Try Spotterobtain information about one or more OpenSearch or ElasticSearch domain
| "added in version" 4.0.0 of community.aws"
Authors: Sebastien Rosset (@sebastien-rosset)
Install with ansible-galaxy collection install community.aws:==5.1.0
collections:
- name: community.aws
version: 5.1.0Obtain information about one Amazon OpenSearch Service domain.
- name: Get information about an OpenSearch domain instance
community.aws.opensearch_info:
domain-name: my-search-cluster
register: new_cluster_info
- name: Get all OpenSearch instances community.aws.opensearch_info:
- name: Get all OpenSearch instances that have the specified Key, Value tags
community.aws.opensearch_info:
tags:
Applications: search
Environment: Development
tags:
description:
- 'A dict of tags that are used to filter OpenSearch domains that match all tag key,
value pairs.
'
required: false
type: dict
region:
aliases:
- aws_region
- ec2_region
description:
- The AWS region to use.
- For global services such as IAM, Route53 and CloudFront, I(region) is ignored.
- The C(AWS_REGION) or C(EC2_REGION) environment variables may also be used.
- See the Amazon AWS documentation for more information U(http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region).
- The C(ec2_region) alias has been deprecated and will be removed in a release after
2024-12-01
- Support for the C(EC2_REGION) environment variable has been deprecated and will
be removed in a release after 2024-12-01.
type: str
profile:
aliases:
- aws_profile
description:
- A named AWS profile to use for authentication.
- See the AWS documentation for more information about named profiles U(https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-profiles.html).
- The C(AWS_PROFILE) environment variable may also be used.
- The I(profile) option is mutually exclusive with the I(aws_access_key), I(aws_secret_key)
and I(security_token) options.
type: str
access_key:
aliases:
- aws_access_key_id
- aws_access_key
- ec2_access_key
description:
- AWS access key ID.
- See the AWS documentation for more information about access tokens U(https://docs.aws.amazon.com/general/latest/gr/aws-sec-cred-types.html#access-keys-and-secret-access-keys).
- The C(AWS_ACCESS_KEY_ID), C(AWS_ACCESS_KEY) or C(EC2_ACCESS_KEY) environment variables
may also be used in decreasing order of preference.
- The I(aws_access_key) and I(profile) options are mutually exclusive.
- The I(aws_access_key_id) alias was added in release 5.1.0 for consistency with the
AWS botocore SDK.
- The I(ec2_access_key) alias has been deprecated and will be removed in a release
after 2024-12-01.
- Support for the C(EC2_ACCESS_KEY) environment variable has been deprecated and will
be removed in a release after 2024-12-01.
type: str
aws_config:
description:
- A dictionary to modify the botocore configuration.
- Parameters can be found in the AWS documentation U(https://botocore.amazonaws.com/v1/documentation/api/latest/reference/config.html#botocore.config.Config).
type: dict
secret_key:
aliases:
- aws_secret_access_key
- aws_secret_key
- ec2_secret_key
description:
- AWS secret access key.
- See the AWS documentation for more information about access tokens U(https://docs.aws.amazon.com/general/latest/gr/aws-sec-cred-types.html#access-keys-and-secret-access-keys).
- The C(AWS_SECRET_ACCESS_KEY), C(AWS_SECRET_KEY), or C(EC2_SECRET_KEY) environment
variables may also be used in decreasing order of preference.
- The I(secret_key) and I(profile) options are mutually exclusive.
- The I(aws_secret_access_key) alias was added in release 5.1.0 for consistency with
the AWS botocore SDK.
- The I(ec2_secret_key) alias has been deprecated and will be removed in a release
after 2024-12-01.
- Support for the C(EC2_SECRET_KEY) environment variable has been deprecated and will
be removed in a release after 2024-12-01.
type: str
domain_name:
description:
- The name of the Amazon OpenSearch/ElasticSearch Service domain.
required: false
type: str
endpoint_url:
aliases:
- ec2_url
- aws_endpoint_url
- s3_url
description:
- URL to connect to instead of the default AWS endpoints. While this can be used
to connection to other AWS-compatible services the amazon.aws and community.aws
collections are only tested against AWS.
- The C(AWS_URL) or C(EC2_URL) environment variables may also be used, in decreasing
order of preference.
- The I(ec2_url) and I(s3_url) aliases have been deprecated and will be removed in
a release after 2024-12-01.
- Support for the C(EC2_URL) environment variable has been deprecated and will be
removed in a release after 2024-12-01.
type: str
aws_ca_bundle:
description:
- The location of a CA Bundle to use when validating SSL certificates.
- The C(AWS_CA_BUNDLE) environment variable may also be used.
type: path
session_token:
aliases:
- aws_session_token
- security_token
- aws_security_token
- access_token
description:
- AWS STS session token for use with temporary credentials.
- See the AWS documentation for more information about access tokens U(https://docs.aws.amazon.com/general/latest/gr/aws-sec-cred-types.html#access-keys-and-secret-access-keys).
- The C(AWS_SESSION_TOKEN), C(AWS_SECURITY_TOKEN) or C(EC2_SECURITY_TOKEN) environment
variables may also be used in decreasing order of preference.
