AWS CloudFormation
User Guide (API 版本 2010-05-15)
AWS 文档中描述的 AWS 服务或功能可能因区域而异。要查看适用于中国区域的差异,请参阅 Amazon AWS 入门

AWS::Elasticsearch::Domain

AWS::Elasticsearch::Domain 资源可创建封装 Amazon ES 引擎实例的 Amazon Elasticsearch Service (Amazon ES) 域。有关更多信息,请参阅 Amazon Elasticsearch Service 开发人员指南 中的 CreateElasticsearchDomain

语法

要在 AWS CloudFormation 模板中声明此实体,请使用以下语法:

JSON

{ "Type" : "AWS::Elasticsearch::Domain", "Properties" : { "AccessPolicies" : JSON object, "AdvancedOptions" : { String:String, ... }, "DomainName" : String, "EBSOptions" : EBSOptions, "ElasticsearchClusterConfig" : ElasticsearchClusterConfig, "ElasticsearchVersion" : String, "SnapshotOptions" : SnapshotOptions, "Tags" : [ Resource Tag, ... ], "VPCOptions" : VPCOptions } }

YAML

Type: "AWS::Elasticsearch::Domain" Properties: AccessPolicies: JSON object AdvancedOptions: String: String DomainName: String EBSOptions: EBSOptions ElasticsearchClusterConfig: ElasticsearchClusterConfig ElasticsearchVersion: String SnapshotOptions: SnapshotOptions Tags: - Resource Tag VPCOptions: VPCOptions

属性

AccessPolicies

指定谁能访问 Amazon ES 域及其权限的 AWS Identity and Access Management (IAM) 策略文档。有关更多信息,请参阅 Amazon Elasticsearch Service 开发人员指南 中的配置访问策略

Required: No

Type: JSON object

更新要求无需中断

AdvancedOptions

要为 Amazon ES 域指定的其他选项。有关更多信息,请参阅 Amazon Elasticsearch Service 开发人员指南 中的配置高级选项

Required: No

Type: 一个包含字符串键/值对的 JSON 对象,例如:

{ "rest.action.multi.allow_explicit_index": "true" }

更新要求替换

DomainName

Amazon ES 域的名称。有关有效值的信息,请参阅 Amazon Elasticsearch Service 开发人员指南 中的 DomainName 数据类型。

如果不指定名称,则 AWS CloudFormation 生成一个唯一物理 ID 并将该 ID 用作域名称。有关更多信息,请参阅 名称类型

重要

如果指定一个名称,您将无法执行需要替换此资源的更新。您可以执行不需要或者只需要部分中断的更新。如果必须替换资源,请指定新名称。

Required: No

Type: String

更新要求替换

EBSOptions

附加到 Amazon ES 域中数据节点的 Amazon Elastic Block Store (Amazon EBS) 卷的配置。有关更多信息,请参阅 Amazon Elasticsearch Service 开发人员指南 中的配置基于 EBS 的存储

Required: No

Type: Amazon ES Domain EBSOptions

更新要求无需中断

ElasticsearchClusterConfig

Amazon ES 域的群集配置。您可以指定实例类型和实例数量等选项。有关更多信息,请参阅 Amazon Elasticsearch Service 开发人员指南 中的配置 Amazon ES 域

Required: No

Type: Amazon ES Domain ElasticsearchClusterConfig

更新要求无需中断

ElasticsearchVersion

要使用的 Elasticsearch 版本,例如 2.3。有关 Amazon ES 支持的版本的信息,请参阅 Amazon Elasticsearch Service 开发人员指南 中的 CreateElasticsearchDomain 操作的 Elasticsearch-Version 参数。

Required: No

Type: String

更新要求替换

SnapshotOptions

Amazon ES 域索引的自动快照配置。

Required: No

Type: Amazon ES Domain SnapshotOptions

更新要求无需中断

Tags

要与 Amazon ES 域关联的任意标签组(键/值对)。

Required: No

Type: AWS CloudFormation 资源标签

更新要求无需中断

VPCOptions

Amazon ES 域的 Virtual Private Cloud (VPC) 配置。有关更多信息,请参阅 Amazon Elasticsearch Service 开发人员指南 中的 Amazon Elasticsearch Service 域的 VPC 支持

