2022/11/29 - OpenSearch Service Serverless - 31 new api methods
Changes Publish SDK for Amazon OpenSearch Serverless
Specifies a security configuration for OpenSearch Serverless. For more information, see SAML authentication for Amazon OpenSearch Serverless .
See also: AWS API Documentation
Request Syntax
client.create_security_config(
clientToken='string',
description='string',
name='string',
samlOptions={
'groupAttribute': 'string',
'metadata': 'string',
'sessionTimeout': 123,
'userAttribute': 'string'
},
type='saml'
)
string
Unique, case-sensitive identifier to ensure idempotency of the request.
This field is autopopulated if not provided.
string
A description of the security configuration.
string
[REQUIRED]
The name of the security configuration.
dict
Describes SAML options in in the form of a key-value map.
groupAttribute (string) --
The group attribute for this SAML integration.
metadata (string) -- [REQUIRED]
The XML IdP metadata file generated from your identity provider.
sessionTimeout (integer) --
The session timeout, in minutes. Minimum is 15 minutes and maximum is 1440 minutes (24 hours or 1 day). Default is 60 minutes.
userAttribute (string) --
A user attribute for this SAML integration.
string
[REQUIRED]
The type of security configuration.
dict
Response Syntax
{
'securityConfigDetail': {
'configVersion': 'string',
'createdDate': 123,
'description': 'string',
'id': 'string',
'lastModifiedDate': 123,
'samlOptions': {
'groupAttribute': 'string',
'metadata': 'string',
'sessionTimeout': 123,
'userAttribute': 'string'
},
'type': 'saml'
}
}
Response Structure
(dict) --
securityConfigDetail (dict) --
Details about the created security configuration.
configVersion (string) --
The version of the security configuration.
createdDate (integer) --
The date the configuration was created.
description (string) --
The description of the security configuration.
id (string) --
The unique identifier of the security configuration.
lastModifiedDate (integer) --
The timestamp of when the configuration was last modified.
samlOptions (dict) --
SAML options for the security configuration in the form of a key-value map.
groupAttribute (string) --
The group attribute for this SAML integration.
metadata (string) --
The XML IdP metadata file generated from your identity provider.
sessionTimeout (integer) --
The session timeout, in minutes. Minimum is 15 minutes and maximum is 1440 minutes (24 hours or 1 day). Default is 60 minutes.
userAttribute (string) --
A user attribute for this SAML integration.
type (string) --
The type of security configuration.
Creates a security policy to be used by one or more OpenSearch Serverless collections. Security policies provide access to a collection and its OpenSearch Dashboards endpoint from public networks or specific VPC endpoints. They also allow you to secure a collection with a KMS encryption key. For more information, see Network access for Amazon OpenSearch Serverless and Encryption at rest for Amazon OpenSearch Serverless .
See also: AWS API Documentation
Request Syntax
client.create_security_policy(
clientToken='string',
description='string',
name='string',
policy='string',
type='encryption'|'network'
)
string
Unique, case-sensitive identifier to ensure idempotency of the request.
This field is autopopulated if not provided.
string
A description of the policy. Typically used to store information about the permissions defined in the policy.
string
[REQUIRED]
The name of the policy.
string
[REQUIRED]
The JSON policy document to use as the content for the new policy.
string
[REQUIRED]
The type of security policy.
dict
Response Syntax
{
'securityPolicyDetail': {
'createdDate': 123,
'description': 'string',
'lastModifiedDate': 123,
'name': 'string',
'policy': {},
'policyVersion': 'string',
'type': 'encryption'|'network'
}
}
Response Structure
(dict) --
securityPolicyDetail (dict) --
Details about the created security policy.
createdDate (integer) --
The date the policy was created.
description (string) --
The description of the security policy.
lastModifiedDate (integer) --
The timestamp of when the policy was last modified.
name (string) --
The name of the policy.
policy (dict) --
The JSON policy document without any whitespaces.
policyVersion (string) --
The version of the policy.
type (string) --
The type of security policy.
Updates an OpenSearch Serverless collection.
See also: AWS API Documentation
Request Syntax
client.update_collection(
clientToken='string',
description='string',
id='string'
)
string
Unique, case-sensitive identifier to ensure idempotency of the request.
This field is autopopulated if not provided.
string
A description of the collection.
string
[REQUIRED]
The unique identifier of the collection.
dict
Response Syntax
{
'updateCollectionDetail': {
'arn': 'string',
'createdDate': 123,
'description': 'string',
'id': 'string',
'lastModifiedDate': 123,
'name': 'string',
'status': 'CREATING'|'DELETING'|'ACTIVE'|'FAILED',
'type': 'SEARCH'|'TIMESERIES'
}
}
Response Structure
(dict) --
updateCollectionDetail (dict) --
Details about the updated collection.
arn (string) --
The Amazon Resource Name (ARN) of the collection.
createdDate (integer) --
The date and time when the collection was created.
description (string) --
The description of the collection.
id (string) --
The unique identifier of the collection.
lastModifiedDate (integer) --
The date and time when the collection was last modified.
name (string) --
The name of the collection.
status (string) --
The current status of the collection.
type (string) --
The collection type.
