2023/06/21 - AmazonMQ - 1 new7 updated api methods
Changes The Cross Region Disaster Recovery feature allows to replicate a brokers state from one region to another in order to provide customers with multi-region resiliency in the event of a regional outage.
Promotes a data replication replica broker to the primary broker role.
See also: AWS API Documentation
Request Syntax
client.promote(
BrokerId='string',
Mode='SWITCHOVER'|'FAILOVER'
)
string
[REQUIRED]
The unique ID that Amazon MQ generates for the broker.
string
[REQUIRED]
The Promote mode requested. Note: Valid values for the parameter are SWITCHOVER, FAILOVER.
dict
Response Syntax
{
'BrokerId': 'string'
}
Response Structure
(dict) --
HTTP Status Code 200: OK.
BrokerId (string) --
The unique ID that Amazon MQ generates for the broker.
{'DataReplicationMode': 'NONE | CRDR',
'DataReplicationPrimaryBrokerArn': 'string',
'Users': {'ReplicationUser': 'boolean'}}
Creates a broker. Note: This API is asynchronous.
To create a broker, you must either use the AmazonMQFullAccess IAM policy or include the following EC2 permissions in your IAM policy.
ec2:CreateNetworkInterface This permission is required to allow Amazon MQ to create an elastic network interface (ENI) on behalf of your account.
ec2:CreateNetworkInterfacePermission This permission is required to attach the ENI to the broker instance.
ec2:DeleteNetworkInterface
ec2:DeleteNetworkInterfacePermission
ec2:DetachNetworkInterface
ec2:DescribeInternetGateways
ec2:DescribeNetworkInterfaces
ec2:DescribeNetworkInterfacePermissions
ec2:DescribeRouteTables
ec2:DescribeSecurityGroups
ec2:DescribeSubnets
ec2:DescribeVpcs
For more information, see Create an IAM User and Get Your Amazon Web Services Credentials and Never Modify or Delete the Amazon MQ Elastic Network Interface in the Amazon MQ Developer Guide.
See also: AWS API Documentation
Request Syntax
client.create_broker(
AuthenticationStrategy='SIMPLE'|'LDAP',
AutoMinorVersionUpgrade=True|False,
BrokerName='string',
Configuration={
'Id': 'string',
'Revision': 123
},
CreatorRequestId='string',
DeploymentMode='SINGLE_INSTANCE'|'ACTIVE_STANDBY_MULTI_AZ'|'CLUSTER_MULTI_AZ',
EncryptionOptions={
'KmsKeyId': 'string',
'UseAwsOwnedKey': True|False
},
EngineType='ACTIVEMQ'|'RABBITMQ',
EngineVersion='string',
HostInstanceType='string',
LdapServerMetadata={
'Hosts': [
'string',
],
'RoleBase': 'string',
'RoleName': 'string',
'RoleSearchMatching': 'string',
'RoleSearchSubtree': True|False,
'ServiceAccountPassword': 'string',
'ServiceAccountUsername': 'string',
'UserBase': 'string',
'UserRoleName': 'string',
'UserSearchMatching': 'string',
'UserSearchSubtree': True|False
},
Logs={
'Audit': True|False,
'General': True|False
},
MaintenanceWindowStartTime={
'DayOfWeek': 'MONDAY'|'TUESDAY'|'WEDNESDAY'|'THURSDAY'|'FRIDAY'|'SATURDAY'|'SUNDAY',
'TimeOfDay': 'string',
'TimeZone': 'string'
},
PubliclyAccessible=True|False,
SecurityGroups=[
'string',
],
StorageType='EBS'|'EFS',
SubnetIds=[
'string',
],
Tags={
'string': 'string'
},
Users=[
{
'ConsoleAccess': True|False,
'Groups': [
'string',
],
'Password': 'string',
'Username': 'string',
'ReplicationUser': True|False
},
],
DataReplicationMode='NONE'|'CRDR',
DataReplicationPrimaryBrokerArn='string'
)
string
Optional. The authentication strategy used to secure the broker. The default is SIMPLE.
boolean
[REQUIRED]
Enables automatic upgrades to new minor versions for brokers, as new versions are released and supported by Amazon MQ. Automatic upgrades occur during the scheduled maintenance window of the broker or after a manual broker reboot. Set to true by default, if no value is specified.
string
[REQUIRED]
Required. The broker's name. This value must be unique in your Amazon Web Services account, 1-50 characters long, must contain only letters, numbers, dashes, and underscores, and must not contain white spaces, brackets, wildcard characters, or special characters.
dict
A list of information about the configuration.
Id (string) -- [REQUIRED]
Required. The unique ID that Amazon MQ generates for the configuration.
Revision (integer) --
The revision number of the configuration.
string
The unique ID that the requester receives for the created broker. Amazon MQ passes your ID with the API action.
This field is autopopulated if not provided.
string
[REQUIRED]
Required. The broker's deployment mode.
dict
Encryption options for the broker.
KmsKeyId (string) --
The customer master key (CMK) to use for the A KMS (KMS). This key is used to encrypt your data at rest. If not provided, Amazon MQ will use a default CMK to encrypt your data.
UseAwsOwnedKey (boolean) -- [REQUIRED]
Enables the use of an Amazon Web Services owned CMK using KMS (KMS). Set to true by default, if no value is provided, for example, for RabbitMQ brokers.
string
[REQUIRED]
Required. The type of broker engine. Currently, Amazon MQ supports ACTIVEMQ and RABBITMQ.
string
[REQUIRED]
Required. The broker engine's version. For a list of supported engine versions, see Supported engines.
string
[REQUIRED]
Required. The broker's instance type.
dict
Optional. The metadata of the LDAP server used to authenticate and authorize connections to the broker. Does not apply to RabbitMQ brokers.
