Docs Home Pulumi IaC Pulumi ESC Pulumi Insights Pulumi Cloud Packages Tutorials
  1. Packages
  2. AWS Cloud Control
  3. API Docs
  4. opensearchserverless
  5. SecurityPolicy

We recommend new projects start with resources from the AWS provider.

AWS Cloud Control v1.26.0 published on Wednesday, Mar 12, 2025 by Pulumi
pulumi/pulumi-aws-native

aws-native.opensearchserverless.SecurityPolicy

Explore with Pulumi AI

We recommend new projects start with resources from the AWS provider.

AWS Cloud Control v1.26.0 published on Wednesday, Mar 12, 2025 by Pulumi
pulumi/pulumi-aws-native

Amazon OpenSearchServerless security policy resource

Example Usage

Example

using System.Collections.Generic;
using System.Linq;
using Pulumi;
using AwsNative = Pulumi.AwsNative;

return await Deployment.RunAsync(() => 
{
    var testSecurityPolicy = new AwsNative.OpenSearchServerless.SecurityPolicy("testSecurityPolicy", new()
    {
        Name = "logs-encryption-policy",
        Type = AwsNative.OpenSearchServerless.SecurityPolicyType.Encryption,
        Description = "Encryption policy for test collections",
        Policy = "{\"Rules\":[{\"ResourceType\":\"collection\",\"Resource\":[\"collection/logs*\"]}],\"AWSOwnedKey\":true}",
    });

});
Copy
package main

import (
	"github.com/pulumi/pulumi-aws-native/sdk/go/aws/opensearchserverless"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := opensearchserverless.NewSecurityPolicy(ctx, "testSecurityPolicy", &opensearchserverless.SecurityPolicyArgs{
			Name:        pulumi.String("logs-encryption-policy"),
			Type:        opensearchserverless.SecurityPolicyTypeEncryption,
			Description: pulumi.String("Encryption policy for test collections"),
			Policy:      pulumi.String("{\"Rules\":[{\"ResourceType\":\"collection\",\"Resource\":[\"collection/logs*\"]}],\"AWSOwnedKey\":true}"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}
Copy

Coming soon!

import * as pulumi from "@pulumi/pulumi";
import * as aws_native from "@pulumi/aws-native";

const testSecurityPolicy = new aws_native.opensearchserverless.SecurityPolicy("testSecurityPolicy", {
    name: "logs-encryption-policy",
    type: aws_native.opensearchserverless.SecurityPolicyType.Encryption,
    description: "Encryption policy for test collections",
    policy: "{\"Rules\":[{\"ResourceType\":\"collection\",\"Resource\":[\"collection/logs*\"]}],\"AWSOwnedKey\":true}",
});
Copy
import pulumi
import pulumi_aws_native as aws_native

test_security_policy = aws_native.opensearchserverless.SecurityPolicy("testSecurityPolicy",
    name="logs-encryption-policy",
    type=aws_native.opensearchserverless.SecurityPolicyType.ENCRYPTION,
    description="Encryption policy for test collections",
    policy="{\"Rules\":[{\"ResourceType\":\"collection\",\"Resource\":[\"collection/logs*\"]}],\"AWSOwnedKey\":true}")
Copy

Coming soon!

Example

using System.Collections.Generic;
using System.Linq;
using Pulumi;
using AwsNative = Pulumi.AwsNative;

return await Deployment.RunAsync(() => 
{
    var testSecurityPolicy = new AwsNative.OpenSearchServerless.SecurityPolicy("testSecurityPolicy", new()
    {
        Name = "logs-encryption-policy",
        Type = AwsNative.OpenSearchServerless.SecurityPolicyType.Encryption,
        Description = "Encryption policy for test collections",
        Policy = "{\"Rules\":[{\"ResourceType\":\"collection\",\"Resource\":[\"collection/logs*\"]}],\"AWSOwnedKey\":true}",
    });