Returns attributes for one or more collections, including the collection endpoint and the OpenSearch Dashboards endpoint. For more information, see Creating and managing Amazon OpenSearch Serverless collections .
See also: AWS API Documentation
Request Syntax
client.batch_get_collection(
ids=[
'string',
],
names=[
'string',
]
)
list
A list of collection IDs. You can't provide names and IDs in the same request. The ID is part of the collection endpoint. You can also retrieve it using the ListCollections API.
(string) --
list
A list of collection names. You can't provide names and IDs in the same request.
(string) --
dict
Response Syntax
{
'collectionDetails': [
{
'arn': 'string',
'collectionEndpoint': 'string',
'createdDate': 123,
'dashboardEndpoint': 'string',
'description': 'string',
'id': 'string',
'kmsKeyArn': 'string',
'lastModifiedDate': 123,
'name': 'string',
'status': 'CREATING'|'DELETING'|'ACTIVE'|'FAILED',
'type': 'SEARCH'|'TIMESERIES'
},
],
'collectionErrorDetails': [
{
'errorCode': 'string',
'errorMessage': 'string',
'id': 'string',
'name': 'string'
},
]
}
Response Structure
(dict) --
collectionDetails (list) --
Details about each collection.
(dict) --
Details about each OpenSearch Serverless collection, including the collection endpoint and the OpenSearch Dashboards endpoint.
arn (string) --
The Amazon Resource Name (ARN) of the collection.
collectionEndpoint (string) --
Collection-specific endpoint used to submit index, search, and data upload requests to an OpenSearch Serverless collection.
createdDate (integer) --
The Epoch time when the collection was created.
dashboardEndpoint (string) --
Collection-specific endpoint used to access OpenSearch Dashboards.
description (string) --
A description of the collection.
id (string) --
A unique identifier for the collection.
kmsKeyArn (string) --
The ARN of the Amazon Web Services KMS key used to encrypt the collection.
lastModifiedDate (integer) --
The date and time when the collection was last modified.
name (string) --
The name of the collection.
status (string) --
The current status of the collection.
type (string) --
The type of collection.
collectionErrorDetails (list) --
Error information for the request.
(dict) --
Error information for an OpenSearch Serverless request.
errorCode (string) --
The error code for the request. For example, NOT_FOUND .
errorMessage (string) --
A description of the error. For example, The specified Collection is not found.
id (string) --
If the request contains collection IDs, the response includes the IDs provided in the request.
name (string) --
If the request contains collection names, the response includes the names provided in the request.
Creates a new OpenSearch Serverless collection. For more information, see Creating and managing Amazon OpenSearch Serverless collections .
See also: AWS API Documentation
Request Syntax
client.create_collection(
clientToken='string',
description='string',
name='string',
tags=[
{
'key': 'string',
'value': 'string'
},
],
type='SEARCH'|'TIMESERIES'
)
string
Unique, case-sensitive identifier to ensure idempotency of the request.
This field is autopopulated if not provided.
string
Description of the collection.
string
[REQUIRED]
Name of the collection.
list
An arbitrary set of tags (key–value pairs) to associate with the OpenSearch Serverless collection.
(dict) --
A map of key-value pairs associated to an OpenSearch Serverless resource.
key (string) -- [REQUIRED]
The key to use in the tag.
value (string) -- [REQUIRED]
The value of the tag.
string
The type of collection.
dict
Response Syntax
{
'createCollectionDetail': {
'arn': 'string',
'createdDate': 123,
'description': 'string',
'id': 'string',
'kmsKeyArn': 'string',
'lastModifiedDate': 123,
'name': 'string',
'status': 'CREATING'|'DELETING'|'ACTIVE'|'FAILED',
'type': 'SEARCH'|'TIMESERIES'
}
}
Response Structure
(dict) --
createCollectionDetail (dict) --
Details about the collection.
arn (string) --
The Amazon Resource Name (ARN) of the collection.
createdDate (integer) --
The Epoch time when the collection was created.
description (string) --
A description of the collection.
id (string) --
The unique identifier of the collection.
kmsKeyArn (string) --
The Amazon Resource Name (ARN) of the KMS key with which to encrypt the collection.
lastModifiedDate (integer) --
The date and time when the collection was last modified.
name (string) --
The name of the collection.
status (string) --
The current status of the collection.
type (string) --
The type of collection.
Returns the tags for an OpenSearch Serverless resource. For more information, see Tagging Amazon OpenSearch Serverless collections .
See also: AWS API Documentation
Request Syntax
client.list_tags_for_resource(
resourceArn='string'
)
string
[REQUIRED]
The Amazon Resource Name (ARN) of the resource. The resource must be active (not in the DELETING state), and must be owned by the account ID included in the request.
dict
Response Syntax
{
'tags': [
{
'key': 'string',
'value': 'string'
},
]
}
Response Structure
(dict) --
tags (list) --
The tags associated with the resource.
(dict) --
A map of key-value pairs associated to an OpenSearch Serverless resource.
key (string) --
The key to use in the tag.
value (string) --
The value of the tag.
