2025/12/10 - Amazon OpenSearch Service - 2 updated api methods
Changes The CreateApplication API now supports an optional kms key arn parameter to allow customers to specify a CMK for application encryption.
{'kmsKeyArn': 'string'}
Creates an OpenSearch UI application. For more information, see Using the OpenSearch user interface in Amazon OpenSearch Service.
See also: AWS API Documentation
Request Syntax
client.create_application(
clientToken='string',
name='string',
dataSources=[
{
'dataSourceArn': 'string',
'dataSourceDescription': 'string'
},
],
iamIdentityCenterOptions={
'enabled': True|False,
'iamIdentityCenterInstanceArn': 'string',
'iamRoleForIdentityCenterApplicationArn': 'string'
},
appConfigs=[
{
'key': 'opensearchDashboards.dashboardAdmin.users'|'opensearchDashboards.dashboardAdmin.groups',
'value': 'string'
},
],
tagList=[
{
'Key': 'string',
'Value': 'string'
},
],
kmsKeyArn='string'
)
string
Unique, case-sensitive identifier to ensure idempotency of the request.
This field is autopopulated if not provided.
string
[REQUIRED]
The unique name of the OpenSearch application. Names must be unique within an Amazon Web Services Region for each account.
list
The data sources to link to the OpenSearch application.
(dict) --
Data sources that are associated with an OpenSearch application.
dataSourceArn (string) --
The Amazon Resource Name (ARN) of the domain. See Identifiers for IAM Entities in Using Amazon Web Services Identity and Access Management for more information.
dataSourceDescription (string) --
Detailed description of a data source.
dict
Configuration settings for integrating Amazon Web Services IAM Identity Center with the OpenSearch application.
enabled (boolean) --
Specifies whether IAM Identity Center is enabled or disabled.
iamIdentityCenterInstanceArn (string) --
The Amazon Resource Name (ARN) of the domain. See Identifiers for IAM Entities in Using Amazon Web Services Identity and Access Management for more information.
iamRoleForIdentityCenterApplicationArn (string) --
The ARN of the IAM role associated with the IAM Identity Center application.
list
Configuration settings for the OpenSearch application, including administrative options.
(dict) --
Configuration settings for an OpenSearch application. For more information, see Using the OpenSearch user interface in Amazon OpenSearch Service.
key (string) --
The configuration item to set, such as the admin role for the OpenSearch application.
value (string) --
The value assigned to the configuration key, such as an IAM user ARN.
list
A list of tags attached to a domain.
(dict) --
A tag (key-value pair) for an Amazon OpenSearch Service resource.
Key (string) -- [REQUIRED]
The tag key. Tag keys must be unique for the domain to which they are attached.
Value (string) -- [REQUIRED]
The value assigned to the corresponding tag key. Tag values can be null and don't have to be unique in a tag set. For example, you can have a key value pair in a tag set of project : Trinity and cost-center : Trinity
string
The Amazon Resource Name (ARN) of the KMS key used to encrypt the application's data at rest. If provided, the application uses your customer-managed key for encryption. If omitted, the application uses an AWS-managed key. The KMS key must be in the same region as the application.
dict
Response Syntax
{
'id': 'string',
'name': 'string',
'arn': 'string',
'dataSources': [
{
'dataSourceArn': 'string',
'dataSourceDescription': 'string'
},
],
'iamIdentityCenterOptions': {
'enabled': True|False,
'iamIdentityCenterInstanceArn': 'string',
'iamRoleForIdentityCenterApplicationArn': 'string',
'iamIdentityCenterApplicationArn': 'string'
},
'appConfigs': [
{
'key': 'opensearchDashboards.dashboardAdmin.users'|'opensearchDashboards.dashboardAdmin.groups',
'value': 'string'
},
],
'tagList': [
{
'Key': 'string',
'Value': 'string'
},
],
'createdAt': datetime(2015, 1, 1),
'kmsKeyArn': 'string'
}
Response Structure
(dict) --
id (string) --
The unique identifier assigned to the OpenSearch application.
name (string) --
The name of the OpenSearch application.
arn (string) --
The Amazon Resource Name (ARN) of the domain. See Identifiers for IAM Entities in Using Amazon Web Services Identity and Access Management for more information.
dataSources (list) --
The data sources linked to the OpenSearch application.
(dict) --
Data sources that are associated with an OpenSearch application.
dataSourceArn (string) --
The Amazon Resource Name (ARN) of the domain. See Identifiers for IAM Entities in Using Amazon Web Services Identity and Access Management for more information.
dataSourceDescription (string) --
Detailed description of a data source.
iamIdentityCenterOptions (dict) --
The IAM Identity Center settings configured for the OpenSearch application.
enabled (boolean) --
Indicates whether IAM Identity Center is enabled for the OpenSearch application.
iamIdentityCenterInstanceArn (string) --
The Amazon Resource Name (ARN) of the domain. See Identifiers for IAM Entities in Using Amazon Web Services Identity and Access Management for more information.
iamRoleForIdentityCenterApplicationArn (string) --
The Amazon Resource Name (ARN) of the IAM role assigned to the IAM Identity Center application for the OpenSearch application.
iamIdentityCenterApplicationArn (string) --
The Amazon Resource Name (ARN) of the domain. See Identifiers for IAM Entities in Using Amazon Web Services Identity and Access Management for more information.
appConfigs (list) --
Configuration settings for the OpenSearch application, including administrative options.