});
Copy
package main

import (
	"github.com/pulumi/pulumi-aws-native/sdk/go/aws/opensearchserverless"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := opensearchserverless.NewSecurityPolicy(ctx, "testSecurityPolicy", &opensearchserverless.SecurityPolicyArgs{
			Name:        pulumi.String("logs-encryption-policy"),
			Type:        opensearchserverless.SecurityPolicyTypeEncryption,
			Description: pulumi.String("Encryption policy for test collections"),
			Policy:      pulumi.String("{\"Rules\":[{\"ResourceType\":\"collection\",\"Resource\":[\"collection/logs*\"]}],\"AWSOwnedKey\":true}"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}
Copy

Coming soon!

import * as pulumi from "@pulumi/pulumi";
import * as aws_native from "@pulumi/aws-native";

const testSecurityPolicy = new aws_native.opensearchserverless.SecurityPolicy("testSecurityPolicy", {
    name: "logs-encryption-policy",
    type: aws_native.opensearchserverless.SecurityPolicyType.Encryption,
    description: "Encryption policy for test collections",
    policy: "{\"Rules\":[{\"ResourceType\":\"collection\",\"Resource\":[\"collection/logs*\"]}],\"AWSOwnedKey\":true}",
});
Copy
import pulumi
import pulumi_aws_native as aws_native

test_security_policy = aws_native.opensearchserverless.SecurityPolicy("testSecurityPolicy",
    name="logs-encryption-policy",
    type=aws_native.opensearchserverless.SecurityPolicyType.ENCRYPTION,
    description="Encryption policy for test collections",
    policy="{\"Rules\":[{\"ResourceType\":\"collection\",\"Resource\":[\"collection/logs*\"]}],\"AWSOwnedKey\":true}")
Copy

Coming soon!

Example

using System.Collections.Generic;
using System.Linq;
using Pulumi;
using AwsNative = Pulumi.AwsNative;

return await Deployment.RunAsync(() => 
{
    var securityPolicy = new AwsNative.OpenSearchServerless.SecurityPolicy("securityPolicy", new()
    {
        Name = "logs-network-policy",
        Type = AwsNative.OpenSearchServerless.SecurityPolicyType.Network,
        Description = "Network policy for test collections",
        Policy = "[{\"Rules\":[{\"ResourceType\":\"collection\",\"Resource\":[\"collection/logs*\"]}, {\"ResourceType\":\"dashboard\",\"Resource\":[\"collection/logs*\"]}],\"AllowFromPublic\":true}]",
    });

});
Copy
package main

import (
	"github.com/pulumi/pulumi-aws-native/sdk/go/aws/opensearchserverless"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := opensearchserverless.NewSecurityPolicy(ctx, "securityPolicy", &opensearchserverless.SecurityPolicyArgs{
			Name:        pulumi.String("logs-network-policy"),
			Type:        opensearchserverless.SecurityPolicyTypeNetwork,
			Description: pulumi.String("Network policy for test collections"),
			Policy:      pulumi.String("[{\"Rules\":[{\"ResourceType\":\"collection\",\"Resource\":[\"collection/logs*\"]}, {\"ResourceType\":\"dashboard\",\"Resource\":[\"collection/logs*\"]}],\"AllowFromPublic\":true}]"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}
Copy

Coming soon!

