Domain
opensearchservice.services.k8s.aws/v1alpha1
| Type | Link |
|---|---|
| GoDoc | opensearchservice-controller/apis/v1alpha1#Domain |
Metadata
| Property | Value |
|---|---|
| Scope | Namespaced |
| Kind | Domain |
| ListKind | DomainList |
| Plural | domains |
| Singular | domain |
Spec
accessPolicies: string
advancedOptions: {}
advancedSecurityOptions:
anonymousAuthEnabled: boolean
enabled: boolean
internalUserDatabaseEnabled: boolean
jwtOptions:
enabled: boolean
publicKey: string
rolesKey: string
subjectKey: string
masterUserOptions:
masterUserARN: string
masterUserName: string
masterUserPassword:
key: string
name: string
namespace: string
sAMLOptions:
enabled: boolean
idp:
entityID: string
metadataContent: string
masterBackendRole: string
masterUserName: string
rolesKey: string
sessionTimeoutMinutes: integer
subjectKey: string
aimlOptions:
naturalLanguageQueryGenerationOptions:
desiredState: string
autoTuneOptions:
desiredState: string
maintenanceSchedules:
- cronExpressionForRecurrence: string
duration:
unit: string
value: integer
startAt: string
useOffPeakWindow: boolean
clusterConfig:
coldStorageOptions:
enabled: boolean
dedicatedMasterCount: integer
dedicatedMasterEnabled: boolean
dedicatedMasterType: string
instanceCount: integer
instanceType: string
multiAZWithStandbyEnabled: boolean
warmCount: integer
warmEnabled: boolean
warmType: string
zoneAwarenessConfig:
availabilityZoneCount: integer
zoneAwarenessEnabled: boolean
cognitoOptions:
enabled: boolean
identityPoolID: string
roleARN: string
userPoolID: string
domainEndpointOptions:
customEndpoint: string
customEndpointCertificateARN: string
customEndpointEnabled: boolean
enforceHTTPS: boolean
tlsSecurityPolicy: string
ebsOptions:
ebsEnabled: boolean
iops: integer
throughput: integer
volumeSize: integer
volumeType: string
encryptionAtRestOptions:
enabled: boolean
kmsKeyID: string
engineVersion: string
ipAddressType: string
logPublishingOptions: {}
name: string
nodeToNodeEncryptionOptions:
enabled: boolean
offPeakWindowOptions:
enabled: boolean
offPeakWindow:
windowStartTime:
hours: integer
minutes: integer
softwareUpdateOptions:
autoSoftwareUpdateEnabled: boolean
tags:
- key: string
value: string
vpcOptions:
securityGroupIDs:
- string
subnetIDs:
- string
| Field | Description |
|---|---|
| accessPolicies Optional | string Identity and Access Management (IAM) policy document specifying the access policies for the new domain. |
| advancedOptions Optional | object Key-value pairs to specify advanced configuration options. The following key-value pairs are supported: * “rest.action.multi.allow_explicit_index”: “true” |
| advancedSecurityOptions Optional | object Options for fine-grained access control. |
| advancedSecurityOptions.anonymousAuthEnabled Optional | boolean |
| advancedSecurityOptions.enabled Optional | boolean |
| advancedSecurityOptions.internalUserDatabaseEnabled Optional | boolean |
| advancedSecurityOptions.jwtOptions Optional | object The JWT authentication and authorization configuration for an Amazon OpenSearch Service domain. |
| advancedSecurityOptions.jwtOptions.enabled Optional | boolean |
| advancedSecurityOptions.jwtOptions.publicKey Optional | string |
| advancedSecurityOptions.jwtOptions.rolesKey Optional | string |
| advancedSecurityOptions.jwtOptions.subjectKey Optional | string |
| advancedSecurityOptions.masterUserOptions Optional | object Credentials for the master user for a domain. |
| advancedSecurityOptions.masterUserOptions.masterUserARN Optional | string The Amazon Resource Name (ARN) of the domain. See Identifiers for IAM Entities (https://docs.aws.amazon.com/IAM/latest/UserGuide/index.html) in Using Amazon Web Services Identity and Access Management for more information. |
| advancedSecurityOptions.masterUserOptions.masterUserName Optional | string |
| advancedSecurityOptions.masterUserOptions.masterUserPassword Optional | object SecretKeyReference combines a k8s corev1.SecretReference with a specific key within the referred-to Secret |
| advancedSecurityOptions.masterUserOptions.masterUserPassword.key Required | string Key is the key within the secret |