必需:否

类型Amazon ES 域 VPCOptions

更新要求无需中断

返回值

Ref

当向 Ref 内部函数提供此资源的逻辑 ID 时,Ref 将返回此资源名称,如 mystack-elasticsea-abc1d2efg3h4

有关使用 Ref 功能的更多信息,请参阅参考

Fn::GetAtt

Fn::GetAtt 返回一个此类型指定属性的值。以下为可用属性和示例返回值。

DomainArn

域的 Amazon 资源名称 (ARN),如 arn:aws:es:us-west-2:123456789012:domain/mystack-elasti-1ab2cdefghij

DomainEndpoint

用于向 Amazon ES 域提交索引、搜索和数据上传请求的特定于域的终端节点,例如 search-mystack-elasti-1ab2cdefghij-ab1c2deckoyb3hofw7wpqa3cm.us-west-2.es.amazonaws.com

有关使用 Fn::GetAtt 的更多信息,请参见 Fn::GetAtt

示例

下面的示例创建包含两个数据节点和三个主节点的 Amazon ES 域。每天晚上 12 点到凌晨 1 点 (UTC) 之间创建索引的自动快照。此访问策略允许 IAM 用户 es-user 对域执行所有 Amazon ES 操作,如 es:UpdateElasticsearchDomainConfig

JSON

"ElasticsearchDomain": { "Type": "AWS::Elasticsearch::Domain", "Properties": { "DomainName": "test", "ElasticsearchClusterConfig": { "DedicatedMasterEnabled": "true", "InstanceCount": "2", "ZoneAwarenessEnabled": "true", "InstanceType": "m3.medium.elasticsearch", "DedicatedMasterType": "m3.medium.elasticsearch", "DedicatedMasterCount": "3" }, "EBSOptions": { "EBSEnabled": true, "Iops": 0, "VolumeSize": 20, "VolumeType": "gp2" }, "SnapshotOptions": { "AutomatedSnapshotStartHour": "0" }, "AccessPolicies": { "Version": "2012-10-17", "Statement": [{ "Effect": "Allow", "Principal": { "AWS": "arn:aws:iam::123456789012:user/es-user" }, "Action": "es:*", "Resource": "arn:aws:es:us-east-1:123456789012:domain/test/*" }] }, "AdvancedOptions": { "rest.action.multi.allow_explicit_index": "true" } } }

YAML

ElasticsearchDomain: Type: "AWS::Elasticsearch::Domain" Properties: DomainName: "test" ElasticsearchClusterConfig: DedicatedMasterEnabled: "true" InstanceCount: "2" ZoneAwarenessEnabled: "true" InstanceType: "m3.medium.elasticsearch" DedicatedMasterType: "m3.medium.elasticsearch" DedicatedMasterCount: "3" EBSOptions: EBSEnabled: true Iops: 0 VolumeSize: 20 VolumeType: "gp2" SnapshotOptions: AutomatedSnapshotStartHour: "0" AccessPolicies: Version: "2012-10-17" Statement: - Effect: "Allow" Principal: AWS: "arn:aws:iam::123456789012:user/es-user" Action: "es:*" Resource: "arn:aws:es:us-east-1:846973539254:domain/test/*" AdvancedOptions: rest.action.multi.allow_explicit_index: "true"