import * as pulumi from "@pulumi/pulumi";
import * as aws_native from "@pulumi/aws-native";

const securityPolicy = new aws_native.opensearchserverless.SecurityPolicy("securityPolicy", {
    name: "logs-network-policy",
    type: aws_native.opensearchserverless.SecurityPolicyType.Network,
    description: "Network policy for test collections",
    policy: "[{\"Rules\":[{\"ResourceType\":\"collection\",\"Resource\":[\"collection/logs*\"]}, {\"ResourceType\":\"dashboard\",\"Resource\":[\"collection/logs*\"]}],\"AllowFromPublic\":true}]",
});
Copy
import pulumi
import pulumi_aws_native as aws_native

security_policy = aws_native.opensearchserverless.SecurityPolicy("securityPolicy",
    name="logs-network-policy",
    type=aws_native.opensearchserverless.SecurityPolicyType.NETWORK,
    description="Network policy for test collections",
    policy="[{\"Rules\":[{\"ResourceType\":\"collection\",\"Resource\":[\"collection/logs*\"]}, {\"ResourceType\":\"dashboard\",\"Resource\":[\"collection/logs*\"]}],\"AllowFromPublic\":true}]")
Copy

Coming soon!

Example

using System.Collections.Generic;
using System.Linq;
using Pulumi;
using AwsNative = Pulumi.AwsNative;

return await Deployment.RunAsync(() => 
{
    var securityPolicy = new AwsNative.OpenSearchServerless.SecurityPolicy("securityPolicy", new()
    {
        Name = "logs-network-policy",
        Type = AwsNative.OpenSearchServerless.SecurityPolicyType.Network,
        Description = "Network policy for test collections",
        Policy = "[{\"Rules\":[{\"ResourceType\":\"collection\",\"Resource\":[\"collection/logs*\"]}, {\"ResourceType\":\"dashboard\",\"Resource\":[\"collection/logs*\"]}],\"AllowFromPublic\":true}]",
    });

});
Copy
package main

import (
	"github.com/pulumi/pulumi-aws-native/sdk/go/aws/opensearchserverless"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := opensearchserverless.NewSecurityPolicy(ctx, "securityPolicy", &opensearchserverless.SecurityPolicyArgs{
			Name:        pulumi.String("logs-network-policy"),
			Type:        opensearchserverless.SecurityPolicyTypeNetwork,
			Description: pulumi.String("Network policy for test collections"),
			Policy:      pulumi.String("[{\"Rules\":[{\"ResourceType\":\"collection\",\"Resource\":[\"collection/logs*\"]}, {\"ResourceType\":\"dashboard\",\"Resource\":[\"collection/logs*\"]}],\"AllowFromPublic\":true}]"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}
Copy

Coming soon!

import * as pulumi from "@pulumi/pulumi";
import * as aws_native from "@pulumi/aws-native";

const securityPolicy = new aws_native.opensearchserverless.SecurityPolicy("securityPolicy", {
    name: "logs-network-policy",
    type: aws_native.opensearchserverless.SecurityPolicyType.Network,
    description: "Network policy for test collections",
    policy: "[{\"Rules\":[{\"ResourceType\":\"collection\",\"Resource\":[\"collection/logs*\"]}, {\"ResourceType\":\"dashboard\",\"Resource\":[\"collection/logs*\"]}],\"AllowFromPublic\":true}]",
});
Copy
import pulumi
import pulumi_aws_native as aws_native

security_policy = aws_native.opensearchserverless.SecurityPolicy("securityPolicy",
    name="logs-network-policy",
    type=aws_native.opensearchserverless.SecurityPolicyType.NETWORK,
    description="Network policy for test collections",
    policy="[{\"Rules\":[{\"ResourceType\":\"collection\",\"Resource\":[\"collection/logs*\"]}, {\"ResourceType\":\"dashboard\",\"Resource\":[\"collection/logs*\"]}],\"AllowFromPublic\":true}]")
Copy

Coming soon!

