diff --git a/pipeline/outputs/elasticsearch.md b/pipeline/outputs/elasticsearch.md index 375867922..caf540f0f 100644 --- a/pipeline/outputs/elasticsearch.md +++ b/pipeline/outputs/elasticsearch.md @@ -21,6 +21,7 @@ The **es** output plugin, allows to ingest your records into an [Elasticsearch]( | AWS\_STS\_Endpoint | Specify the custom sts endpoint to be used with STS API for Amazon OpenSearch Service | | | AWS\_Role\_ARN | AWS IAM Role to assume to put records to your Amazon cluster | | | AWS\_External\_ID | External ID for the AWS IAM Role specified with `aws_role_arn` | | +| AWS\_Service\_Name | Service name to be used in AWS Sigv4 signature. For integration with Amazon OpenSearch Serverless, set to `aoss`. See the [FAQ](opensearch.md#faq) section on Amazon OpenSearch Serverless for more information. | es | | Cloud\_ID | If you are using Elastic's Elasticsearch Service you can specify the cloud\_id of the cluster running. The Cloud ID string has the format `:`. Once decoded, the `base64_info` string has the format `$$`. | | | Cloud\_Auth | Specify the credentials to use to connect to Elastic's Elasticsearch Service running on Elastic Cloud | | diff --git a/pipeline/outputs/opensearch.md b/pipeline/outputs/opensearch.md index cdd160425..713af66db 100644 --- a/pipeline/outputs/opensearch.md +++ b/pipeline/outputs/opensearch.md @@ -21,10 +21,11 @@ The following instructions assumes that you have a fully operational OpenSearch | AWS\_STS\_Endpoint | Specify the custom sts endpoint to be used with STS API for Amazon OpenSearch Service | | | AWS\_Role\_ARN | AWS IAM Role to assume to put records to your Amazon cluster | | | AWS\_External\_ID | External ID for the AWS IAM Role specified with `aws_role_arn` | | +| AWS\_Service\_Name | Service name to be used in AWS Sigv4 signature. For integration with Amazon OpenSearch Serverless, set to `aoss`. See the [FAQ](opensearch.md#faq) section on Amazon OpenSearch Serverless for more information. | es | | HTTP\_User | Optional username credential for access | | | HTTP\_Passwd | Password for user defined in HTTP\_User | | | Index | Index name, supports [Record Accessor syntax](../../administration/configuring-fluent-bit/classic-mode/record-accessor.md) from 2.0.5 onwards. | fluent-bit | -| Type | Type name | \_doc | +| Type | Type name. This option is ignored if `Suppress_Type_Name` is enabled. | \_doc | | Logstash\_Format | Enable Logstash format compatibility. This option takes a boolean value: True/False, On/Off | Off | | Logstash\_Prefix | When Logstash\_Format is enabled, the Index name is composed using a prefix and the date, e.g: If Logstash\_Prefix is equals to 'mydata' your index will become 'mydata-YYYY.MM.DD'. The last string appended belongs to the date when the data is being generated. | logstash | | Logstash\_DateFormat | Time format \(based on [strftime](http://man7.org/linux/man-pages/man3/strftime.3.html)\) to generate the second part of the Index name. | %Y.%m.%d | @@ -157,3 +158,21 @@ Without this you will see errors like: ```text {"error":{"root_cause":[{"type":"illegal_argument_exception","reason":"Action/metadata line [1] contains an unknown parameter [_type]"}],"type":"illegal_argument_exception","reason":"Action/metadata line [1] contains an unknown parameter [_type]"},"status":400} ``` + +### Fluent-Bit + Amazon OpenSearch Serverless +Amazon OpenSearch Serverless is an offering that eliminates your need to manage OpenSearch clusters. All existing Fluent Bit OpenSearch output plugin options work with OpenSearch Serverless. For Fluent Bit, the only difference is that you must specify the service name as `aoss` (Amazon OpenSearch Serverless) when you enable `AWS_Auth`: +``` +AWS_Auth On +AWS_Region +AWS_Service_Name aoss +``` + +**Data Access Permissions** + +When sending logs to OpenSearch Serverless, your AWS IAM entity needs [OpenSearch Serverless Data Access permisions](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/serverless-data-access.html). Give your IAM entity the following data access permissions to your serverless collection: +``` +aoss:CreateIndex +aoss:UpdateIndex +aoss:WriteDocument +``` +With data access permissions, IAM policies are not needed to access the collection.