Currently, this solution only supports delivery to Amazon OpenSearch clusters with a public-endpoint and fine-grained access control enabled. To deploy an OpenSearch cluster to receive metrics from the solution, follow these steps:
- Navigate to the Amazon OpenSearch Management Console in a supported region (e.g.,
us-east-1,us-west-2,eu-west-1) - Create a new Domain
- Determine which to deploy as
ProductionorDevelopment and testing, as per your requirements. - Choose the Version you want to use (e.g.,
OpenSearch 2.5(latest)) - Complete the basic infrastructure configuration settings for the domain. Note that fine-grained access control is not supported on the
t2.*family of instance-types. We recommend by default selecting anr5.large.searchorm5.large.searchas your node type. - Configure Public access for the domain and enable fine-grained access control
- Select
Create master userand create a master username and password with a secure password - Configure the Access Policy to "
Only use fine-grained access control(i.eAllow open access to the domain)". Note, access to the domain under this configuration is controlled via the Fine-grained access control module within OpenSearch.
In order to configure OpenSearch to accept logs from the Kinesis Firehose stream, you will need to add a role to your cluster:
- Navigate to the Amazon OpenSearch Management Console and select your cluster
- Click the link to the OpenSearch Dashboard under the
General information - Once logged in to the OpenSearch Dashboard, navigate to
Security>Rolesvia the menu on the left - Create a new Role named '
firehose' - Grant the following permissions:
{ "cluster_permissions": [ "cluster_composite_ops", "cluster_monitor" ], "index_permissions": [{ "index_patterns": [ "*" ], "allowed_actions": [ "create_index", "manage", "crud" ] }] }
- Note, you can set the value under index_patterns to the prefix of the index you have set when deploying the CloudFormation template for the solution.
Save the changes
- In the OpenSearch Dashboard, navigate to
Security>RolesMapping - Select the '
firehose' role and then go to the ‘Mapped user’ tab - Click the
Manage mappingto add a new Role Mapping - Under Backend roles, add the ARN of the Role assigned to Kinesis Firehose which is listed in the CloudFormation Stack Outputs under the value "
DeliveryRoleArn" once the template deploys successfully
Save the changes. Now Kinesis Firehose can post to your OpenSearch cluster.
- In the OpenSearch Dashboard, navigate to
Dev Tools - Create the index by using the
PUTcommand followed by the index name. The OpenSearch index name is what you provided while deploying the CloudFormation template in the parameter 'ElasticSearchIndexName'
- Next create the index schema by using command
PUT INDEX_NAME/_mappingsalong with the schema definition available under 'templates/elasticsearch_mappings.json'
- In the OpenSearch Dashboard, navigate to the
Stack Management - Click '
Index Patterns' and select 'Create index patterns'
- Enter the index name and you should see it listed in below search result and click '
Next step'
- Select
event_timeas the Time filter field name and click 'Create index pattern'
You should be able to see all the fields in the index and its data types and other search index attributes. At this stage we are ready to start building the dashboards on OpenSearch.
- In the OpenSearch Dashboard, navigate to the
Stack Management - Click on '
Saved Objects' and click theImportlink on the right hand side. - Select '
export.ndjson' file which is under foldertemplatesand import the dashboard. - Navigate to Dashboard and select the newly created dashboard (e.g.,
IVSQoS5). - You should see a set of visualizations auto created and its time now to push some events to see the dashboard in action