Create SecurityPolicy Resource

Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

Constructor syntax

new SecurityPolicy(name: string, args: SecurityPolicyArgs, opts?: CustomResourceOptions);
@overload
def SecurityPolicy(resource_name: str,
                   args: SecurityPolicyArgs,
                   opts: Optional[ResourceOptions] = None)

@overload
def SecurityPolicy(resource_name: str,
                   opts: Optional[ResourceOptions] = None,
                   policy: Optional[str] = None,
                   type: Optional[SecurityPolicyType] = None,
                   description: Optional[str] = None,
                   name: Optional[str] = None)
func NewSecurityPolicy(ctx *Context, name string, args SecurityPolicyArgs, opts ...ResourceOption) (*SecurityPolicy, error)
public SecurityPolicy(string name, SecurityPolicyArgs args, CustomResourceOptions? opts = null)
public SecurityPolicy(String name, SecurityPolicyArgs args)
public SecurityPolicy(String name, SecurityPolicyArgs args, CustomResourceOptions options)

type: aws-native:opensearchserverless:SecurityPolicy
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

Parameters

name This property is required. string
The unique name of the resource.
args This property is required. SecurityPolicyArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.
resource_name This property is required. str
The unique name of the resource.
args This property is required. SecurityPolicyArgs
The arguments to resource properties.
opts ResourceOptions
Bag of options to control resource's behavior.
ctx Context
Context object for the current deployment.
name This property is required. string
The unique name of the resource.
args This property is required. SecurityPolicyArgs
The arguments to resource properties.
opts ResourceOption
Bag of options to control resource's behavior.
name This property is required. string
The unique name of the resource.
args This property is required. SecurityPolicyArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.
name This property is required. String
The unique name of the resource.
args This property is required. SecurityPolicyArgs
The arguments to resource properties.
options CustomResourceOptions
Bag of options to control resource's behavior.

SecurityPolicy Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.

The SecurityPolicy resource accepts the following input properties:

Policy This property is required. string
The JSON policy document that is the content for the policy
Type This property is required. Pulumi.AwsNative.OpenSearchServerless.SecurityPolicyType
The type of security policy. Can be either encryption or network .
Description string
The description of the policy
Name string
The name of the policy
Policy This property is required. string
The JSON policy document that is the content for the policy
Type This property is required. SecurityPolicyType
The type of security policy. Can be either encryption or network .
Description string
The description of the policy
Name string
The name of the policy
policy This property is required. String
The JSON policy document that is the content for the policy
type This property is required. SecurityPolicyType
The type of security policy. Can be either encryption or network .
description String
The description of the policy
name String
The name of the policy
policy This property is required. string
The JSON policy document that is the content for the policy
type This property is required. SecurityPolicyType
The type of security policy. Can be either encryption or network .
description string
The description of the policy
name string
The name of the policy
policy This property is required. str
The JSON policy document that is the content for the policy
type This property is required. SecurityPolicyType
The type of security policy. Can be either encryption or network .
description str
The description of the policy
name str
The name of the policy
policy This property is required. String
The JSON policy document that is the content for the policy
type This property is required. "encryption" | "network"
The type of security policy. Can be either encryption or network .
description String
The description of the policy
name String
The name of the policy

Outputs

All input properties are implicitly available as output properties. Additionally, the SecurityPolicy resource produces the following output properties:

Id string
The provider-assigned unique ID for this managed resource.
Id string
The provider-assigned unique ID for this managed resource.
id String
The provider-assigned unique ID for this managed resource.
id string
The provider-assigned unique ID for this managed resource.
id str
The provider-assigned unique ID for this managed resource.
id String
The provider-assigned unique ID for this managed resource.

Supporting Types

SecurityPolicyType
, SecurityPolicyTypeArgs

Encryption
encryption
Network
network
SecurityPolicyTypeEncryption
encryption
SecurityPolicyTypeNetwork
network
Encryption
encryption
Network
network
Encryption
encryption
Network
network
ENCRYPTION
encryption
NETWORK
network
"encryption"
encryption
"network"
network

Package Details

Repository
AWS Native pulumi/pulumi-aws-native
License
Apache-2.0

We recommend new projects start with resources from the AWS provider.

AWS Cloud Control v1.26.0 published on Wednesday, Mar 12, 2025 by Pulumi
pulumi/pulumi-aws-native