Deletes an OpenSearch Serverless-managed interface endpoint. For more information, see Access Amazon OpenSearch Serverless using an interface endpoint .
See also: AWS API Documentation
Request Syntax
client.delete_vpc_endpoint(
clientToken='string',
id='string'
)
string
Unique, case-sensitive identifier to ensure idempotency of the request.
This field is autopopulated if not provided.
string
[REQUIRED]
The VPC endpoint identifier.
dict
Response Syntax
{
'deleteVpcEndpointDetail': {
'id': 'string',
'name': 'string',
'status': 'PENDING'|'DELETING'|'ACTIVE'|'FAILED'
}
}
Response Structure
(dict) --
deleteVpcEndpointDetail (dict) --
Details about the deleted endpoint.
id (string) --
The unique identifier of the endpoint.
name (string) --
The name of the endpoint.
status (string) --
The current status of the endpoint deletion process.
Returns information about a list of OpenSearch Serverless access policies.
See also: AWS API Documentation
Request Syntax
client.list_access_policies(
maxResults=123,
nextToken='string',
resource=[
'string',
],
type='data'
)
integer
An optional parameter that specifies the maximum number of results to return. You can use nextToken to get the next page of results. The default is 20.
string
If your initial ListAccessPolicies operation returns a nextToken , you can include the returned nextToken in subsequent ListAccessPolicies operations, which returns results in the next page.
list
Resource filters (can be collection or indexes) that policies can apply to.
(string) --
string
[REQUIRED]
The type of access policy.
dict
Response Syntax
{
'accessPolicySummaries': [
{
'createdDate': 123,
'description': 'string',
'lastModifiedDate': 123,
'name': 'string',
'policyVersion': 'string',
'type': 'data'
},
],
'nextToken': 'string'
}
Response Structure
(dict) --
accessPolicySummaries (list) --
Details about the requested access policies.
(dict) --
A summary of the data access policy.
createdDate (integer) --
The Epoch time when the access policy was created.
description (string) --
The description of the access policy.
lastModifiedDate (integer) --
The date and time when the collection was last modified.
name (string) --
The name of the access policy.
policyVersion (string) --
The version of the policy.
type (string) --
The type of access policy. Currently the only available type is data .
nextToken (string) --
When nextToken is returned, there are more results available. The value of nextToken is a unique pagination token for each page. Make the call again using the returned token to retrieve the next page.
Associates tags with an OpenSearch Serverless resource. For more information, see Tagging Amazon OpenSearch Serverless collections .
See also: AWS API Documentation
Request Syntax
client.tag_resource(
resourceArn='string',
tags=[
{
'key': 'string',
'value': 'string'
},
]
)
string
[REQUIRED]
The Amazon Resource Name (ARN) of the resource. The resource must be active (not in the DELETING state), and must be owned by the account ID included in the request.
list
[REQUIRED]
A list of tags (key-value pairs) to add to the resource. All tag keys in the request must be unique.
(dict) --
A map of key-value pairs associated to an OpenSearch Serverless resource.
key (string) -- [REQUIRED]
The key to use in the tag.
value (string) -- [REQUIRED]
The value of the tag.
dict
Response Syntax
{}
Response Structure
(dict) --
Updates an OpenSearch Serverless security policy. For more information, see Network access for Amazon OpenSearch Serverless and Encryption at rest for Amazon OpenSearch Serverless .
See also: AWS API Documentation
Request Syntax
client.update_security_policy(
clientToken='string',
description='string',
name='string',
policy='string',
policyVersion='string',
type='encryption'|'network'
)
string
Unique, case-sensitive identifier to ensure idempotency of the request.
This field is autopopulated if not provided.
string
A description of the policy. Typically used to store information about the permissions defined in the policy.
string
[REQUIRED]
The name of the policy.
string
The JSON policy document to use as the content for the new policy.
string
[REQUIRED]
The version of the policy being updated.
string
[REQUIRED]
The type of access policy.
dict
Response Syntax
{
'securityPolicyDetail': {
'createdDate': 123,
'description': 'string',
'lastModifiedDate': 123,
'name': 'string',
'policy': {},
'policyVersion': 'string',
'type': 'encryption'|'network'
}
}
Response Structure
(dict) --
securityPolicyDetail (dict) --
Details about the updated security policy.
createdDate (integer) --
The date the policy was created.
description (string) --
The description of the security policy.
lastModifiedDate (integer) --
The timestamp of when the policy was last modified.
name (string) --
The name of the policy.
policy (dict) --
The JSON policy document without any whitespaces.
policyVersion (string) --
The version of the policy.
type (string) --
The type of security policy.
Removes a tag or set of tags from an OpenSearch Serverless resource. For more information, see Tagging Amazon OpenSearch Serverless collections .
See also: AWS API Documentation
Request Syntax
client.untag_resource(
resourceArn='string',
tagKeys=[
'string',
]
)
string
[REQUIRED]
The Amazon Resource Name (ARN) of the resource to remove tags from. The resource must be active (not in the DELETING state), and must be owned by the account ID included in the request.
list
[REQUIRED]
The tag or set of tags to remove from the resource. All tag keys in the request must be unique.
