a security group ID, OpenSearch Service uses the default security group for the VPC.

    • (string) --

type ClientToken

string

param ClientToken

Unique, case-sensitive identifier to ensure idempotency of the request.

rtype

dict

returns

Response Syntax

{
    'VpcEndpoint': {
        'VpcEndpointId': 'string',
        'VpcEndpointOwner': 'string',
        'DomainArn': 'string',
        'VpcOptions': {
            'VPCId': 'string',
            'SubnetIds': [
                'string',
            ],
            'AvailabilityZones': [
                'string',
            ],
            'SecurityGroupIds': [
                'string',
            ]
        },
        'Status': 'CREATING'|'CREATE_FAILED'|'ACTIVE'|'UPDATING'|'UPDATE_FAILED'|'DELETING'|'DELETE_FAILED',
        'Endpoint': 'string'
    }
}

Response Structure

  • (dict) --

    • VpcEndpoint (dict) --

      Information about the newly created VPC endpoint.

      • VpcEndpointId (string) --

        The unique identifier of the endpoint.

      • VpcEndpointOwner (string) --

        The creator of the endpoint.

      • DomainArn (string) --

        The Amazon Resource Name (ARN) of the domain associated with the endpoint.

      • VpcOptions (dict) --

        Options to specify the subnets and security groups for an Amazon OpenSearch Service VPC endpoint.

        • VPCId (string) --

          The ID for your VPC. Amazon VPC generates this value when you create a VPC.

        • SubnetIds (list) --

          A list of subnet IDs associated with the VPC endpoints for the domain.

          • (string) --

        • AvailabilityZones (list) --

          The list of Availability Zones associated with the VPC subnets.

          • (string) --

        • SecurityGroupIds (list) --

          The list of security group IDs associated with the VPC endpoints for the domain.

          • (string) --

      • Status (string) --

        The current status of the endpoint.

      • Endpoint (string) --

        The connection endpoint ID for connecting to the domain.

DeleteVpcEndpoint (new) Link ¶

Deletes an Amazon OpenSearch Service-managed interface VPC endpoint.

See also: AWS API Documentation

Request Syntax

client.delete_vpc_endpoint(
    VpcEndpointId='string'
)
type VpcEndpointId

string

param VpcEndpointId

[REQUIRED]

The unique identifier of the endpoint.

rtype

dict

returns

Response Syntax

{
    'VpcEndpointSummary': {
        'VpcEndpointId': 'string',
        'VpcEndpointOwner': 'string',
        'DomainArn': 'string',
        'Status': 'CREATING'|'CREATE_FAILED'|'ACTIVE'|'UPDATING'|'UPDATE_FAILED'|'DELETING'|'DELETE_FAILED'
    }
}

Response Structure

  • (dict) --

    • VpcEndpointSummary (dict) --

      Information about the deleted endpoint, including its current status (DELETING or DELETE_FAILED ).

      • VpcEndpointId (string) --

        The unique identifier of the endpoint.

      • VpcEndpointOwner (string) --

        The creator of the endpoint.

      • DomainArn (string) --

        The Amazon Resource Name (ARN) of the domain associated with the endpoint.

      • Status (string) --

        The current status of the endpoint.