Hosts (list) -- [REQUIRED]
Specifies the location of the LDAP server such as Directory Service for Microsoft Active Directory. Optional failover server.
(string) --
RoleBase (string) -- [REQUIRED]
The distinguished name of the node in the directory information tree (DIT) to search for roles or groups. For example, ou=group, ou=corp, dc=corp, dc=example, dc=com.
RoleName (string) --
Specifies the LDAP attribute that identifies the group name attribute in the object returned from the group membership query.
RoleSearchMatching (string) -- [REQUIRED]
The LDAP search filter used to find roles within the roleBase. The distinguished name of the user matched by userSearchMatching is substituted into the {0} placeholder in the search filter. The client's username is substituted into the {1} placeholder. For example, if you set this option to (member=uid={1})for the user janedoe, the search filter becomes (member=uid=janedoe) after string substitution. It matches all role entries that have a member attribute equal to uid=janedoe under the subtree selected by the roleBase.
RoleSearchSubtree (boolean) --
The directory search scope for the role. If set to true, scope is to search the entire subtree.
ServiceAccountPassword (string) -- [REQUIRED]
Service account password. A service account is an account in your LDAP server that has access to initiate a connection. For example, cn=admin,dc=corp, dc=example, dc=com.
ServiceAccountUsername (string) -- [REQUIRED]
Service account username. A service account is an account in your LDAP server that has access to initiate a connection. For example, cn=admin,dc=corp, dc=example, dc=com.
UserBase (string) -- [REQUIRED]
Select a particular subtree of the directory information tree (DIT) to search for user entries. The subtree is specified by a DN, which specifies the base node of the subtree. For example, by setting this option to ou=Users,ou=corp, dc=corp, dc=example, dc=com, the search for user entries is restricted to the subtree beneath ou=Users, ou=corp, dc=corp, dc=example, dc=com.
UserRoleName (string) --
Specifies the name of the LDAP attribute for the user group membership.
UserSearchMatching (string) -- [REQUIRED]
The LDAP search filter used to find users within the userBase. The client's username is substituted into the {0} placeholder in the search filter. For example, if this option is set to (uid={0}) and the received username is janedoe, the search filter becomes (uid=janedoe) after string substitution. It will result in matching an entry like uid=janedoe, ou=Users,ou=corp, dc=corp, dc=example, dc=com.
UserSearchSubtree (boolean) --
The directory search scope for the user. If set to true, scope is to search the entire subtree.
dict
Enables Amazon CloudWatch logging for brokers.
Audit (boolean) --
Enables audit logging. Every user management action made using JMX or the ActiveMQ Web Console is logged. Does not apply to RabbitMQ brokers.
General (boolean) --
Enables general logging.
dict
The parameters that determine the WeeklyStartTime.
DayOfWeek (string) -- [REQUIRED]
Required. The day of the week.
TimeOfDay (string) -- [REQUIRED]
Required. The time, in 24-hour format.
TimeZone (string) --
The time zone, UTC by default, in either the Country/City format, or the UTC offset format.
boolean
[REQUIRED]
Enables connections from applications outside of the VPC that hosts the broker's subnets. Set to false by default, if no value is provided.
list
The list of rules (1 minimum, 125 maximum) that authorize connections to brokers.
(string) --
string
The broker's storage type.
list
The list of groups that define which subnets and IP ranges the broker can use from different Availability Zones. If you specify more than one subnet, the subnets must be in different Availability Zones. Amazon MQ will not be able to create VPC endpoints for your broker with multiple subnets in the same Availability Zone. A SINGLE_INSTANCE deployment requires one subnet (for example, the default subnet). An ACTIVE_STANDBY_MULTI_AZ Amazon MQ for ActiveMQ deployment requires two subnets. A CLUSTER_MULTI_AZ Amazon MQ for RabbitMQ deployment has no subnet requirements when deployed with public accessibility. Deployment without public accessibility requires at least one subnet.
(string) --
dict
Create tags when creating the broker.
(string) --
(string) --
list
[REQUIRED]
The list of broker users (persons or applications) who can access queues and topics. For Amazon MQ for RabbitMQ brokers, one and only one administrative user is accepted and created when a broker is first provisioned. All subsequent broker users are created by making RabbitMQ API calls directly to brokers or via the RabbitMQ web console.
(dict) --
A user associated with the broker. For Amazon MQ for RabbitMQ brokers, one and only one administrative user is accepted and created when a broker is first provisioned. All subsequent broker users are created by making RabbitMQ API calls directly to brokers or via the RabbitMQ web console.
ConsoleAccess (boolean) --
Enables access to the ActiveMQ Web Console for the ActiveMQ user. Does not apply to RabbitMQ brokers.
Groups (list) --
The list of groups (20 maximum) to which the ActiveMQ user belongs. This value can contain only alphanumeric characters, dashes, periods, underscores, and tildes (- . _ ~). This value must be 2-100 characters long. Does not apply to RabbitMQ brokers.
(string) --
Password (string) -- [REQUIRED]
Required. The password of the user. This value must be at least 12 characters long, must contain at least 4 unique characters, and must not contain commas, colons, or equal signs (,:=).
Username (string) -- [REQUIRED]
The username of the broker user. The following restrictions apply to broker usernames:
For Amazon MQ for ActiveMQ brokers, this value can contain only alphanumeric characters, dashes, periods, underscores, and tildes (- . _ ~). This value must be 2-100 characters long.
para>For Amazon MQ for RabbitMQ brokers, this value can contain only alphanumeric characters, dashes, periods, underscores (- . _). This value must not contain a tilde (~) character. Amazon MQ prohibts using guest as a valid usename. This value must be 2-100 characters long.