(string) --
dict
Response Syntax
{}
Response Structure
(dict) --
Returns account-level settings related to OpenSearch Serverless.
See also: AWS API Documentation
Request Syntax
client.get_account_settings()
dict
Response Syntax
{
'accountSettingsDetail': {
'capacityLimits': {
'maxIndexingCapacityInOCU': 123,
'maxSearchCapacityInOCU': 123
}
}
}
Response Structure
(dict) --
accountSettingsDetail (dict) --
OpenSearch Serverless-related details for the current account.
capacityLimits (dict) --
The maximum capacity limits for all OpenSearch Serverless collections, in OpenSearch Compute Units (OCUs). These limits are used to scale your collections based on the current workload. For more information, see Autoscaling .
maxIndexingCapacityInOCU (integer) --
The maximum indexing capacity for collections.
maxSearchCapacityInOCU (integer) --
The maximum search capacity for collections.
Creates an OpenSearch Serverless-managed interface VPC endpoint. For more information, see Access Amazon OpenSearch Serverless using an interface endpoint .
See also: AWS API Documentation
Request Syntax
client.create_vpc_endpoint(
clientToken='string',
name='string',
securityGroupIds=[
'string',
],
subnetIds=[
'string',
],
vpcId='string'
)
string
Unique, case-sensitive identifier to ensure idempotency of the request.
This field is autopopulated if not provided.
string
[REQUIRED]
The name of the interface endpoint.
list
The unique identifiers of the security groups that define the ports, protocols, and sources for inbound traffic that you are authorizing into your endpoint.
(string) --
list
[REQUIRED]
The ID of one or more subnets from which you'll access OpenSearch Serverless.
(string) --
string
[REQUIRED]
The ID of the VPC from which you'll access OpenSearch Serverless.
dict
Response Syntax
{
'createVpcEndpointDetail': {
'id': 'string',
'name': 'string',
'status': 'PENDING'|'DELETING'|'ACTIVE'|'FAILED'
}
}
Response Structure
(dict) --
createVpcEndpointDetail (dict) --
Details about the created interface VPC endpoint.
id (string) --
The unique identifier of the endpoint.
name (string) --
The name of the endpoint.
status (string) --
The current status in the endpoint creation process.
Returns attributes for one or more VPC endpoints associated with the current account. For more information, see Access Amazon OpenSearch Serverless using an interface endpoint .
See also: AWS API Documentation
Request Syntax
client.batch_get_vpc_endpoint(
ids=[
'string',
]
)
list
[REQUIRED]
A list of VPC endpoint identifiers.
(string) --
dict
Response Syntax
{
'vpcEndpointDetails': [
{
'createdDate': 123,
'id': 'string',
'name': 'string',
'securityGroupIds': [
'string',
],
'status': 'PENDING'|'DELETING'|'ACTIVE'|'FAILED',
'subnetIds': [
'string',
],
'vpcId': 'string'
},
],
'vpcEndpointErrorDetails': [
{
'errorCode': 'string',
'errorMessage': 'string',
'id': 'string'
},
]
}
Response Structure
(dict) --
vpcEndpointDetails (list) --
Details about the specified VPC endpoint.
(dict) --
Details about an OpenSearch Serverless-managed interface endpoint.
createdDate (integer) --
The date the endpoint was created.
id (string) --
The unique identifier of the endpoint.
name (string) --
The name of the endpoint.
securityGroupIds (list) --
The unique identifiers of the security groups that define the ports, protocols, and sources for inbound traffic that you are authorizing into your endpoint.
(string) --
status (string) --
The current status of the endpoint.
subnetIds (list) --
The ID of the subnets from which you access OpenSearch Serverless.
(string) --
vpcId (string) --
The ID of the VPC from which you access OpenSearch Serverless
vpcEndpointErrorDetails (list) --
Error information for a failed request.
(dict) --
Error information for a failed BatchGetVpcEndpoint request.
errorCode (string) --
The error code for the failed request.
errorMessage (string) --
An error message describing the reason for the failure.
id (string) --
The unique identifier of the VPC endpoint.
Deletes an OpenSearch Serverless security policy.
See also: AWS API Documentation
Request Syntax
client.delete_security_policy(
clientToken='string',
name='string',
type='encryption'|'network'
)
string
Unique, case-sensitive identifier to ensure idempotency of the request.
This field is autopopulated if not provided.
string
[REQUIRED]
The name of the policy to delete.
string
[REQUIRED]
The type of policy.
dict
Response Syntax
{}
Response Structure
(dict) --
Returns information about an OpenSearch Serverless security configuration. For more information, see SAML authentication for Amazon OpenSearch Serverless .