| advancedSecurityOptions.masterUserOptions.masterUserPassword.name Optional | string name is unique within a namespace to reference a secret resource. |
| advancedSecurityOptions.masterUserOptions.masterUserPassword.namespace Optional | string namespace defines the space within which the secret name must be unique. |
| advancedSecurityOptions.sAMLOptions Optional | object The SAML authentication configuration for an Amazon OpenSearch Service domain. |
| advancedSecurityOptions.sAMLOptions.enabled Optional | boolean |
| advancedSecurityOptions.sAMLOptions.idp Optional | object The SAML identity povider information. |
| advancedSecurityOptions.sAMLOptions.idp.entityID Optional | string |
| advancedSecurityOptions.sAMLOptions.idp.metadataContent Optional | string |
| advancedSecurityOptions.sAMLOptions.masterBackendRole Optional | string |
| advancedSecurityOptions.sAMLOptions.masterUserName Optional | string |
| advancedSecurityOptions.sAMLOptions.rolesKey Optional | string |
| advancedSecurityOptions.sAMLOptions.sessionTimeoutMinutes Optional | integer |
| advancedSecurityOptions.sAMLOptions.subjectKey Optional | string |
| aimlOptions Optional | object Options for all machine learning features for the specified domain. |
| aimlOptions.naturalLanguageQueryGenerationOptions Optional | object Container for parameters required to enable the natural language query generation feature. |
| aimlOptions.naturalLanguageQueryGenerationOptions.desiredState Optional | string |
| autoTuneOptions Optional | object Options for Auto-Tune. |
| autoTuneOptions.desiredState Optional | string The Auto-Tune desired state. Valid values are ENABLED and DISABLED. |
| autoTuneOptions.maintenanceSchedules Optional | array |
| autoTuneOptions.maintenanceSchedules.[] Required | object This object is deprecated. Use the domain’s off-peak window (https://docs.aws.amazon.com/opensearch-service/latest/developerguide/off-peak.html) |
| to schedule Auto-Tune optimizations. For migration instructions, see Migrating | |
| from Auto-Tune maintenance windows (https://docs.aws.amazon.com/opensearch-service/latest/developerguide/off-peak.html#off-peak-migrate). |
The Auto-Tune maintenance schedule. For more information, see Auto-Tune for
Amazon OpenSearch Service (https://docs.aws.amazon.com/opensearch-service/latest/developerguide/auto-tune.html). || autoTuneOptions.maintenanceSchedules.[].cronExpressionForRecurrence
Optional | string
|
| autoTuneOptions.maintenanceSchedules.[].duration
Optional | object
The duration of a maintenance schedule. For more information, see Auto-Tune
for Amazon OpenSearch Service (https://docs.aws.amazon.com/opensearch-service/latest/developerguide/auto-tune.html). |
| autoTuneOptions.maintenanceSchedules.[].duration.unit
Optional | string
The unit of a maintenance schedule duration. Valid value is HOUR. |
| autoTuneOptions.maintenanceSchedules.[].duration.value
Optional | integer
Integer that specifies the value of a maintenance schedule duration. |
| autoTuneOptions.maintenanceSchedules.[].startAt
Optional | string
|
| autoTuneOptions.useOffPeakWindow
Optional | boolean
|
| clusterConfig
Optional | object
Container for the cluster configuration of a domain. |
| clusterConfig.coldStorageOptions
Optional | object
Container for the parameters required to enable cold storage for an OpenSearch
Service domain. For more information, see Cold storage for Amazon OpenSearch
Service (https://docs.aws.amazon.com/opensearch-service/latest/developerguide/cold-storage.html). |
| clusterConfig.coldStorageOptions.enabled
Optional | boolean
|
| clusterConfig.dedicatedMasterCount
Optional | integer
|
| clusterConfig.dedicatedMasterEnabled
Optional | boolean
|
| clusterConfig.dedicatedMasterType
Optional | string
|
| clusterConfig.instanceCount
Optional | integer
|
| clusterConfig.instanceType
Optional | string
|
| clusterConfig.multiAZWithStandbyEnabled
Optional | boolean
|
| clusterConfig.warmCount
Optional | integer
|
| clusterConfig.warmEnabled
Optional | boolean
|
| clusterConfig.warmType