ReplicationUser (boolean) --
Defines if this user is intended for CRDR replication purposes.
string
Defines whether this broker is a part of a data replication pair.
string
The Amazon Resource Name (ARN) of the primary broker that is used to replicate data from in a data replication pair, and is applied to the replica broker. Must be set when dataReplicationMode is set to CRDR.
dict
Response Syntax
{
'BrokerArn': 'string',
'BrokerId': 'string'
}
Response Structure
(dict) --
HTTP Status Code 200: OK.
BrokerArn (string) --
The broker's Amazon Resource Name (ARN).
BrokerId (string) --
The unique ID that Amazon MQ generates for the broker.
{'ReplicationUser': 'boolean'}
Creates an ActiveMQ user.
See also: AWS API Documentation
Request Syntax
client.create_user(
BrokerId='string',
ConsoleAccess=True|False,
Groups=[
'string',
],
Password='string',
Username='string',
ReplicationUser=True|False
)
string
[REQUIRED]
The unique ID that Amazon MQ generates for the broker.
boolean
Enables access to the ActiveMQ Web Console for the ActiveMQ user.
list
The list of groups (20 maximum) to which the ActiveMQ user belongs. This value can contain only alphanumeric characters, dashes, periods, underscores, and tildes (- . _ ~). This value must be 2-100 characters long.
(string) --
string
[REQUIRED]
Required. The password of the user. This value must be at least 12 characters long, must contain at least 4 unique characters, and must not contain commas, colons, or equal signs (,:=).
string
[REQUIRED]
The username of the ActiveMQ user. This value can contain only alphanumeric characters, dashes, periods, underscores, and tildes (- . _ ~). This value must be 2-100 characters long.
boolean
Defines if this user is intended for CRDR replication purposes.
dict
Response Syntax
{}
Response Structure
(dict) --
HTTP Status Code 200: OK.
{'BrokerState': {'REPLICA'},
'DataReplicationMetadata': {'DataReplicationCounterpart': {'BrokerId': 'string',
'Region': 'string'},
'DataReplicationRole': 'string'},
'DataReplicationMode': 'NONE | CRDR',
'PendingDataReplicationMetadata': {'DataReplicationCounterpart': {'BrokerId': 'string',
'Region': 'string'},
'DataReplicationRole': 'string'},
'PendingDataReplicationMode': 'NONE | CRDR'}
Returns information about the specified broker.
See also: AWS API Documentation
Request Syntax
client.describe_broker(
BrokerId='string'
)
string
[REQUIRED]
The unique ID that Amazon MQ generates for the broker.
dict
Response Syntax
{
'ActionsRequired': [
{
'ActionRequiredCode': 'string',
'ActionRequiredInfo': 'string'
},
],
'AuthenticationStrategy': 'SIMPLE'|'LDAP',
'AutoMinorVersionUpgrade': True|False,
'BrokerArn': 'string',
'BrokerId': 'string',
'BrokerInstances': [
{
'ConsoleURL': 'string',
'Endpoints': [
'string',
],
'IpAddress': 'string'
},
],
'BrokerName': 'string',
'BrokerState': 'CREATION_IN_PROGRESS'|'CREATION_FAILED'|'DELETION_IN_PROGRESS'|'RUNNING'|'REBOOT_IN_PROGRESS'|'CRITICAL_ACTION_REQUIRED'|'REPLICA',
'Configurations': {
'Current': {
'Id': 'string',
'Revision': 123
},
'History': [
{
'Id': 'string',
'Revision': 123
},
],
'Pending': {
'Id': 'string',
'Revision': 123
}
},
'Created': datetime(2015, 1, 1),
'DeploymentMode': 'SINGLE_INSTANCE'|'ACTIVE_STANDBY_MULTI_AZ'|'CLUSTER_MULTI_AZ',
'EncryptionOptions': {
'KmsKeyId': 'string',
'UseAwsOwnedKey': True|False
},
'EngineType': 'ACTIVEMQ'|'RABBITMQ',
'EngineVersion': 'string',
'HostInstanceType': 'string',
'LdapServerMetadata': {
'Hosts': [
'string',
],
'RoleBase': 'string',
'RoleName': 'string',
'RoleSearchMatching': 'string',
'RoleSearchSubtree': True|False,
'ServiceAccountUsername': 'string',
'UserBase': 'string',
'UserRoleName': 'string',
'UserSearchMatching': 'string',
'UserSearchSubtree': True|False
},
'Logs': {
'Audit': True|False,
'AuditLogGroup': 'string',
'General': True|False,
'GeneralLogGroup': 'string',
'Pending': {
'Audit': True|False,
'General': True|False
}
},
'MaintenanceWindowStartTime': {
'DayOfWeek': 'MONDAY'|'TUESDAY'|'WEDNESDAY'|'THURSDAY'|'FRIDAY'|'SATURDAY'|'SUNDAY',
'TimeOfDay': 'string',
'TimeZone': 'string'
},
'PendingAuthenticationStrategy': 'SIMPLE'|'LDAP',
'PendingEngineVersion': 'string',
'PendingHostInstanceType': 'string',
'PendingLdapServerMetadata': {
'Hosts': [
'string',
],
'RoleBase': 'string',
'RoleName': 'string',
'RoleSearchMatching': 'string',
'RoleSearchSubtree': True|False,
'ServiceAccountUsername': 'string',
'UserBase': 'string',
'UserRoleName': 'string',
'UserSearchMatching': 'string',
'UserSearchSubtree': True|False
},
'PendingSecurityGroups': [
'string',
],
'PubliclyAccessible': True|False,
'SecurityGroups': [
'string',
],
'StorageType': 'EBS'|'EFS',
'SubnetIds': [
'string',
],
'Tags': {
'string': 'string'
},
'Users': [
{
'PendingChange': 'CREATE'|'UPDATE'|'DELETE',
'Username': 'string'
},
],
'DataReplicationMetadata': {
'DataReplicationCounterpart': {
'BrokerId': 'string',
'Region': 'string'
},
'DataReplicationRole': 'string'
},
'DataReplicationMode': 'NONE'|'CRDR',
'PendingDataReplicationMetadata': {
'DataReplicationCounterpart': {
'BrokerId': 'string',
'Region': 'string'
},
'DataReplicationRole': 'string'
},
'PendingDataReplicationMode': 'NONE'|'CRDR'
}
Response Structure
(dict) --
HTTP Status Code 200: OK.