See also: AWS API Documentation
Request Syntax
client.get_security_config(
id='string'
)
string
[REQUIRED]
The unique identifier of the security configuration.
dict
Response Syntax
{
'securityConfigDetail': {
'configVersion': 'string',
'createdDate': 123,
'description': 'string',
'id': 'string',
'lastModifiedDate': 123,
'samlOptions': {
'groupAttribute': 'string',
'metadata': 'string',
'sessionTimeout': 123,
'userAttribute': 'string'
},
'type': 'saml'
}
}
Response Structure
(dict) --
securityConfigDetail (dict) --
Details of the requested security configuration.
configVersion (string) --
The version of the security configuration.
createdDate (integer) --
The date the configuration was created.
description (string) --
The description of the security configuration.
id (string) --
The unique identifier of the security configuration.
lastModifiedDate (integer) --
The timestamp of when the configuration was last modified.
samlOptions (dict) --
SAML options for the security configuration in the form of a key-value map.
groupAttribute (string) --
The group attribute for this SAML integration.
metadata (string) --
The XML IdP metadata file generated from your identity provider.
sessionTimeout (integer) --
The session timeout, in minutes. Minimum is 15 minutes and maximum is 1440 minutes (24 hours or 1 day). Default is 60 minutes.
userAttribute (string) --
A user attribute for this SAML integration.
type (string) --
The type of security configuration.
Returns an OpenSearch Serverless access policy. For more information, see Data access control for Amazon OpenSearch Serverless .
See also: AWS API Documentation
Request Syntax
client.get_access_policy(
name='string',
type='data'
)
string
[REQUIRED]
The name of the access policy.
string
[REQUIRED]
Tye type of policy. Currently the only supported value is data .
dict
Response Syntax
{
'accessPolicyDetail': {
'createdDate': 123,
'description': 'string',
'lastModifiedDate': 123,
'name': 'string',
'policy': {},
'policyVersion': 'string',
'type': 'data'
}
}
Response Structure
(dict) --
accessPolicyDetail (dict) --
Details about the requested access policy.
createdDate (integer) --
The date the policy was created.
description (string) --
The description of the policy.
lastModifiedDate (integer) --
The timestamp of when the policy was last modified.
name (string) --
The name of the policy.
policy (dict) --
The JSON policy document without any whitespaces.
policyVersion (string) --
The version of the policy.
type (string) --
The type of access policy.
Returns information about configured OpenSearch Serverless security configurations. For more information, see SAML authentication for Amazon OpenSearch Serverless .
See also: AWS API Documentation
Request Syntax
client.list_security_configs(
maxResults=123,
nextToken='string',
type='saml'
)
integer
An optional parameter that specifies the maximum number of results to return. You can use nextToken to get the next page of results. The default is 20.
string
If your initial ListSecurityConfigs operation returns a nextToken , you can include the returned nextToken in subsequent ListSecurityConfigs operations, which returns results in the next page.
string
[REQUIRED]
The type of security configuration.
dict
Response Syntax
{
'nextToken': 'string',
'securityConfigSummaries': [
{
'configVersion': 'string',
'createdDate': 123,
'description': 'string',
'id': 'string',
'lastModifiedDate': 123,
'type': 'saml'
},
]
}
Response Structure
(dict) --
nextToken (string) --
When nextToken is returned, there are more results available. The value of nextToken is a unique pagination token for each page. Make the call again using the returned token to retrieve the next page.
securityConfigSummaries (list) --
Details about the security configurations in your account.
(dict) --
A summary of a security configuration for OpenSearch Serverless.
configVersion (string) --
The version of the security configuration.
createdDate (integer) --
The Epoch time when the security configuration was created.
description (string) --
The description of the security configuration.
id (string) --
The unique identifier of the security configuration.
lastModifiedDate (integer) --
The timestamp of when the configuration was last modified.
type (string) --
The type of security configuration.
Updates an OpenSearch Serverless access policy. For more information, see Data access control for Amazon OpenSearch Serverless .
See also: AWS API Documentation
Request Syntax
client.update_access_policy(
clientToken='string',
description='string',
name='string',
policy='string',
policyVersion='string',
type='data'
)
string
Unique, case-sensitive identifier to ensure idempotency of the request.
This field is autopopulated if not provided.
string
A description of the policy. Typically used to store information about the permissions defined in the policy.
string
[REQUIRED]
The name of the policy.
string
The JSON policy document to use as the content for the policy.
string
[REQUIRED]
The version of the policy being updated.
string
[REQUIRED]
The type of policy.
dict
Response Syntax
{
'accessPolicyDetail': {
'createdDate': 123,
'description': 'string',
'lastModifiedDate': 123,
'name': 'string',
'policy': {},
'policyVersion': 'string',
'type': 'data'
}
}
Response Structure
(dict) --
accessPolicyDetail (dict) --
Details about the updated access policy.
createdDate (integer) --
The date the policy was created.
description (string) --
The description of the policy.
lastModifiedDate (integer) --
The timestamp of when the policy was last modified.
name (string) --
The name of the policy.
policy (dict) --
The JSON policy document without any whitespaces.
policyVersion (string) --
The version of the policy.
type (string) --
The type of access policy.
Returns statistical information about your OpenSearch Serverless access policies, security configurations, and security policies.
See also: AWS API Documentation
Request Syntax
client.get_policies_stats()
dict
Response Syntax
{
'AccessPolicyStats': {
'DataPolicyCount': 123
},
'SecurityConfigStats': {
'SamlConfigCount': 123
},
'SecurityPolicyStats': {
'EncryptionPolicyCount': 123,
'NetworkPolicyCount': 123
},
'TotalPolicyCount': 123
}
Response Structure
(dict) --
AccessPolicyStats (dict) --
Information about the data access policies in your account.