Optional | string
|
| clusterConfig.zoneAwarenessConfig
Optional | object
The zone awareness configuration for an Amazon OpenSearch Service domain. |
| clusterConfig.zoneAwarenessConfig.availabilityZoneCount
Optional | integer
|
| clusterConfig.zoneAwarenessEnabled
Optional | boolean
|
| cognitoOptions
Optional | object
Key-value pairs to configure Amazon Cognito authentication. For more information,
see Configuring Amazon Cognito authentication for OpenSearch Dashboards (https://docs.aws.amazon.com/opensearch-service/latest/developerguide/cognito-auth.html). |
| cognitoOptions.enabled
Optional | boolean
|
| cognitoOptions.identityPoolID
Optional | string
|
| cognitoOptions.roleARN
Optional | string
|
| cognitoOptions.userPoolID
Optional | string
|
| domainEndpointOptions
Optional | object
Additional options for the domain endpoint, such as whether to require HTTPS
for all traffic. |
| domainEndpointOptions.customEndpoint
Optional | string
|
| domainEndpointOptions.customEndpointCertificateARN
Optional | string
The Amazon Resource Name (ARN) of the domain. See Identifiers for IAM Entities
(https://docs.aws.amazon.com/IAM/latest/UserGuide/index.html) in Using Amazon
Web Services Identity and Access Management for more information. |
| domainEndpointOptions.customEndpointEnabled
Optional | boolean
|
| domainEndpointOptions.enforceHTTPS
Optional | boolean
|
| domainEndpointOptions.tlsSecurityPolicy
Optional | string
|
| ebsOptions
Optional | object
Container for the parameters required to enable EBS-based storage for an
OpenSearch Service domain. |
| ebsOptions.ebsEnabled
Optional | boolean
|
| ebsOptions.iops
Optional | integer
|
| ebsOptions.throughput
Optional | integer
|
| ebsOptions.volumeSize
Optional | integer
|
| ebsOptions.volumeType
Optional | string
The type of EBS volume that a domain uses. For more information, see Configuring
EBS-based storage (https://docs.aws.amazon.com/opensearch-service/latest/developerguide/opensearch-createupdatedomains.html#opensearch-createdomain-configure-ebs). |
| encryptionAtRestOptions
Optional | object
Key-value pairs to enable encryption at rest. |
| encryptionAtRestOptions.enabled
Optional | boolean
|
| encryptionAtRestOptions.kmsKeyID
Optional | string
|
| engineVersion
Optional | string
String of format Elasticsearch_X.Y or OpenSearch_X.Y to specify the engine
version for the OpenSearch Service domain. For example, OpenSearch_1.0 or
Elasticsearch_7.9. For more information, see Creating and managing Amazon
OpenSearch Service domains (https://docs.aws.amazon.com/opensearch-service/latest/developerguide/createupdatedomains.html#createdomains). |
| ipAddressType
Optional | string
Specify either dual stack or IPv4 as your IP address type. Dual stack allows
you to share domain resources across IPv4 and IPv6 address types, and is
the recommended option. If you set your IP address type to dual stack, you
can’t change your address type later. |
| logPublishingOptions
Optional | object
Key-value pairs to configure log publishing. |
| name
Required | string
Name of the OpenSearch Service domain to create. Domain names are unique
across the domains owned by an account within an Amazon Web Services Region. |
| nodeToNodeEncryptionOptions
Optional | object
Enables node-to-node encryption. |
| nodeToNodeEncryptionOptions.enabled
Optional | boolean
|
| offPeakWindowOptions
Optional | object
Specifies a daily 10-hour time block during which OpenSearch Service can
perform configuration changes on the domain, including service software updates
and Auto-Tune enhancements that require a blue/green deployment. If no options
are specified, the default start time of 10:00 P.M. local time (for the Region
that the domain is created in) is used. |
| offPeakWindowOptions.enabled
Optional | boolean
|
| offPeakWindowOptions.offPeakWindow
Optional | object
A custom 10-hour, low-traffic window during which OpenSearch Service can
perform mandatory configuration changes on the domain. These actions can
include scheduled service software updates and blue/green Auto-Tune enhancements.