ActionsRequired (list) --
Actions required for a broker.
(dict) --
Action required for a broker.
ActionRequiredCode (string) --
The code you can use to find instructions on the action required to resolve your broker issue.
ActionRequiredInfo (string) --
Information about the action required to resolve your broker issue.
AuthenticationStrategy (string) --
The authentication strategy used to secure the broker. The default is SIMPLE.
AutoMinorVersionUpgrade (boolean) --
Enables automatic upgrades to new minor versions for brokers, as new versions are released and supported by Amazon MQ. Automatic upgrades occur during the scheduled maintenance window of the broker or after a manual broker reboot.
BrokerArn (string) --
The broker's Amazon Resource Name (ARN).
BrokerId (string) --
The unique ID that Amazon MQ generates for the broker.
BrokerInstances (list) --
A list of information about allocated brokers.
(dict) --
Returns information about all brokers.
ConsoleURL (string) --
The brokers web console URL.
Endpoints (list) --
The broker's wire-level protocol endpoints.
(string) --
IpAddress (string) --
The IP address of the Elastic Network Interface (ENI) attached to the broker. Does not apply to RabbitMQ brokers.
BrokerName (string) --
The broker's name. This value must be unique in your Amazon Web Services account account, 1-50 characters long, must contain only letters, numbers, dashes, and underscores, and must not contain white spaces, brackets, wildcard characters, or special characters.
BrokerState (string) --
The broker's status.
Configurations (dict) --
The list of all revisions for the specified configuration.
Current (dict) --
The broker's current configuration.
Id (string) --
Required. The unique ID that Amazon MQ generates for the configuration.
Revision (integer) --
The revision number of the configuration.
History (list) --
The history of configurations applied to the broker.
(dict) --
A list of information about the configuration.
Id (string) --
Required. The unique ID that Amazon MQ generates for the configuration.
Revision (integer) --
The revision number of the configuration.
Pending (dict) --
The broker's pending configuration.
Id (string) --
Required. The unique ID that Amazon MQ generates for the configuration.
Revision (integer) --
The revision number of the configuration.
Created (datetime) --
The time when the broker was created.
DeploymentMode (string) --
The broker's deployment mode.
EncryptionOptions (dict) --
Encryption options for the broker.
KmsKeyId (string) --
The customer master key (CMK) to use for the A KMS (KMS). This key is used to encrypt your data at rest. If not provided, Amazon MQ will use a default CMK to encrypt your data.
UseAwsOwnedKey (boolean) --
Enables the use of an Amazon Web Services owned CMK using KMS (KMS). Set to true by default, if no value is provided, for example, for RabbitMQ brokers.
EngineType (string) --
The type of broker engine. Currently, Amazon MQ supports ACTIVEMQ and RABBITMQ.
EngineVersion (string) --
The broker engine's version. For a list of supported engine versions, see Supported engines.
HostInstanceType (string) --
The broker's instance type.
LdapServerMetadata (dict) --
The metadata of the LDAP server used to authenticate and authorize connections to the broker.
Hosts (list) --
Specifies the location of the LDAP server such as Directory Service for Microsoft Active Directory. Optional failover server.
(string) --
RoleBase (string) --
The distinguished name of the node in the directory information tree (DIT) to search for roles or groups. For example, ou=group, ou=corp, dc=corp, dc=example, dc=com.
RoleName (string) --
Specifies the LDAP attribute that identifies the group name attribute in the object returned from the group membership query.
RoleSearchMatching (string) --
The LDAP search filter used to find roles within the roleBase. The distinguished name of the user matched by userSearchMatching is substituted into the {0} placeholder in the search filter. The client's username is substituted into the {1} placeholder. For example, if you set this option to (member=uid={1})for the user janedoe, the search filter becomes (member=uid=janedoe) after string substitution. It matches all role entries that have a member attribute equal to uid=janedoe under the subtree selected by the roleBase.
RoleSearchSubtree (boolean) --
The directory search scope for the role. If set to true, scope is to search the entire subtree.
ServiceAccountUsername (string) --
Service account username. A service account is an account in your LDAP server that has access to initiate a connection. For example, cn=admin,dc=corp, dc=example, dc=com.
UserBase (string) --
Select a particular subtree of the directory information tree (DIT) to search for user entries. The subtree is specified by a DN, which specifies the base node of the subtree. For example, by setting this option to ou=Users,ou=corp, dc=corp, dc=example, dc=com, the search for user entries is restricted to the subtree beneath ou=Users, ou=corp, dc=corp, dc=example, dc=com.
UserRoleName (string) --
Specifies the name of the LDAP attribute for the user group membership.
UserSearchMatching (string) --
The LDAP search filter used to find users within the userBase. The client's username is substituted into the {0} placeholder in the search filter. For example, if this option is set to (uid={0}) and the received username is janedoe, the search filter becomes (uid=janedoe) after string substitution. It will result in matching an entry like uid=janedoe, ou=Users,ou=corp, dc=corp, dc=example, dc=com.
UserSearchSubtree (boolean) --
The directory search scope for the user. If set to true, scope is to search the entire subtree.
Logs (dict) --
The list of information about logs currently enabled and pending to be deployed for the specified broker.
Audit (boolean) --
Enables audit logging. Every user management action made using JMX or the ActiveMQ Web Console is logged.
AuditLogGroup (string) --
The location of the CloudWatch Logs log group where audit logs are sent.
General (boolean) --
Enables general logging.