DataPolicyCount (integer) --
The number of data access policies in the current account.
SecurityConfigStats (dict) --
Information about the security configurations in your account.
SamlConfigCount (integer) --
The number of security configurations in the current account.
SecurityPolicyStats (dict) --
Information about the security policies in your account.
EncryptionPolicyCount (integer) --
The number of encryption policies in the current account.
NetworkPolicyCount (integer) --
The number of network policies in the current account.
TotalPolicyCount (integer) --
The total number of OpenSearch Serverless security policies and configurations in your account.
Deletes a security configuration for OpenSearch Serverless. For more information, see SAML authentication for Amazon OpenSearch Serverless .
See also: AWS API Documentation
Request Syntax
client.delete_security_config(
clientToken='string',
id='string'
)
string
Unique, case-sensitive identifier to ensure idempotency of the request.
This field is autopopulated if not provided.
string
[REQUIRED]
The security configuration identifier. For SAML the ID will be saml/<accountId>/<idpProviderName> . For example, saml/123456789123/OKTADev .
dict
Response Syntax
{}
Response Structure
(dict) --
Returns information about a configured OpenSearch Serverless security policy. For more information, see Network access for Amazon OpenSearch Serverless and Encryption at rest for Amazon OpenSearch Serverless .
See also: AWS API Documentation
Request Syntax
client.get_security_policy(
name='string',
type='encryption'|'network'
)
string
[REQUIRED]
The name of the security policy.
string
[REQUIRED]
The type of security policy.
dict
Response Syntax
{
'securityPolicyDetail': {
'createdDate': 123,
'description': 'string',
'lastModifiedDate': 123,
'name': 'string',
'policy': {},
'policyVersion': 'string',
'type': 'encryption'|'network'
}
}
Response Structure
(dict) --
securityPolicyDetail (dict) --
Details about the requested security policy.
createdDate (integer) --
The date the policy was created.
description (string) --
The description of the security policy.
lastModifiedDate (integer) --
The timestamp of when the policy was last modified.
name (string) --
The name of the policy.
policy (dict) --
The JSON policy document without any whitespaces.
policyVersion (string) --
The version of the policy.
type (string) --
The type of security policy.
Updates an OpenSearch Serverless-managed interface endpoint. For more information, see Access Amazon OpenSearch Serverless using an interface endpoint .
See also: AWS API Documentation
Request Syntax
client.update_vpc_endpoint(
addSecurityGroupIds=[
'string',
],
addSubnetIds=[
'string',
],
clientToken='string',
id='string',
removeSecurityGroupIds=[
'string',
],
removeSubnetIds=[
'string',
]
)
list
The unique identifiers of the security groups to add to the endpoint. Security groups define the ports, protocols, and sources for inbound traffic that you are authorizing into your endpoint.
(string) --
list
The ID of one or more subnets to add to the endpoint.
(string) --
string
Unique, case-sensitive identifier to ensure idempotency of the request.
This field is autopopulated if not provided.
string
[REQUIRED]
The unique identifier of the interface endpoint to update.
list
The unique identifiers of the security groups to remove from the endpoint.
(string) --
list
The unique identifiers of the subnets to remove from the endpoint.
(string) --
dict
Response Syntax
{
'UpdateVpcEndpointDetail': {
'id': 'string',
'lastModifiedDate': 123,
'name': 'string',
'securityGroupIds': [
'string',
],
'status': 'PENDING'|'DELETING'|'ACTIVE'|'FAILED',
'subnetIds': [
'string',
]
}
}
Response Structure
(dict) --
UpdateVpcEndpointDetail (dict) --
Details about the updated VPC endpoint.
id (string) --
The unique identifier of the endpoint.
lastModifiedDate (integer) --
The timestamp of when the endpoint was last modified.
name (string) --
The name of the endpoint.
securityGroupIds (list) --
The unique identifiers of the security groups that define the ports, protocols, and sources for inbound traffic that you are authorizing into your endpoint.
(string) --
status (string) --
The current status of the endpoint update process.
subnetIds (list) --
The ID of the subnets from which you access OpenSearch Serverless.
(string) --
Returns information about configured OpenSearch Serverless security policies.
See also: AWS API Documentation
Request Syntax
client.list_security_policies(
maxResults=123,
nextToken='string',
resource=[
'string',
],
type='encryption'|'network'
)
integer
An optional parameter that specifies the maximum number of results to return. You can use nextToken to get the next page of results. The default is 20.
string
If your initial ListSecurityPolicies operation returns a nextToken , you can include the returned nextToken in subsequent ListSecurityPolicies operations, which returns results in the next page.
list
Resource filters (can be collection or indexes) that policies can apply to.
(string) --
string
[REQUIRED]
The type of policy.
dict
Response Syntax
{
'nextToken': 'string',
'securityPolicySummaries': [
{
'createdDate': 123,
'description': 'string',
'lastModifiedDate': 123,
'name': 'string',
'policyVersion': 'string',
'type': 'encryption'|'network'
},
]
}
Response Structure
(dict) --
nextToken (string) --
When nextToken is returned, there are more results available. The value of nextToken is a unique pagination token for each page. Make the call again using the returned token to retrieve the next page.
securityPolicySummaries (list) --
Details about the security policies in your account.