OpenSearch Service will schedule these actions during the window that you
specify.
If you don’t specify a window start time, it defaults to 10:00 P.M. local
time.
For more information, see Defining off-peak maintenance windows for Amazon
OpenSearch Service (https://docs.aws.amazon.com/opensearch-service/latest/developerguide/off-peak.html). |
| offPeakWindowOptions.offPeakWindow.windowStartTime
Optional | object
The desired start time for an off-peak maintenance window (https://docs.aws.amazon.com/opensearch-service/latest/APIReference/API_OffPeakWindow.html). |
| offPeakWindowOptions.offPeakWindow.windowStartTime.hours
Optional | integer
|
| offPeakWindowOptions.offPeakWindow.windowStartTime.minutes
Optional | integer
|
| softwareUpdateOptions
Optional | object
Software update options for the domain. |
| softwareUpdateOptions.autoSoftwareUpdateEnabled
Optional | boolean
|
| tags
Optional | array
List of tags to add to the domain upon creation. |
| tags.[]
Required | object
A tag (key-value pair) for an Amazon OpenSearch Service resource. || tags.[].key
Optional | string
A string between 1 to 128 characters that specifies the key for a tag. Tag
keys must be unique for the domain to which they’re attached. |
| tags.[].value
Optional | string
A string between 0 to 256 characters that specifies the value for a tag.
Tag values can be null and don’t have to be unique in a tag set. |
| vpcOptions
Optional | object
Container for the values required to configure VPC access domains. If you
don’t specify these values, OpenSearch Service creates the domain with a
public endpoint. For more information, see Launching your Amazon OpenSearch
Service domains using a VPC (https://docs.aws.amazon.com/opensearch-service/latest/developerguide/vpc.html). |
| vpcOptions.securityGroupIDs
Optional | array
|
| vpcOptions.securityGroupIDs.[]
Required | string
|| vpcOptions.subnetIDs
Optional | array
|
| vpcOptions.subnetIDs.[]
Required | string
|
Status
ackResourceMetadata:
arn: string
ownerAccountID: string
region: string
changeProgressDetails:
changeID: string
configChangeStatus: string
initiatedBy: string
lastUpdatedTime: string
message: string
startTime: string
conditions:
- lastTransitionTime: string
message: string
reason: string
status: string
type: string
created: boolean
deleted: boolean
domainEndpointV2HostedZoneID: string
domainID: string
domainProcessingStatus: string
endpoint: string
endpointV2: string
endpoints: {}
modifyingProperties:
- activeValue: string
name: string
pendingValue: string
valueType: string
processing: boolean
serviceSoftwareOptions:
automatedUpdateDate: string
cancellable: boolean
currentVersion: string
description: string
newVersion: string
optionalDeployment: boolean
updateAvailable: boolean
updateStatus: string
snapshotOptions:
automatedSnapshotStartHour: integer
upgradeProcessing: boolean
| Field | Description |
|---|---|
| ackResourceMetadata Optional | object All CRs managed by ACK have a common Status.ACKResourceMetadata memberthat is used to contain resource sync state, account ownership, constructed ARN for the resource |
| ackResourceMetadata.arn Optional | string ARN is the Amazon Resource Name for the resource. This is a globally-unique identifier and is set only by the ACK service controller once the controller has orchestrated the creation of the resource OR when it has verified that an “adopted” resource (a resource where the ARN annotation was set by the Kubernetes user on the CR) exists and matches the supplied CR’s Spec field values. https://github.com/aws/aws-controllers-k8s/issues/270 |
| ackResourceMetadata.ownerAccountID Required | string OwnerAccountID is the AWS Account ID of the account that owns the backend AWS service API resource. |
| ackResourceMetadata.region Required | string Region is the AWS region in which the resource exists or will exist. |
| changeProgressDetails Optional | object Information about a configuration change happening on the domain. |
| changeProgressDetails.changeID Optional | string |
| changeProgressDetails.configChangeStatus Optional | string |