GeneralLogGroup (string) --
The location of the CloudWatch Logs log group where general logs are sent.
Pending (dict) --
The list of information about logs pending to be deployed for the specified broker.
Audit (boolean) --
Enables audit logging. Every user management action made using JMX or the ActiveMQ Web Console is logged.
General (boolean) --
Enables general logging.
MaintenanceWindowStartTime (dict) --
The parameters that determine the WeeklyStartTime.
DayOfWeek (string) --
Required. The day of the week.
TimeOfDay (string) --
Required. The time, in 24-hour format.
TimeZone (string) --
The time zone, UTC by default, in either the Country/City format, or the UTC offset format.
PendingAuthenticationStrategy (string) --
The authentication strategy that will be applied when the broker is rebooted. The default is SIMPLE.
PendingEngineVersion (string) --
The broker engine version to upgrade to. For a list of supported engine versions, see Supported engines.
PendingHostInstanceType (string) --
The broker's host instance type to upgrade to. For a list of supported instance types, see Broker instance types.
PendingLdapServerMetadata (dict) --
The metadata of the LDAP server that will be used to authenticate and authorize connections to the broker after it is rebooted.
Hosts (list) --
Specifies the location of the LDAP server such as Directory Service for Microsoft Active Directory. Optional failover server.
(string) --
RoleBase (string) --
The distinguished name of the node in the directory information tree (DIT) to search for roles or groups. For example, ou=group, ou=corp, dc=corp, dc=example, dc=com.
RoleName (string) --
Specifies the LDAP attribute that identifies the group name attribute in the object returned from the group membership query.
RoleSearchMatching (string) --
The LDAP search filter used to find roles within the roleBase. The distinguished name of the user matched by userSearchMatching is substituted into the {0} placeholder in the search filter. The client's username is substituted into the {1} placeholder. For example, if you set this option to (member=uid={1})for the user janedoe, the search filter becomes (member=uid=janedoe) after string substitution. It matches all role entries that have a member attribute equal to uid=janedoe under the subtree selected by the roleBase.
RoleSearchSubtree (boolean) --
The directory search scope for the role. If set to true, scope is to search the entire subtree.
ServiceAccountUsername (string) --
Service account username. A service account is an account in your LDAP server that has access to initiate a connection. For example, cn=admin,dc=corp, dc=example, dc=com.
UserBase (string) --
Select a particular subtree of the directory information tree (DIT) to search for user entries. The subtree is specified by a DN, which specifies the base node of the subtree. For example, by setting this option to ou=Users,ou=corp, dc=corp, dc=example, dc=com, the search for user entries is restricted to the subtree beneath ou=Users, ou=corp, dc=corp, dc=example, dc=com.
UserRoleName (string) --
Specifies the name of the LDAP attribute for the user group membership.
UserSearchMatching (string) --
The LDAP search filter used to find users within the userBase. The client's username is substituted into the {0} placeholder in the search filter. For example, if this option is set to (uid={0}) and the received username is janedoe, the search filter becomes (uid=janedoe) after string substitution. It will result in matching an entry like uid=janedoe, ou=Users,ou=corp, dc=corp, dc=example, dc=com.
UserSearchSubtree (boolean) --
The directory search scope for the user. If set to true, scope is to search the entire subtree.
PendingSecurityGroups (list) --
The list of pending security groups to authorize connections to brokers.
(string) --
PubliclyAccessible (boolean) --
Enables connections from applications outside of the VPC that hosts the broker's subnets.
SecurityGroups (list) --
The list of rules (1 minimum, 125 maximum) that authorize connections to brokers.
(string) --
StorageType (string) --
The broker's storage type.
SubnetIds (list) --
The list of groups that define which subnets and IP ranges the broker can use from different Availability Zones.
(string) --
Tags (dict) --
The list of all tags associated with this broker.
(string) --
(string) --
Users (list) --
The list of all broker usernames for the specified broker.
(dict) --
Returns a list of all broker users. Does not apply to RabbitMQ brokers.
PendingChange (string) --
The type of change pending for the broker user.
Username (string) --
Required. The username of the broker user. This value can contain only alphanumeric characters, dashes, periods, underscores, and tildes (- . _ ~). This value must be 2-100 characters long.
DataReplicationMetadata (dict) --
The replication details of the data replication-enabled broker. Only returned if dataReplicationMode is set to CRDR.
DataReplicationCounterpart (dict) --
Describes the replica/primary broker. Only returned if this broker is currently set as a primary or replica in the broker's dataReplicationRole property.
BrokerId (string) --
Required. The unique broker id generated by Amazon MQ.
Region (string) --
Required. The region of the broker.
DataReplicationRole (string) --
Defines the role of this broker in a data replication pair. When a replica broker is promoted to primary, this role is interchanged.
DataReplicationMode (string) --
Describes whether this broker is a part of a data replication pair.
PendingDataReplicationMetadata (dict) --
The pending replication details of the data replication-enabled broker. Only returned if pendingDataReplicationMode is set to CRDR.
DataReplicationCounterpart (dict) --
Describes the replica/primary broker. Only returned if this broker is currently set as a primary or replica in the broker's dataReplicationRole property.
BrokerId (string) --
Required. The unique broker id generated by Amazon MQ.
Region (string) --
Required. The region of the broker.
DataReplicationRole (string) --
Defines the role of this broker in a data replication pair. When a replica broker is promoted to primary, this role is interchanged.
PendingDataReplicationMode (string) --
Describes whether this broker will be a part of a data replication pair after reboot.
{'ReplicationUser': 'boolean'}
Returns information about an ActiveMQ user.