- The I(security_token) and I(profile) options are mutually exclusive.
- Aliases I(aws_session_token) and I(session_token) were added in release 3.2.0, with
the parameter being renamed from I(security_token) to I(session_token) in release
6.0.0.
- The I(security_token), I(aws_security_token), and I(access_token) aliases have been
deprecated and will be removed in a release after 2024-12-01.
- Support for the C(EC2_SECRET_KEY) and C(AWS_SECURITY_TOKEN) environment variables
has been deprecated and will be removed in a release after 2024-12-01.
type: str
validate_certs:
default: true
description:
- When set to C(false), SSL certificates will not be validated for communication with
the AWS APIs.
- Setting I(validate_certs=false) is strongly discouraged, as an alternative, consider
setting I(aws_ca_bundle) instead.
type: bool
debug_botocore_endpoint_logs:
default: false
description:
- Use a C(botocore.endpoint) logger to parse the unique (rather than total) C("resource:action")
API calls made during a task, outputing the set to the resource_actions key in the
task results. Use the C(aws_resource_action) callback to output to total list made
during a playbook.
- The C(ANSIBLE_DEBUG_BOTOCORE_LOGS) environment variable may also be used.
type: bool
instances:
contains:
domain_config:
contains:
domain_name:
description: The name of the OpenSearch domain.
returned: always
type: str
description: The OpenSearch domain configuration
returned: always
type: complex
domain_status:
contains:
access_policies:
description:
- IAM access policy as a JSON-formatted string.
type: complex
advanced_security_options:
contains:
enabled:
description:
- True if advanced security is enabled.
- You must enable node-to-node encryption to use advanced security options.
type: bool
internal_user_database_enabled:
description:
- True if the internal user database is enabled.
type: bool
master_user_options:
contains:
master_user_arn:
description:
- ARN for the master user (if IAM is enabled).
type: str
master_user_name:
description:
- The username of the master user, which is stored in the Amazon
OpenSearch Service domain internal database.
type: str
master_user_password:
description:
- The password of the master user, which is stored in the Amazon
OpenSearch Service domain internal database.
type: str
description:
- Credentials for the master user, username and password, ARN, or both.
type: complex
saml_options:
contains:
enabled:
description:
- True if SAML is enabled.
type: bool
idp:
contains:
entity_id:
description:
- The unique entity ID of the application in SAML identity provider.
type: str
metadata_content:
description:
- The metadata of the SAML application in XML format.
type: str
description:
- The SAML Identity Provider's information.
type: complex
master_backend_role:
description:
- The backend role that the SAML master user is mapped to.
type: str
master_user_name:
description:
- The SAML master username, which is stored in the Amazon OpenSearch
Service domain internal database.
type: str
roles_key:
description:
- Element of the SAML assertion to use for backend roles. Default
is roles.
type: str
session_timeout_minutes:
description:
- 'The duration, in minutes, after which a user session becomes
inactive. Acceptable values are between 1 and 1440, and the default
value is 60.
'
type: int
subject_key:
description:
- Element of the SAML assertion to use for username. Default is
NameID.
type: str
description:
- The SAML application configuration for the domain.
type: complex
description:
- Specifies advanced security options.
type: complex
arn:
description: The ARN of the OpenSearch domain.
returned: always
type: str
auto_tune_options:
contains:
desired_state:
description:
- The Auto-Tune desired state. Valid values are ENABLED and DISABLED.
type: str
maintenance_schedules:
contains:
cron_expression_for_recurrence:
description:
- A cron expression for a recurring maintenance schedule.
type: str
duration:
contains:
unit:
description:
- The unit of a maintenance schedule duration. Valid value is
HOURS.
type: str
value:
description:
- Integer to specify the value of a maintenance schedule duration.
type: int
description:
- Specifies maintenance schedule duration, duration value and duration
unit.
type: complex
start_at:
description:
- The timestamp at which the Auto-Tune maintenance schedule starts.
type: str
description:
- A list of maintenance schedules.
elements: dict
type: list
description:
- Specifies Auto-Tune options.
type: complex
cluster_config:
contains:
availability_zone_count:
description:
- 'An integer value to indicate the number of availability zones for
a domain when zone awareness is enabled. This should be equal to number
of subnets if VPC endpoints is enabled.
'
type: int
cold_storage_options:
contains:
enabled:
description:
- True to enable cold storage. Supported on Elasticsearch 7.9 or
above.
type: bool
description:
- Specifies the ColdStorageOptions config for a Domain.
type: complex
dedicated_master_count:
description:
- Total number of dedicated master nodes, active and on standby, for
the domain.
type: int
dedicated_master_enabled:
description:
- A boolean value to indicate whether a dedicated master node is enabled.
type: bool
dedicated_master_type:
description:
- The instance type for a dedicated master node.
type: str
instance_count:
description:
- Number of instances for the domain.
type: int
instance_type:
description:
- Type of the instances to use for the domain.
type: str
warm_count:
description:
- The number of UltraWarm nodes in the domain.
type: int
warm_enabled:
description:
- True to enable UltraWarm storage.
