access_policies
Creates, updates, deletes or gets an access_policy resource or lists access_policies in a region
Overview
| Name | access_policies |
| Type | Resource |
| Description | Amazon OpenSearchServerless access policy resource |
| Id | awscc.opensearchserverless.access_policies |
Fields
- get (all properties)
- list (identifiers only)
| Name | Datatype | Description |
|---|---|---|
name | string | The name of the policy |
type | string | The possible types for the access policy |
description | string | The description of the policy |
policy | string | The JSON policy document that is the content for the policy |
region | string | AWS region. |
| Name | Datatype | Description |
|---|---|---|
name | string | The name of the policy |
type | string | The possible types for the access policy |
region | string | AWS region. |
For more information, see AWS::OpenSearchServerless::AccessPolicy.
Methods
| Name | Resource | Accessible by | Required Params |
|---|---|---|---|
create_resource | access_policies | INSERT | Type, Name, Policy, region |
delete_resource | access_policies | DELETE | Identifier, region |
update_resource | access_policies | UPDATE | Identifier, PatchDocument, region |
list_resources | access_policies_list_only | SELECT | region |
get_resource | access_policies | SELECT | Identifier, region |
SELECT examples
- get (all properties)
- list (identifiers only)
Gets all properties from an individual access_policy.
SELECT
region,
name,
type,
description,
policy
FROM awscc.opensearchserverless.access_policies
WHERE
region = 'us-east-1' AND
Identifier = '{{ type }}|{{ name }}';
Lists all access_policies in a region.
SELECT
region,
type,
name
FROM awscc.opensearchserverless.access_policies_list_only
WHERE
region = 'us-east-1';
INSERT example
Use the following StackQL query and manifest file to create a new access_policy resource, using stack-deploy.
- Required Properties
- All Properties
- Manifest
/*+ create */
INSERT INTO awscc.opensearchserverless.access_policies (
Name,
Type,
Policy,
region
)
SELECT
'{{ name }}',
'{{ type }}',
'{{ policy }}',
'{{ region }}';
/*+ create */
INSERT INTO awscc.opensearchserverless.access_policies (
Name,
Type,
Description,
Policy,
region
)
SELECT
'{{ name }}',
'{{ type }}',
'{{ description }}',
'{{ policy }}',
'{{ region }}';
version: 1
name: stack name
description: stack description
providers:
- aws
globals:
- name: region
value: '{{ vars.AWS_REGION }}'
resources:
- name: access_policy
props:
- name: name
value: '{{ name }}'
- name: type
value: '{{ type }}'
- name: description
value: '{{ description }}'
- name: policy
value: '{{ policy }}'
UPDATE example
Use the following StackQL query and manifest file to update a access_policy resource, using stack-deploy.
/*+ update */
UPDATE awscc.opensearchserverless.access_policies
SET PatchDocument = string('{{ {
"Description": description,
"Policy": policy
} | generate_patch_document }}')
WHERE
region = '{{ region }}' AND
Identifier = '{{ type }}|{{ name }}';
DELETE example
/*+ delete */
DELETE FROM awscc.opensearchserverless.access_policies
WHERE
Identifier = '{{ type }}|{{ name }}' AND
region = 'us-east-1';
Permissions
To operate on the access_policies resource, the following permissions are required:
- Create
- Read
- Update
- Delete
- List
aoss:CreateAccessPolicy,
aoss:GetAccessPolicy
aoss:GetAccessPolicy
aoss:UpdateAccessPolicy,
aoss:GetAccessPolicy
aoss:DeleteAccessPolicy,
aoss:GetAccessPolicy
aoss:ListAccessPolicies