See also: AWS API Documentation
Request Syntax
client.describe_user(
BrokerId='string',
Username='string'
)
string
[REQUIRED]
The unique ID that Amazon MQ generates for the broker.
string
[REQUIRED]
The username of the ActiveMQ user. This value can contain only alphanumeric characters, dashes, periods, underscores, and tildes (- . _ ~). This value must be 2-100 characters long.
dict
Response Syntax
{
'BrokerId': 'string',
'ConsoleAccess': True|False,
'Groups': [
'string',
],
'Pending': {
'ConsoleAccess': True|False,
'Groups': [
'string',
],
'PendingChange': 'CREATE'|'UPDATE'|'DELETE'
},
'Username': 'string',
'ReplicationUser': True|False
}
Response Structure
(dict) --
HTTP Status Code 200: OK.
BrokerId (string) --
Required. The unique ID that Amazon MQ generates for the broker.
ConsoleAccess (boolean) --
Enables access to the the ActiveMQ Web Console for the ActiveMQ user.
Groups (list) --
The list of groups (20 maximum) to which the ActiveMQ user belongs. This value can contain only alphanumeric characters, dashes, periods, underscores, and tildes (- . _ ~). This value must be 2-100 characters long.
(string) --
Pending (dict) --
The status of the changes pending for the ActiveMQ user.
ConsoleAccess (boolean) --
Enables access to the the ActiveMQ Web Console for the ActiveMQ user.
Groups (list) --
The list of groups (20 maximum) to which the ActiveMQ user belongs. This value can contain only alphanumeric characters, dashes, periods, underscores, and tildes (- . _ ~). This value must be 2-100 characters long.
(string) --
PendingChange (string) --
Required. The type of change pending for the ActiveMQ user.
Username (string) --
Required. The username of the ActiveMQ user. This value can contain only alphanumeric characters, dashes, periods, underscores, and tildes (- . _ ~). This value must be 2-100 characters long.
ReplicationUser (boolean) --
Describes whether the user is intended for data replication
{'BrokerSummaries': {'BrokerState': {'REPLICA'}}}
Returns a list of all brokers.
See also: AWS API Documentation
Request Syntax
client.list_brokers(
MaxResults=123,
NextToken='string'
)
integer
The maximum number of brokers that Amazon MQ can return per page (20 by default). This value must be an integer from 5 to 100.
string
The token that specifies the next page of results Amazon MQ should return. To request the first page, leave nextToken empty.
dict
Response Syntax
{
'BrokerSummaries': [
{
'BrokerArn': 'string',
'BrokerId': 'string',
'BrokerName': 'string',
'BrokerState': 'CREATION_IN_PROGRESS'|'CREATION_FAILED'|'DELETION_IN_PROGRESS'|'RUNNING'|'REBOOT_IN_PROGRESS'|'CRITICAL_ACTION_REQUIRED'|'REPLICA',
'Created': datetime(2015, 1, 1),
'DeploymentMode': 'SINGLE_INSTANCE'|'ACTIVE_STANDBY_MULTI_AZ'|'CLUSTER_MULTI_AZ',
'EngineType': 'ACTIVEMQ'|'RABBITMQ',
'HostInstanceType': 'string'
},
],
'NextToken': 'string'
}
Response Structure
(dict) --
HTTP Status Code 200: OK.
BrokerSummaries (list) --
A list of information about all brokers.
(dict) --
Returns information about all brokers.
BrokerArn (string) --
The broker's Amazon Resource Name (ARN).
BrokerId (string) --
The unique ID that Amazon MQ generates for the broker.
BrokerName (string) --
The broker's name. This value is unique in your Amazon Web Services account, 1-50 characters long, and containing only letters, numbers, dashes, and underscores, and must not contain white spaces, brackets, wildcard characters, or special characters.
BrokerState (string) --
The broker's status.
Created (datetime) --
The time when the broker was created.
DeploymentMode (string) --
The broker's deployment mode.
EngineType (string) --
The type of broker engine.
HostInstanceType (string) --
The broker's instance type.
NextToken (string) --
The token that specifies the next page of results Amazon MQ should return. To request the first page, leave nextToken empty.
{'DataReplicationMode': 'NONE | CRDR'}
Response {'DataReplicationMetadata': {'DataReplicationCounterpart': {'BrokerId': 'string',
'Region': 'string'},
'DataReplicationRole': 'string'},
'DataReplicationMode': 'NONE | CRDR',
'PendingDataReplicationMetadata': {'DataReplicationCounterpart': {'BrokerId': 'string',
'Region': 'string'},
'DataReplicationRole': 'string'},
'PendingDataReplicationMode': 'NONE | CRDR'}
Adds a pending configuration change to a broker.
See also: AWS API Documentation
Request Syntax
client.update_broker(
AuthenticationStrategy='SIMPLE'|'LDAP',
AutoMinorVersionUpgrade=True|False,
BrokerId='string',
Configuration={
'Id': 'string',
'Revision': 123
},
EngineVersion='string',
HostInstanceType='string',
LdapServerMetadata={
'Hosts': [
'string',
],
'RoleBase': 'string',
'RoleName': 'string',
'RoleSearchMatching': 'string',
'RoleSearchSubtree': True|False,
'ServiceAccountPassword': 'string',
'ServiceAccountUsername': 'string',
'UserBase': 'string',
'UserRoleName': 'string',
'UserSearchMatching': 'string',
'UserSearchSubtree': True|False
},
Logs={
'Audit': True|False,
'General': True|False
},
MaintenanceWindowStartTime={
'DayOfWeek': 'MONDAY'|'TUESDAY'|'WEDNESDAY'|'THURSDAY'|'FRIDAY'|'SATURDAY'|'SUNDAY',
'TimeOfDay': 'string',
'TimeZone': 'string'
},
SecurityGroups=[
'string',
],
DataReplicationMode='NONE'|'CRDR'
)
string
Optional. The authentication strategy used to secure the broker. The default is SIMPLE.
boolean
Enables automatic upgrades to new minor versions for brokers, as new versions are released and supported by Amazon MQ. Automatic upgrades occur during the scheduled maintenance window of the broker or after a manual broker reboot.
string
[REQUIRED]
The unique ID that Amazon MQ generates for the broker.
dict
A list of information about the configuration.