(dict) --
A summary of a security policy for OpenSearch Serverless.
createdDate (integer) --
The date the policy was created.
description (string) --
The description of the security policy.
lastModifiedDate (integer) --
The timestamp of when the policy was last modified.
name (string) --
The name of the policy.
policyVersion (string) --
The version of the policy.
type (string) --
The type of security policy.
Returns the OpenSearch Serverless-managed interface VPC endpoints associated with the current account. For more information, see Access Amazon OpenSearch Serverless using an interface endpoint .
See also: AWS API Documentation
Request Syntax
client.list_vpc_endpoints(
maxResults=123,
nextToken='string',
vpcEndpointFilters={
'status': 'PENDING'|'DELETING'|'ACTIVE'|'FAILED'
}
)
integer
An optional parameter that specifies the maximum number of results to return. You can use nextToken to get the next page of results. The default is 20.
string
If your initial ListVpcEndpoints operation returns a nextToken , you can include the returned nextToken in subsequent ListVpcEndpoints operations, which returns results in the next page.
dict
Filter the results according to the current status of the VPC endpoint. Possible statuses are CREATING , DELETING , UPDATING , ACTIVE , and FAILED .
status (string) --
The current status of the endpoint.
dict
Response Syntax
{
'nextToken': 'string',
'vpcEndpointSummaries': [
{
'id': 'string',
'name': 'string',
'status': 'PENDING'|'DELETING'|'ACTIVE'|'FAILED'
},
]
}
Response Structure
(dict) --
nextToken (string) --
When nextToken is returned, there are more results available. The value of nextToken is a unique pagination token for each page. Make the call again using the returned token to retrieve the next page.
vpcEndpointSummaries (list) --
Details about each VPC endpoint, including the name and current status.
(dict) --
The VPC endpoint object.
id (string) --
The unique identifier of the endpoint.
name (string) --
The name of the endpoint.
status (string) --
The current status of the endpoint.
Updates a security configuration for OpenSearch Serverless. For more information, see SAML authentication for Amazon OpenSearch Serverless .
See also: AWS API Documentation
Request Syntax
client.update_security_config(
clientToken='string',
configVersion='string',
description='string',
id='string',
samlOptions={
'groupAttribute': 'string',
'metadata': 'string',
'sessionTimeout': 123,
'userAttribute': 'string'
}
)
string
Unique, case-sensitive identifier to ensure idempotency of the request.
This field is autopopulated if not provided.
string
[REQUIRED]
The version of the security configuration to be updated. You can find the most recent version of a security configuration using the GetSecurityPolicy command.
string
A description of the security configuration.
string
[REQUIRED]
The security configuration identifier. For SAML the ID will be saml/<accountId>/<idpProviderName> . For example, saml/123456789123/OKTADev .
dict
SAML options in in the form of a key-value map.
groupAttribute (string) --
The group attribute for this SAML integration.
metadata (string) -- [REQUIRED]
The XML IdP metadata file generated from your identity provider.
sessionTimeout (integer) --
The session timeout, in minutes. Minimum is 15 minutes and maximum is 1440 minutes (24 hours or 1 day). Default is 60 minutes.
userAttribute (string) --
A user attribute for this SAML integration.
dict
Response Syntax
{
'securityConfigDetail': {
'configVersion': 'string',
'createdDate': 123,
'description': 'string',
'id': 'string',
'lastModifiedDate': 123,
'samlOptions': {
'groupAttribute': 'string',
'metadata': 'string',
'sessionTimeout': 123,
'userAttribute': 'string'
},
'type': 'saml'
}
}
Response Structure
(dict) --
securityConfigDetail (dict) --
Details about the updated security configuration.
configVersion (string) --
The version of the security configuration.
createdDate (integer) --
The date the configuration was created.
description (string) --
The description of the security configuration.
id (string) --
The unique identifier of the security configuration.
lastModifiedDate (integer) --
The timestamp of when the configuration was last modified.
samlOptions (dict) --
SAML options for the security configuration in the form of a key-value map.
groupAttribute (string) --
The group attribute for this SAML integration.
metadata (string) --
The XML IdP metadata file generated from your identity provider.
sessionTimeout (integer) --
The session timeout, in minutes. Minimum is 15 minutes and maximum is 1440 minutes (24 hours or 1 day). Default is 60 minutes.
userAttribute (string) --
A user attribute for this SAML integration.
type (string) --
The type of security configuration.
Update the OpenSearch Serverless settings for the current Amazon Web Services account. For more information, see Autoscaling .