(dict) --
Configuration settings for an OpenSearch application. For more information, see Using the OpenSearch user interface in Amazon OpenSearch Service.
key (string) --
The configuration item to set, such as the admin role for the OpenSearch application.
value (string) --
The value assigned to the configuration key, such as an IAM user ARN.
tagList (list) --
A list of tags attached to a domain.
(dict) --
A tag (key-value pair) for an Amazon OpenSearch Service resource.
Key (string) --
The tag key. Tag keys must be unique for the domain to which they are attached.
Value (string) --
The value assigned to the corresponding tag key. Tag values can be null and don't have to be unique in a tag set. For example, you can have a key value pair in a tag set of project : Trinity and cost-center : Trinity
createdAt (datetime) --
The timestamp indicating when the OpenSearch application was created.
kmsKeyArn (string) --
The Amazon Resource Name (ARN) of the KMS key used to encrypt the application's data at rest.
{'kmsKeyArn': 'string'}
Retrieves the configuration and status of an existing OpenSearch application.
See also: AWS API Documentation
Request Syntax
client.get_application(
id='string'
)
string
[REQUIRED]
The unique identifier of the OpenSearch application to retrieve.
dict
Response Syntax
{
'id': 'string',
'arn': 'string',
'name': 'string',
'endpoint': 'string',
'status': 'CREATING'|'UPDATING'|'DELETING'|'ACTIVE'|'FAILED',
'iamIdentityCenterOptions': {
'enabled': True|False,
'iamIdentityCenterInstanceArn': 'string',
'iamRoleForIdentityCenterApplicationArn': 'string',
'iamIdentityCenterApplicationArn': 'string'
},
'dataSources': [
{
'dataSourceArn': 'string',
'dataSourceDescription': 'string'
},
],
'appConfigs': [
{
'key': 'opensearchDashboards.dashboardAdmin.users'|'opensearchDashboards.dashboardAdmin.groups',
'value': 'string'
},
],
'createdAt': datetime(2015, 1, 1),
'lastUpdatedAt': datetime(2015, 1, 1),
'kmsKeyArn': 'string'
}
Response Structure
(dict) --
id (string) --
The unique identifier of the OpenSearch application.
arn (string) --
The Amazon Resource Name (ARN) of the domain. See Identifiers for IAM Entities in Using Amazon Web Services Identity and Access Management for more information.
name (string) --
The name of the OpenSearch application.
endpoint (string) --
The endpoint URL of the OpenSearch application.
status (string) --
The current status of the OpenSearch application. Possible values: CREATING, UPDATING, DELETING, FAILED, ACTIVE, and DELETED.
iamIdentityCenterOptions (dict) --
The IAM Identity Center settings configured for the OpenSearch application.
enabled (boolean) --
Indicates whether IAM Identity Center is enabled for the OpenSearch application.
iamIdentityCenterInstanceArn (string) --
The Amazon Resource Name (ARN) of the domain. See Identifiers for IAM Entities in Using Amazon Web Services Identity and Access Management for more information.
iamRoleForIdentityCenterApplicationArn (string) --
The Amazon Resource Name (ARN) of the IAM role assigned to the IAM Identity Center application for the OpenSearch application.
iamIdentityCenterApplicationArn (string) --
The Amazon Resource Name (ARN) of the domain. See Identifiers for IAM Entities in Using Amazon Web Services Identity and Access Management for more information.
dataSources (list) --
The data sources associated with the OpenSearch application.
(dict) --
Data sources that are associated with an OpenSearch application.
dataSourceArn (string) --
The Amazon Resource Name (ARN) of the domain. See Identifiers for IAM Entities in Using Amazon Web Services Identity and Access Management for more information.
dataSourceDescription (string) --
Detailed description of a data source.
appConfigs (list) --
The configuration settings of the OpenSearch application.
(dict) --
Configuration settings for an OpenSearch application. For more information, see Using the OpenSearch user interface in Amazon OpenSearch Service.
key (string) --
The configuration item to set, such as the admin role for the OpenSearch application.
value (string) --
The value assigned to the configuration key, such as an IAM user ARN.
createdAt (datetime) --
The timestamp when the OpenSearch application was created.
lastUpdatedAt (datetime) --
The timestamp of the last update to the OpenSearch application.
kmsKeyArn (string) --
The Amazon Resource Name (ARN) of the KMS key used to encrypt the application's data at rest.