Id (string) -- [REQUIRED]
Required. The unique ID that Amazon MQ generates for the configuration.
Revision (integer) --
The revision number of the configuration.
string
The broker engine version. For a list of supported engine versions, see Supported engines.
string
The broker's host instance type to upgrade to. For a list of supported instance types, see Broker instance types.
dict
Optional. The metadata of the LDAP server used to authenticate and authorize connections to the broker. Does not apply to RabbitMQ brokers.
Hosts (list) -- [REQUIRED]
Specifies the location of the LDAP server such as Directory Service for Microsoft Active Directory. Optional failover server.
(string) --
RoleBase (string) -- [REQUIRED]
The distinguished name of the node in the directory information tree (DIT) to search for roles or groups. For example, ou=group, ou=corp, dc=corp, dc=example, dc=com.
RoleName (string) --
Specifies the LDAP attribute that identifies the group name attribute in the object returned from the group membership query.
RoleSearchMatching (string) -- [REQUIRED]
The LDAP search filter used to find roles within the roleBase. The distinguished name of the user matched by userSearchMatching is substituted into the {0} placeholder in the search filter. The client's username is substituted into the {1} placeholder. For example, if you set this option to (member=uid={1})for the user janedoe, the search filter becomes (member=uid=janedoe) after string substitution. It matches all role entries that have a member attribute equal to uid=janedoe under the subtree selected by the roleBase.
RoleSearchSubtree (boolean) --
The directory search scope for the role. If set to true, scope is to search the entire subtree.
ServiceAccountPassword (string) -- [REQUIRED]
Service account password. A service account is an account in your LDAP server that has access to initiate a connection. For example, cn=admin,dc=corp, dc=example, dc=com.
ServiceAccountUsername (string) -- [REQUIRED]
Service account username. A service account is an account in your LDAP server that has access to initiate a connection. For example, cn=admin,dc=corp, dc=example, dc=com.
UserBase (string) -- [REQUIRED]
Select a particular subtree of the directory information tree (DIT) to search for user entries. The subtree is specified by a DN, which specifies the base node of the subtree. For example, by setting this option to ou=Users,ou=corp, dc=corp, dc=example, dc=com, the search for user entries is restricted to the subtree beneath ou=Users, ou=corp, dc=corp, dc=example, dc=com.
UserRoleName (string) --
Specifies the name of the LDAP attribute for the user group membership.
UserSearchMatching (string) -- [REQUIRED]
The LDAP search filter used to find users within the userBase. The client's username is substituted into the {0} placeholder in the search filter. For example, if this option is set to (uid={0}) and the received username is janedoe, the search filter becomes (uid=janedoe) after string substitution. It will result in matching an entry like uid=janedoe, ou=Users,ou=corp, dc=corp, dc=example, dc=com.
UserSearchSubtree (boolean) --
The directory search scope for the user. If set to true, scope is to search the entire subtree.
dict
Enables Amazon CloudWatch logging for brokers.
Audit (boolean) --
Enables audit logging. Every user management action made using JMX or the ActiveMQ Web Console is logged. Does not apply to RabbitMQ brokers.
General (boolean) --
Enables general logging.
dict
The parameters that determine the WeeklyStartTime.
DayOfWeek (string) -- [REQUIRED]
Required. The day of the week.
TimeOfDay (string) -- [REQUIRED]
Required. The time, in 24-hour format.
TimeZone (string) --
The time zone, UTC by default, in either the Country/City format, or the UTC offset format.
list
The list of security groups (1 minimum, 5 maximum) that authorizes connections to brokers.
(string) --
string
Defines whether this broker is a part of a data replication pair.
dict
Response Syntax
{
'AuthenticationStrategy': 'SIMPLE'|'LDAP',
'AutoMinorVersionUpgrade': True|False,
'BrokerId': 'string',
'Configuration': {
'Id': 'string',
'Revision': 123
},
'EngineVersion': 'string',
'HostInstanceType': 'string',
'LdapServerMetadata': {
'Hosts': [
'string',
],
'RoleBase': 'string',
'RoleName': 'string',
'RoleSearchMatching': 'string',
'RoleSearchSubtree': True|False,
'ServiceAccountUsername': 'string',
'UserBase': 'string',
'UserRoleName': 'string',
'UserSearchMatching': 'string',
'UserSearchSubtree': True|False
},
'Logs': {
'Audit': True|False,
'General': True|False
},
'MaintenanceWindowStartTime': {
'DayOfWeek': 'MONDAY'|'TUESDAY'|'WEDNESDAY'|'THURSDAY'|'FRIDAY'|'SATURDAY'|'SUNDAY',
'TimeOfDay': 'string',
'TimeZone': 'string'
},
'SecurityGroups': [
'string',
],
'DataReplicationMetadata': {
'DataReplicationCounterpart': {
'BrokerId': 'string',
'Region': 'string'
},
'DataReplicationRole': 'string'
},
'DataReplicationMode': 'NONE'|'CRDR',
'PendingDataReplicationMetadata': {
'DataReplicationCounterpart': {
'BrokerId': 'string',
'Region': 'string'
},
'DataReplicationRole': 'string'
},
'PendingDataReplicationMode': 'NONE'|'CRDR'
}
Response Structure
(dict) --
HTTP Status Code 200: OK.
AuthenticationStrategy (string) --
Optional. The authentication strategy used to secure the broker. The default is SIMPLE.
AutoMinorVersionUpgrade (boolean) --
The new boolean value that specifies whether broker engines automatically upgrade to new minor versions as new versions are released and supported by Amazon MQ.
BrokerId (string) --
Required. The unique ID that Amazon MQ generates for the broker.