See also: AWS API Documentation
Request Syntax
client.update_account_settings(
capacityLimits={
'maxIndexingCapacityInOCU': 123,
'maxSearchCapacityInOCU': 123
}
)
dict
The maximum capacity limits for all OpenSearch Serverless collections, in OpenSearch Compute Units (OCUs). These limits are used to scale your collections based on the current workload. For more information, see Autoscaling .
maxIndexingCapacityInOCU (integer) --
The maximum indexing capacity for collections.
maxSearchCapacityInOCU (integer) --
The maximum search capacity for collections.
dict
Response Syntax
{
'accountSettingsDetail': {
'capacityLimits': {
'maxIndexingCapacityInOCU': 123,
'maxSearchCapacityInOCU': 123
}
}
}
Response Structure
(dict) --
accountSettingsDetail (dict) --
OpenSearch Serverless-related settings for the current Amazon Web Services account.
capacityLimits (dict) --
The maximum capacity limits for all OpenSearch Serverless collections, in OpenSearch Compute Units (OCUs). These limits are used to scale your collections based on the current workload. For more information, see Autoscaling .
maxIndexingCapacityInOCU (integer) --
The maximum indexing capacity for collections.
maxSearchCapacityInOCU (integer) --
The maximum search capacity for collections.
Deletes an OpenSearch Serverless access policy. For more information, see Data access control for Amazon OpenSearch Serverless .
See also: AWS API Documentation
Request Syntax
client.delete_access_policy(
clientToken='string',
name='string',
type='data'
)
string
Unique, case-sensitive identifier to ensure idempotency of the request.
This field is autopopulated if not provided.
string
[REQUIRED]
The name of the policy to delete.
string
[REQUIRED]
The type of policy.
dict
Response Syntax
{}
Response Structure
(dict) --
Lists all OpenSearch Serverless collections. For more information, see Creating and managing Amazon OpenSearch Serverless collections .
Note
Make sure to include an empty request body {} if you don't include any collection filters in the request.
See also: AWS API Documentation
Request Syntax
client.list_collections(
collectionFilters={
'name': 'string',
'status': 'CREATING'|'DELETING'|'ACTIVE'|'FAILED'
},
maxResults=123,
nextToken='string'
)
dict
List of filter names and values that you can use for requests.
name (string) --
The name of the collection.
status (string) --
The current status of the collection.
integer
The maximum number of results to return. Default is 20. You can use nextToken to get the next page of results.
string
If your initial ListCollections operation returns a nextToken , you can include the returned nextToken in subsequent ListCollections operations, which returns results in the next page.
dict
Response Syntax
{
'collectionSummaries': [
{
'arn': 'string',
'id': 'string',
'name': 'string',
'status': 'CREATING'|'DELETING'|'ACTIVE'|'FAILED'
},
],
'nextToken': 'string'
}
Response Structure
(dict) --
collectionSummaries (list) --
Details about each collection.
(dict) --
Details about each OpenSearch Serverless collection.
arn (string) --
The Amazon Resource Name (ARN) of the collection.
id (string) --
The unique identifier of the collection.
name (string) --
The name of the collection.
status (string) --
The current status of the collection.
nextToken (string) --
When nextToken is returned, there are more results available. The value of nextToken is a unique pagination token for each page. Make the call again using the returned token to retrieve the next page.
Creates a data access policy for OpenSearch Serverless. Access policies limit access to collections and the resources within them, and allow a user to access that data irrespective of the access mechanism or network source. For more information, see Data access control for Amazon OpenSearch Serverless .
See also: AWS API Documentation
Request Syntax
client.create_access_policy(
clientToken='string',
description='string',
name='string',
policy='string',
type='data'
)
string
Unique, case-sensitive identifier to ensure idempotency of the request.
This field is autopopulated if not provided.
string
A description of the policy. Typically used to store information about the permissions defined in the policy.
string
[REQUIRED]
The name of the policy.
string
[REQUIRED]
The JSON policy document to use as the content for the policy.
string
[REQUIRED]
The type of policy.
dict
Response Syntax
{
'accessPolicyDetail': {
'createdDate': 123,
'description': 'string',
'lastModifiedDate': 123,
'name': 'string',
'policy': {},
'policyVersion': 'string',
'type': 'data'
}
}
Response Structure
(dict) --
accessPolicyDetail (dict) --
Details about the created access policy.
createdDate (integer) --
The date the policy was created.
description (string) --
The description of the policy.
lastModifiedDate (integer) --
The timestamp of when the policy was last modified.
name (string) --
The name of the policy.
policy (dict) --
The JSON policy document without any whitespaces.
policyVersion (string) --
The version of the policy.
type (string) --
The type of access policy.
Deletes an OpenSearch Serverless collection. For more information, see Creating and managing Amazon OpenSearch Serverless collections .
See also: AWS API Documentation
Request Syntax
client.delete_collection(
clientToken='string',
id='string'
)
string
A unique, case-sensitive identifier to ensure idempotency of the request.
This field is autopopulated if not provided.
string
[REQUIRED]
The unique identifier of the collection. For example, 1iu5usc406kd . The ID is part of the collection endpoint. You can also retrieve it using the ListCollections API.
dict
Response Syntax
{
'deleteCollectionDetail': {
'id': 'string',
'name': 'string',
'status': 'CREATING'|'DELETING'|'ACTIVE'|'FAILED'
}
}
Response Structure
(dict) --
deleteCollectionDetail (dict) --
Details of the deleted collection.
id (string) --
The unique identifier of the collection.
name (string) --
The name of the collection.
status (string) --
The current status of the collection.