type: bool
warm_type:
description:
- The instance type for the OpenSearch domain's warm nodes.
type: str
zone_awareness:
description:
- A boolean value to indicate whether zone awareness is enabled.
type: bool
zone_awareness_config:
contains:
availability_zone_count:
description:
- An integer value to indicate the number of availability zones
for a domain when zone awareness is enabled.
type: int
description:
- The zone awareness configuration for a domain when zone awareness
is enabled.
type: complex
zone_awareness_enabled:
description:
- A boolean value to indicate whether zone awareness is enabled.
type: bool
description:
- Parameters for the cluster configuration of an OpenSearch Service domain.
type: complex
cognito_options:
contains:
enabled:
description:
- The option to enable Cognito for OpenSearch Dashboards authentication.
type: bool
identity_pool_id:
description:
- The Cognito identity pool ID for OpenSearch Dashboards authentication.
type: str
role_arn:
description:
- The role ARN that provides OpenSearch permissions for accessing Cognito
resources.
type: str
user_pool_id:
description:
- The Cognito user pool ID for OpenSearch Dashboards authentication.
type: str
description:
- Parameters to configure OpenSearch Service to use Amazon Cognito authentication
for OpenSearch Dashboards.
type: complex
created:
description:
- 'The domain creation status. True if the creation of a domain is complete.
False if domain creation is still in progress.
'
returned: always
type: bool
deleted:
description:
- 'The domain deletion status. True if a delete request has been received
for the domain but resource cleanup is still in progress. False if the
domain has not been deleted. Once domain deletion is complete, the status
of the domain is no longer returned.
'
returned: always
type: bool
domain_endpoint_options:
contains:
custom_endpoint:
description:
- The fully qualified domain for your custom endpoint.
type: str
custom_endpoint_certificate_arn:
description:
- The ACM certificate ARN for your custom endpoint.
type: str
custom_endpoint_enabled:
description:
- Whether to enable a custom endpoint for the domain.
type: bool
enforce_https:
description:
- Whether only HTTPS endpoint should be enabled for the domain.
type: bool
tls_security_policy:
description:
- Specify the TLS security policy to apply to the HTTPS endpoint of
the domain.
type: str
description:
- Options to specify configuration that will be applied to the domain endpoint.
type: complex
domain_id:
description: The unique identifier for the OpenSearch domain.
returned: always
type: str
domain_name:
description: The name of the OpenSearch domain.
returned: always
type: str
ebs_options:
contains:
ebs_enabled:
description:
- Specifies whether EBS-based storage is enabled.
type: bool
iops:
description:
- The IOPD for a Provisioned IOPS EBS volume (SSD).
type: int
volume_size:
description:
- Integer to specify the size of an EBS volume.
type: int
volume_type:
description:
- Specifies the volume type for EBS-based storage. "standard"|"gp2"|"io1"
type: str
description:
- Parameters to configure EBS-based storage for an OpenSearch Service domain.
type: complex
encryption_at_rest_options:
contains:
enabled:
description:
- Should data be encrypted while at rest.
type: bool
kms_key_id:
description:
- If encryption at rest enabled, this identifies the encryption key
to use.
- The value should be a KMS key ARN. It can also be the KMS key id.
type: str
description:
- Parameters to enable encryption at rest.
type: complex
endpoint:
description: The domain endpoint that you use to submit index and search
requests.
returned: always
type: str
endpoints:
description:
- 'Map containing the domain endpoints used to submit index and search requests.
'
- 'When you create a domain attached to a VPC domain, this propery contains
the DNS endpoint to which service requests are submitted.
'
- 'If you query the opensearch_info immediately after creating the OpenSearch
cluster, the VPC endpoint may not be returned. It may take several minutes
until the endpoints is available.
'
type: dict
engine_version:
description: The version of the OpenSearch domain.
returned: always
sample: OpenSearch_1.1
type: str
node_to_node_encryption_options:
contains:
enabled:
description:
- True to enable node-to-node encryption.
type: bool
description:
- Node-to-node encryption options.
type: complex
processing:
description:
- 'The status of the domain configuration. True if Amazon OpenSearch Service
is processing configuration changes. False if the configuration is active.
'
returned: always
type: bool
snapshot_options:
contains:
automated_snapshot_start_hour:
description:
- 'Integer value from 0 to 23 specifying when the service takes a daily
automated snapshot of the specified Elasticsearch domain.
'
type: int
description:
- Option to set time, in UTC format, of the daily automated snapshot.
type: complex
upgrade_processing:
description: true if a domain upgrade operation is in progress.
returned: always
type: bool
vpc_options:
contains:
availability_zones:
description:
- The Availability Zones for the domain..
elements: str
type: list
security_group_ids:
description:
- Specifies the security group ids for VPC endpoint.
elements: str
type: list
subnet_ids:
description:
- Specifies the subnet ids for VPC endpoint.
elements: str
type: list
vpc_id:
description: The VPC ID for the domain.
type: str
description:
- Options to specify the subnets and security groups for a VPC endpoint.
type: complex
description: The current status of the OpenSearch domain.
returned: always
type: complex
description: List of OpenSearch domain instances
returned: always
type: complex