Configuration (dict) --
The ID of the updated configuration.
Id (string) --
Required. The unique ID that Amazon MQ generates for the configuration.
Revision (integer) --
The revision number of the configuration.
EngineVersion (string) --
The broker engine version to upgrade to. For a list of supported engine versions, see Supported engines.
HostInstanceType (string) --
The broker's host instance type to upgrade to. For a list of supported instance types, see Broker instance types.
LdapServerMetadata (dict) --
Optional. The metadata of the LDAP server used to authenticate and authorize connections to the broker. Does not apply to RabbitMQ brokers.
Hosts (list) --
Specifies the location of the LDAP server such as Directory Service for Microsoft Active Directory. Optional failover server.
(string) --
RoleBase (string) --
The distinguished name of the node in the directory information tree (DIT) to search for roles or groups. For example, ou=group, ou=corp, dc=corp, dc=example, dc=com.
RoleName (string) --
Specifies the LDAP attribute that identifies the group name attribute in the object returned from the group membership query.
RoleSearchMatching (string) --
The LDAP search filter used to find roles within the roleBase. The distinguished name of the user matched by userSearchMatching is substituted into the {0} placeholder in the search filter. The client's username is substituted into the {1} placeholder. For example, if you set this option to (member=uid={1})for the user janedoe, the search filter becomes (member=uid=janedoe) after string substitution. It matches all role entries that have a member attribute equal to uid=janedoe under the subtree selected by the roleBase.
RoleSearchSubtree (boolean) --
The directory search scope for the role. If set to true, scope is to search the entire subtree.
ServiceAccountUsername (string) --
Service account username. A service account is an account in your LDAP server that has access to initiate a connection. For example, cn=admin,dc=corp, dc=example, dc=com.
UserBase (string) --
Select a particular subtree of the directory information tree (DIT) to search for user entries. The subtree is specified by a DN, which specifies the base node of the subtree. For example, by setting this option to ou=Users,ou=corp, dc=corp, dc=example, dc=com, the search for user entries is restricted to the subtree beneath ou=Users, ou=corp, dc=corp, dc=example, dc=com.
UserRoleName (string) --
Specifies the name of the LDAP attribute for the user group membership.
UserSearchMatching (string) --
The LDAP search filter used to find users within the userBase. The client's username is substituted into the {0} placeholder in the search filter. For example, if this option is set to (uid={0}) and the received username is janedoe, the search filter becomes (uid=janedoe) after string substitution. It will result in matching an entry like uid=janedoe, ou=Users,ou=corp, dc=corp, dc=example, dc=com.
UserSearchSubtree (boolean) --
The directory search scope for the user. If set to true, scope is to search the entire subtree.
Logs (dict) --
The list of information about logs to be enabled for the specified broker.
Audit (boolean) --
Enables audit logging. Every user management action made using JMX or the ActiveMQ Web Console is logged. Does not apply to RabbitMQ brokers.
General (boolean) --
Enables general logging.
MaintenanceWindowStartTime (dict) --
The parameters that determine the WeeklyStartTime.
DayOfWeek (string) --
Required. The day of the week.
TimeOfDay (string) --
Required. The time, in 24-hour format.
TimeZone (string) --
The time zone, UTC by default, in either the Country/City format, or the UTC offset format.
SecurityGroups (list) --
The list of security groups (1 minimum, 5 maximum) that authorizes connections to brokers.
(string) --
DataReplicationMetadata (dict) --
The replication details of the data replication-enabled broker. Only returned if dataReplicationMode is set to CRDR.
DataReplicationCounterpart (dict) --
Describes the replica/primary broker. Only returned if this broker is currently set as a primary or replica in the broker's dataReplicationRole property.
BrokerId (string) --
Required. The unique broker id generated by Amazon MQ.
Region (string) --
Required. The region of the broker.
DataReplicationRole (string) --
Defines the role of this broker in a data replication pair. When a replica broker is promoted to primary, this role is interchanged.
DataReplicationMode (string) --
Describes whether this broker is a part of a data replication pair.
PendingDataReplicationMetadata (dict) --
The pending replication details of the data replication-enabled broker. Only returned if pendingDataReplicationMode is set to CRDR.
DataReplicationCounterpart (dict) --
Describes the replica/primary broker. Only returned if this broker is currently set as a primary or replica in the broker's dataReplicationRole property.
BrokerId (string) --
Required. The unique broker id generated by Amazon MQ.
Region (string) --
Required. The region of the broker.
DataReplicationRole (string) --
Defines the role of this broker in a data replication pair. When a replica broker is promoted to primary, this role is interchanged.
PendingDataReplicationMode (string) --
Describes whether this broker will be a part of a data replication pair after reboot.
{'ReplicationUser': 'boolean'}
Updates the information for an ActiveMQ user.
See also: AWS API Documentation
Request Syntax
client.update_user(
BrokerId='string',
ConsoleAccess=True|False,
Groups=[
'string',
],
Password='string',
Username='string',
ReplicationUser=True|False
)
string
[REQUIRED]
The unique ID that Amazon MQ generates for the broker.
boolean
Enables access to the the ActiveMQ Web Console for the ActiveMQ user.
list
The list of groups (20 maximum) to which the ActiveMQ user belongs. This value can contain only alphanumeric characters, dashes, periods, underscores, and tildes (- . _ ~). This value must be 2-100 characters long.
(string) --
string
The password of the user. This value must be at least 12 characters long, must contain at least 4 unique characters, and must not contain commas, colons, or equal signs (,:=).
string
[REQUIRED]
The username of the ActiveMQ user. This value can contain only alphanumeric characters, dashes, periods, underscores, and tildes (- . _ ~). This value must be 2-100 characters long.
boolean
Defines whether the user is intended for data replication.
dict
Response Syntax
{}
Response Structure
(dict) --
HTTP Status Code 200: OK.