| changeProgressDetails.initiatedBy Optional | string |
| changeProgressDetails.lastUpdatedTime Optional | string |
| changeProgressDetails.message Optional | string |
| changeProgressDetails.startTime Optional | string |
| conditions Optional | array All CRS managed by ACK have a common Status.Conditions member thatcontains a collection of ackv1alpha1.Condition objects that describethe various terminal states of the CR and its backend AWS service API resource |
| conditions.[] Required | object Condition is the common struct used by all CRDs managed by ACK service |
| controllers to indicate terminal states of the CR and its backend AWS | |
| service API resource | |
| conditions.[].message Optional | string A human readable message indicating details about the transition. |
| conditions.[].reason Optional | string The reason for the condition’s last transition. |
| conditions.[].status Optional | string Status of the condition, one of True, False, Unknown. |
| conditions.[].type Optional | string Type is the type of the Condition |
| created Optional | boolean Creation status of an OpenSearch Service domain. True if domain creation is complete. False if domain creation is still in progress. |
| deleted Optional | boolean Deletion status of an OpenSearch Service domain. True if domain deletion is complete. False if domain deletion is still in progress. Once deletion is complete, the status of the domain is no longer returned. |
| domainEndpointV2HostedZoneID Optional | string The dual stack hosted zone ID for the domain. |
| domainID Optional | string Unique identifier for the domain. |
| domainProcessingStatus Optional | string The status of any changes that are currently in progress for the domain. |
| endpoint Optional | string Domain-specific endpoint used to submit index, search, and data upload requests to the domain. |
| endpointV2 Optional | string If IPAddressType to set to dualstack, a version 2 domain endpoint is provisioned. This endpoint functions like a normal endpoint, except that it works with both IPv4 and IPv6 IP addresses. Normal endpoints work only with IPv4 IP addresses. |
| endpoints Optional | object The key-value pair that exists if the OpenSearch Service domain uses VPC endpoints. For example: * IPv4 IP addresses - ‘vpc’,‘vpc-endpoint-h2dsd34efgyghrtguk5gt6j2foh4.us-east-1.es.amazonaws.com’ * Dual stack IP addresses - ‘vpcv2’:‘vpc-endpoint-h2dsd34efgyghrtguk5gt6j2foh4.aos.us-east-1.on.aws’ |
| modifyingProperties Optional | array Information about the domain properties that are currently being modified. |
| modifyingProperties.[] Required | object Information about the domain properties that are currently being modified. |
| modifyingProperties.[].name Optional | string |
| modifyingProperties.[].pendingValue Optional | string |
| modifyingProperties.[].valueType Optional | string |
| processing Optional | boolean The status of the domain configuration. True if OpenSearch Service is processing configuration changes. False if the configuration is active. |
| serviceSoftwareOptions Optional | object The current status of the domain’s service software. |
| serviceSoftwareOptions.automatedUpdateDate Optional | string |
| serviceSoftwareOptions.cancellable Optional | boolean |
| serviceSoftwareOptions.currentVersion Optional | string |
| serviceSoftwareOptions.description Optional | string |
| serviceSoftwareOptions.newVersion Optional | string |
| serviceSoftwareOptions.optionalDeployment Optional | boolean |
| serviceSoftwareOptions.updateAvailable Optional | boolean |
| serviceSoftwareOptions.updateStatus Optional | string |
| snapshotOptions Optional | object DEPRECATED. Container for parameters required to configure automated snapshots of domain indexes. |
| snapshotOptions.automatedSnapshotStartHour Optional | integer |
| upgradeProcessing Optional | boolean The status of a domain version upgrade to a new version of OpenSearch or Elasticsearch. True if OpenSearch Service is in the process of a version upgrade. False if the configuration is active. |