以下示例使用 VPC 选项创建一个域。

JSON

{ "AWSTemplateFormatVersion": "2010-09-09", "Description": "ElasticsearchDomain resource", "Parameters": { "DomainName" : { "Description" : "User defined Elasticsearch Domain name", "Type" : "String" }, "ElasticsearchVersion" : { "Description" : "User defined Elasticsearch Version", "Type" : "String" }, "InstanceType" : { "Type" : "String" }, "AvailabilityZone" : { "Type" : "String" }, "CidrBlock" : { "Type" : "String" }, "GroupDescription" : { "Type" : "String" }, "SGName" : { "Type" : "String" } }, "Resources": { "ElasticsearchDomain": { "Type": "AWS::Elasticsearch::Domain", "Properties": { "DomainName": { "Ref": "DomainName" }, "ElasticsearchVersion": { "Ref": "ElasticsearchVersion" }, "ElasticsearchClusterConfig": { "InstanceCount": "1", "InstanceType": { "Ref": "InstanceType" } }, "EBSOptions": { "EBSEnabled" : "true", "Iops" : 0, "VolumeSize" : 10, "VolumeType" : "standard" }, "SnapshotOptions": { "AutomatedSnapshotStartHour": "0" }, "AccessPolicies": { "Version": "2012-10-17", "Statement": [{ "Effect": "Deny", "Principal": { "AWS": "*" }, "Action": "es:*", "Resource": "*" }] }, "AdvancedOptions": { "rest.action.multi.allow_explicit_index": "true" }, "Tags": [{ "Key": "foo", "Value": "bar" }], "VPCOptions" : { "SubnetIds" : [ {"Ref" : "subnet"} ], "SecurityGroupIds" : [ {"Ref" : "mySecurityGroup"} ] } } }, "vpc" : { "Type" : "AWS::EC2::VPC", "Properties" : { "CidrBlock" : "10.0.0.0/16" } }, "subnet" : { "Type" : "AWS::EC2::Subnet", "Properties" : { "VpcId" : {"Ref": "vpc"}, "CidrBlock" : {"Ref" : "CidrBlock"}, "AvailabilityZone" : {"Ref" : "AvailabilityZone"} } }, "mySecurityGroup": { "Type": "AWS::EC2::SecurityGroup", "Properties": { "GroupDescription": {"Ref" : "GroupDescription"}, "VpcId" : {"Ref" : "vpc"}, "GroupName": {"Ref" : "SGName"}, "SecurityGroupIngress": [ { "FromPort": "443", "IpProtocol": "tcp", "ToPort": "443", "CidrIp": "0.0.0.0/0" } ] } } }, "Outputs": { "DomainArn": { "Value": { "Fn::GetAtt": ["ElasticsearchDomain", "DomainArn"] } }, "DomainEndpoint": { "Value": { "Fn::GetAtt": ["ElasticsearchDomain", "DomainEndpoint"] } }, "SecurityGroupId": { "Value": { "Ref": "mySecurityGroup" } }, "SubnetId": { "Value": { "Ref": "subnet" } } } }

YAML

AWSTemplateFormatVersion: 2010-09-09 Description: ElasticsearchDomain resource Parameters: DomainName: Description: User defined Elasticsearch Domain name Type: String ElasticsearchVersion: Description: User defined Elasticsearch Version Type: String InstanceType: Type: String AvailabilityZone: Type: String CidrBlock: Type: String GroupDescription: Type: String SGName: Type: String Resources: ElasticsearchDomain: Type: 'AWS::Elasticsearch::Domain' Properties: DomainName: !Ref DomainName ElasticsearchVersion: !Ref ElasticsearchVersion ElasticsearchClusterConfig: InstanceCount: '1' InstanceType: !Ref InstanceType EBSOptions: EBSEnabled: 'true' Iops: 0 VolumeSize: 10 VolumeType: standard SnapshotOptions: AutomatedSnapshotStartHour: '0' AccessPolicies: Version: 2012-10-17 Statement: - Effect: Deny Principal: AWS: '*' Action: 'es:*' Resource: '*' AdvancedOptions: rest.action.multi.allow_explicit_index: 'true' Tags: - Key: foo Value: bar VPCOptions: SubnetIds: - !Ref subnet SecurityGroupIds: - !Ref mySecurityGroup vpc: Type: 'AWS::EC2::VPC' Properties: CidrBlock: 10.0.0.0/16 subnet: Type: 'AWS::EC2::Subnet' Properties: VpcId: !Ref vpc CidrBlock: !Ref CidrBlock AvailabilityZone: !Ref AvailabilityZone mySecurityGroup: Type: 'AWS::EC2::SecurityGroup' Properties: GroupDescription: !Ref GroupDescription VpcId: !Ref vpc GroupName: !Ref SGName SecurityGroupIngress: - FromPort: '443' IpProtocol: tcp ToPort: '443' CidrIp: 0.0.0.0/0 Outputs: DomainArn: Value: !GetAtt ElasticsearchDomain.DomainArn DomainEndpoint: Value: !GetAtt ElasticsearchDomain.DomainEndpoint SecurityGroupId: Value: !Ref mySecurityGroup SubnetId: Value: !Ref subnet

本页内容: