From b61f67ce19397fffe38956e805204505aa664174 Mon Sep 17 00:00:00 2001 From: Murad Biashimov Date: Tue, 15 Oct 2024 11:57:59 +0200 Subject: [PATCH] refactor: remove reSensitive (#1842) --- docs/data-sources/opensearch.md | 101 +++++++++ docs/resources/grafana.md | 2 +- docs/resources/kafka.md | 2 +- docs/resources/kafka_connect.md | 2 +- docs/resources/opensearch.md | 121 +++++++++- .../resources/service_integration_endpoint.md | 14 +- docs/resources/thanos.md | 2 +- go.mod | 2 +- go.sum | 4 +- .../sdkprovider/userconfig/service/grafana.go | 1 - .../sdkprovider/userconfig/service/kafka.go | 1 - .../userconfig/service/kafka_connect.go | 1 - .../userconfig/service/opensearch.go | 213 +++++++++++++++++- .../sdkprovider/userconfig/service/thanos.go | 1 + .../external_aws_cloudwatch_logs.go | 1 - .../external_aws_cloudwatch_metrics.go | 1 - .../external_aws_s3.go | 1 - .../external_google_cloud_bigquery.go | 1 + .../external_google_cloud_logging.go | 1 + .../external_kafka.go | 1 + .../serviceintegrationendpoint/rsyslog.go | 1 + ucgenerator/main.go | 6 +- 22 files changed, 453 insertions(+), 27 deletions(-) diff --git a/docs/data-sources/opensearch.md b/docs/data-sources/opensearch.md index d91b0f019..9978ff2c5 100644 --- a/docs/data-sources/opensearch.md +++ b/docs/data-sources/opensearch.md @@ -245,7 +245,9 @@ Read-Only: - `plugins_alerting_filter_by_backend_roles` (Boolean) - `reindex_remote_whitelist` (List of String) - `script_max_compilations_rate` (String) +- `search_backpressure` (List of Object) (see [below for nested schema](#nestedobjatt--opensearch_user_config--opensearch--search_backpressure)) - `search_max_buckets` (Number) +- `shard_indexing_pressure` (List of Object) (see [below for nested schema](#nestedobjatt--opensearch_user_config--opensearch--shard_indexing_pressure)) - `thread_pool_analyze_queue_size` (Number) - `thread_pool_analyze_size` (Number) - `thread_pool_force_merge_size` (Number) @@ -294,6 +296,105 @@ Read-Only: + +### Nested Schema for `opensearch_user_config.opensearch.search_backpressure` + +Read-Only: + +- `mode` (String) +- `node_duress` (List of Object) (see [below for nested schema](#nestedobjatt--opensearch_user_config--opensearch--search_backpressure--node_duress)) +- `search_shard_task` (List of Object) (see [below for nested schema](#nestedobjatt--opensearch_user_config--opensearch--search_backpressure--search_shard_task)) +- `search_task` (List of Object) (see [below for nested schema](#nestedobjatt--opensearch_user_config--opensearch--search_backpressure--search_task)) + + +### Nested Schema for `opensearch_user_config.opensearch.search_backpressure.node_duress` + +Read-Only: + +- `cpu_threshold` (Number) +- `heap_threshold` (Number) +- `num_successive_breaches` (Number) + + + +### Nested Schema for `opensearch_user_config.opensearch.search_backpressure.search_shard_task` + +Read-Only: + +- `cancellation_burst` (Number) +- `cancellation_rate` (Number) +- `cancellation_ratio` (Number) +- `cpu_time_millis_threshold` (Number) +- `elapsed_time_millis_threshold` (Number) +- `heap_moving_average_window_size` (Number) +- `heap_percent_threshold` (Number) +- `heap_variance` (Number) +- `total_heap_percent_threshold` (Number) + + + +### Nested Schema for `opensearch_user_config.opensearch.search_backpressure.search_task` + +Read-Only: + +- `cancellation_burst` (Number) +- `cancellation_rate` (Number) +- `cancellation_ratio` (Number) +- `cpu_time_millis_threshold` (Number) +- `elapsed_time_millis_threshold` (Number) +- `heap_moving_average_window_size` (Number) +- `heap_percent_threshold` (Number) +- `heap_variance` (Number) +- `total_heap_percent_threshold` (Number) + + + + +### Nested Schema for `opensearch_user_config.opensearch.shard_indexing_pressure` + +Read-Only: + +- `enabled` (Boolean) +- `enforced` (Boolean) +- `operating_factor` (List of Object) (see [below for nested schema](#nestedobjatt--opensearch_user_config--opensearch--shard_indexing_pressure--operating_factor)) +- `primary_parameter` (List of Object) (see [below for nested schema](#nestedobjatt--opensearch_user_config--opensearch--shard_indexing_pressure--primary_parameter)) + + +### Nested Schema for `opensearch_user_config.opensearch.shard_indexing_pressure.operating_factor` + +Read-Only: + +- `lower` (Number) +- `optimal` (Number) +- `upper` (Number) + + + +### Nested Schema for `opensearch_user_config.opensearch.shard_indexing_pressure.primary_parameter` + +Read-Only: + +- `node` (List of Object) (see [below for nested schema](#nestedobjatt--opensearch_user_config--opensearch--shard_indexing_pressure--primary_parameter--node)) +- `shard` (List of Object) (see [below for nested schema](#nestedobjatt--opensearch_user_config--opensearch--shard_indexing_pressure--primary_parameter--shard)) + + +### Nested Schema for `opensearch_user_config.opensearch.shard_indexing_pressure.primary_parameter.node` + +Read-Only: + +- `soft_limit` (Number) + + + +### Nested Schema for `opensearch_user_config.opensearch.shard_indexing_pressure.primary_parameter.shard` + +Read-Only: + +- `min_limit` (Number) + + + + ### Nested Schema for `opensearch_user_config.opensearch_dashboards` diff --git a/docs/resources/grafana.md b/docs/resources/grafana.md index f8063c7f3..5d6295dc8 100644 --- a/docs/resources/grafana.md +++ b/docs/resources/grafana.md @@ -237,7 +237,7 @@ Optional: Required: -- `access_key` (String, Sensitive) S3 access key. Requires permissions to the S3 bucket for the s3:PutObject and s3:PutObjectAcl actions. Example: `AAAAAAAAAAAAAAAAAAA`. +- `access_key` (String) S3 access key. Requires permissions to the S3 bucket for the s3:PutObject and s3:PutObjectAcl actions. Example: `AAAAAAAAAAAAAAAAAAA`. - `bucket_url` (String) Bucket URL for S3. Example: `https://grafana.s3-ap-southeast-2.amazonaws.com/`. - `provider` (String) Enum: `s3`. Provider type. - `secret_key` (String, Sensitive) S3 secret key. Example: `AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA`. diff --git a/docs/resources/kafka.md b/docs/resources/kafka.md index 485da1322..33b45ca5f 100644 --- a/docs/resources/kafka.md +++ b/docs/resources/kafka.md @@ -260,7 +260,7 @@ Required: Optional: -- `access_key` (String, Sensitive) Access key used to authenticate with aws. +- `access_key` (String) Access key used to authenticate with aws. - `secret_key` (String, Sensitive) Secret key used to authenticate with aws. diff --git a/docs/resources/kafka_connect.md b/docs/resources/kafka_connect.md index 2246bd992..c6976029c 100644 --- a/docs/resources/kafka_connect.md +++ b/docs/resources/kafka_connect.md @@ -210,7 +210,7 @@ Required: Optional: -- `access_key` (String, Sensitive) Access key used to authenticate with aws. +- `access_key` (String) Access key used to authenticate with aws. - `secret_key` (String, Sensitive) Secret key used to authenticate with aws. diff --git a/docs/resources/opensearch.md b/docs/resources/opensearch.md index ffe7d98c6..f1c18a984 100644 --- a/docs/resources/opensearch.md +++ b/docs/resources/opensearch.md @@ -270,7 +270,9 @@ Optional: - `plugins_alerting_filter_by_backend_roles` (Boolean) Enable or disable filtering of alerting by backend roles. Requires Security plugin. Defaults to false. - `reindex_remote_whitelist` (List of String) Whitelisted addresses for reindexing. Changing this value will cause all OpenSearch instances to restart. - `script_max_compilations_rate` (String) Script compilation circuit breaker limits the number of inline script compilations within a period of time. Default is use-context. Example: `75/5m`. +- `search_backpressure` (Block List, Max: 1) Search Backpressure Settings (see [below for nested schema](#nestedblock--opensearch_user_config--opensearch--search_backpressure)) - `search_max_buckets` (Number) Maximum number of aggregation buckets allowed in a single response. OpenSearch default value is used when this is not defined. Example: `10000`. +- `shard_indexing_pressure` (Block List, Max: 1) Shard indexing back pressure settings (see [below for nested schema](#nestedblock--opensearch_user_config--opensearch--shard_indexing_pressure)) - `thread_pool_analyze_queue_size` (Number) Size for the thread pool queue. See documentation for exact details. - `thread_pool_analyze_size` (Number) Size for the thread pool. See documentation for exact details. Do note this may have maximum value depending on CPU count - value is automatically lowered if set to higher than maximum value. - `thread_pool_force_merge_size` (Number) Size for the thread pool. See documentation for exact details. Do note this may have maximum value depending on CPU count - value is automatically lowered if set to higher than maximum value. @@ -319,6 +321,123 @@ Optional: + +### Nested Schema for `opensearch_user_config.opensearch.search_backpressure` + +Optional: + +- `mode` (String) Enum: `monitor_only`, `enforced`, `disabled`. The search backpressure mode. Valid values are monitor_only, enforced, or disabled. Default is monitor_only. +- `node_duress` (Block List, Max: 1) Node duress settings (see [below for nested schema](#nestedblock--opensearch_user_config--opensearch--search_backpressure--node_duress)) +- `search_shard_task` (Block List, Max: 1) Search shard settings (see [below for nested schema](#nestedblock--opensearch_user_config--opensearch--search_backpressure--search_shard_task)) +- `search_task` (Block List, Max: 1) Search task settings (see [below for nested schema](#nestedblock--opensearch_user_config--opensearch--search_backpressure--search_task)) + + +### Nested Schema for `opensearch_user_config.opensearch.search_backpressure.node_duress` + +Optional: + +- `cpu_threshold` (Number) The CPU usage threshold (as a percentage) required for a node to be considered to be under duress. Default is 0.9. +- `heap_threshold` (Number) The heap usage threshold (as a percentage) required for a node to be considered to be under duress. Default is 0.7. +- `num_successive_breaches` (Number) The number of successive limit breaches after which the node is considered to be under duress. Default is 3. + + + +### Nested Schema for `opensearch_user_config.opensearch.search_backpressure.search_shard_task` + +Optional: + +- `cancellation_burst` (Number) The maximum number of search tasks to cancel in a single iteration of the observer thread. Default is 10.0. +- `cancellation_rate` (Number) The maximum number of tasks to cancel per millisecond of elapsed time. Default is 0.003. +- `cancellation_ratio` (Number) The maximum number of tasks to cancel, as a percentage of successful task completions. Default is 0.1. +- `cpu_time_millis_threshold` (Number) The CPU usage threshold (in milliseconds) required for a single search shard task before it is considered for cancellation. Default is 15000. +- `elapsed_time_millis_threshold` (Number) The elapsed time threshold (in milliseconds) required for a single search shard task before it is considered for cancellation. Default is 30000. +- `heap_moving_average_window_size` (Number) The number of previously completed search shard tasks to consider when calculating the rolling average of heap usage. Default is 100. +- `heap_percent_threshold` (Number) The heap usage threshold (as a percentage) required for a single search shard task before it is considered for cancellation. Default is 0.5. +- `heap_variance` (Number) The minimum variance required for a single search shard task’s heap usage compared to the rolling average of previously completed tasks before it is considered for cancellation. Default is 2.0. +- `total_heap_percent_threshold` (Number) The heap usage threshold (as a percentage) required for the sum of heap usages of all search shard tasks before cancellation is applied. Default is 0.5. + + + +### Nested Schema for `opensearch_user_config.opensearch.search_backpressure.search_task` + +Optional: + +- `cancellation_burst` (Number) The maximum number of search tasks to cancel in a single iteration of the observer thread. Default is 5.0. +- `cancellation_rate` (Number) The maximum number of search tasks to cancel per millisecond of elapsed time. Default is 0.003. +- `cancellation_ratio` (Number) The maximum number of search tasks to cancel, as a percentage of successful search task completions. Default is 0.1. +- `cpu_time_millis_threshold` (Number) The CPU usage threshold (in milliseconds) required for an individual parent task before it is considered for cancellation. Default is 30000. +- `elapsed_time_millis_threshold` (Number) The elapsed time threshold (in milliseconds) required for an individual parent task before it is considered for cancellation. Default is 45000. +- `heap_moving_average_window_size` (Number) The window size used to calculate the rolling average of the heap usage for the completed parent tasks. Default is 10. +- `heap_percent_threshold` (Number) The heap usage threshold (as a percentage) required for an individual parent task before it is considered for cancellation. Default is 0.2. +- `heap_variance` (Number) The heap usage variance required for an individual parent task before it is considered for cancellation. A task is considered for cancellation when taskHeapUsage is greater than or equal to heapUsageMovingAverage * variance. Default is 2.0. +- `total_heap_percent_threshold` (Number) The heap usage threshold (as a percentage) required for the sum of heap usages of all search tasks before cancellation is applied. Default is 0.5. + + + + +### Nested Schema for `opensearch_user_config.opensearch.shard_indexing_pressure` + +Optional: + +- `enabled` (Boolean) Enable or disable shard indexing backpressure. Default is false. +- `enforced` (Boolean) Run shard indexing backpressure in shadow mode or enforced mode. + In shadow mode (value set as false), shard indexing backpressure tracks all granular-level metrics, + but it doesn’t actually reject any indexing requests. + In enforced mode (value set as true), + shard indexing backpressure rejects any requests to the cluster that might cause a dip in its performance. + Default is false. +- `operating_factor` (Block List, Max: 1) Operating factor (see [below for nested schema](#nestedblock--opensearch_user_config--opensearch--shard_indexing_pressure--operating_factor)) +- `primary_parameter` (Block List, Max: 1) Primary parameter (see [below for nested schema](#nestedblock--opensearch_user_config--opensearch--shard_indexing_pressure--primary_parameter)) + + +### Nested Schema for `opensearch_user_config.opensearch.shard_indexing_pressure.operating_factor` + +Optional: + +- `lower` (Number) Specify the lower occupancy limit of the allocated quota of memory for the shard. + If the total memory usage of a shard is below this limit, + shard indexing backpressure decreases the current allocated memory for that shard. + Default is 0.75. +- `optimal` (Number) Specify the optimal occupancy of the allocated quota of memory for the shard. + If the total memory usage of a shard is at this level, + shard indexing backpressure doesn’t change the current allocated memory for that shard. + Default is 0.85. +- `upper` (Number) Specify the upper occupancy limit of the allocated quota of memory for the shard. + If the total memory usage of a shard is above this limit, + shard indexing backpressure increases the current allocated memory for that shard. + Default is 0.95. + + + +### Nested Schema for `opensearch_user_config.opensearch.shard_indexing_pressure.primary_parameter` + +Optional: + +- `node` (Block List, Max: 1) (see [below for nested schema](#nestedblock--opensearch_user_config--opensearch--shard_indexing_pressure--primary_parameter--node)) +- `shard` (Block List, Max: 1) (see [below for nested schema](#nestedblock--opensearch_user_config--opensearch--shard_indexing_pressure--primary_parameter--shard)) + + +### Nested Schema for `opensearch_user_config.opensearch.shard_indexing_pressure.primary_parameter.node` + +Optional: + +- `soft_limit` (Number) Define the percentage of the node-level memory + threshold that acts as a soft indicator for strain on a node. + Default is 0.7. + + + +### Nested Schema for `opensearch_user_config.opensearch.shard_indexing_pressure.primary_parameter.shard` + +Optional: + +- `min_limit` (Number) Specify the minimum assigned quota for a new shard in any role (coordinator, primary, or replica). + Shard indexing backpressure increases or decreases this allocated quota based on the inflow of traffic for the shard. + Default is 0.001. + + + + ### Nested Schema for `opensearch_user_config.opensearch_dashboards` @@ -365,7 +484,7 @@ Optional: Required: -- `access_key` (String, Sensitive) AWS Access key. +- `access_key` (String) AWS Access key. - `base_path` (String) The path to the repository data within its container. The value of this setting should not start or end with a /. - `bucket` (String) S3 bucket name. - `region` (String) S3 region. diff --git a/docs/resources/service_integration_endpoint.md b/docs/resources/service_integration_endpoint.md index 6e749a50e..88df8738c 100644 --- a/docs/resources/service_integration_endpoint.md +++ b/docs/resources/service_integration_endpoint.md @@ -80,7 +80,7 @@ Optional: Required: -- `access_key` (String, Sensitive) AWS access key. Required permissions are logs:CreateLogGroup, logs:CreateLogStream, logs:PutLogEvents and logs:DescribeLogStreams. Example: `AAAAAAAAAAAAAAAAAAAA`. +- `access_key` (String) AWS access key. Required permissions are logs:CreateLogGroup, logs:CreateLogStream, logs:PutLogEvents and logs:DescribeLogStreams. Example: `AAAAAAAAAAAAAAAAAAAA`. - `region` (String) AWS region. Example: `us-east-1`. - `secret_key` (String, Sensitive) AWS secret key. Example: `AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA`. @@ -94,7 +94,7 @@ Optional: Required: -- `access_key` (String, Sensitive) AWS access key. Required permissions are cloudwatch:PutMetricData. Example: `AAAAAAAAAAAAAAAAAAAA`. +- `access_key` (String) AWS access key. Required permissions are cloudwatch:PutMetricData. Example: `AAAAAAAAAAAAAAAAAAAA`. - `namespace` (String) AWS CloudWatch Metrics Namespace. Example: `my-metrics-namespace`. - `region` (String) AWS region. Example: `us-east-1`. - `secret_key` (String, Sensitive) AWS secret key. Example: `AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA`. @@ -105,7 +105,7 @@ Required: Required: -- `access_key_id` (String, Sensitive) Access Key Id. Example: `AAAAAAAAAAAAAAAAAAA`. +- `access_key_id` (String) Access Key Id. Example: `AAAAAAAAAAAAAAAAAAA`. - `secret_access_key` (String, Sensitive) Secret Access Key. Example: `AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA`. - `url` (String) S3-compatible bucket URL. Example: `https://mybucket.s3-myregion.amazonaws.com/mydataset/`. @@ -145,7 +145,7 @@ Optional: Required: - `project_id` (String) GCP project id. Example: `snappy-photon-12345`. -- `service_account_credentials` (String) This is a JSON object with the fields documented in https://cloud.google.com/iam/docs/creating-managing-service-account-keys. Example: `{"type": "service_account", ...`. +- `service_account_credentials` (String, Sensitive) This is a JSON object with the fields documented in https://cloud.google.com/iam/docs/creating-managing-service-account-keys. Example: `{"type": "service_account", ...`. @@ -155,7 +155,7 @@ Required: - `log_id` (String) Google Cloud Logging log id. Example: `syslog`. - `project_id` (String) GCP project id. Example: `snappy-photon-12345`. -- `service_account_credentials` (String) This is a JSON object with the fields documented in https://cloud.google.com/iam/docs/creating-managing-service-account-keys. Example: `{"type": "service_account", ...`. +- `service_account_credentials` (String, Sensitive) This is a JSON object with the fields documented in https://cloud.google.com/iam/docs/creating-managing-service-account-keys. Example: `{"type": "service_account", ...`. @@ -179,7 +179,7 @@ Optional: ... -----END CERTIFICATE----- `. -- `ssl_client_key` (String) PEM-encoded client key. Example: `-----BEGIN PRIVATE KEY----- +- `ssl_client_key` (String, Sensitive) PEM-encoded client key. Example: `-----BEGIN PRIVATE KEY----- ... -----END PRIVATE KEY----- `. @@ -302,7 +302,7 @@ Optional: ... -----END CERTIFICATE----- `. -- `key` (String) PEM encoded client key. Example: `-----BEGIN PRIVATE KEY----- +- `key` (String, Sensitive) PEM encoded client key. Example: `-----BEGIN PRIVATE KEY----- ... -----END PRIVATE KEY----- `. diff --git a/docs/resources/thanos.md b/docs/resources/thanos.md index 1efa79fe9..8796b6d2f 100644 --- a/docs/resources/thanos.md +++ b/docs/resources/thanos.md @@ -116,7 +116,7 @@ Read-Only: Optional: - `compactor` (Block List, Max: 1) ThanosCompactor (see [below for nested schema](#nestedblock--thanos_user_config--compactor)) -- `env` (Map of String) Environmental variables. +- `env` (Map of String, Deprecated) Environmental variables. - `ip_filter` (Set of String, Deprecated) Allow incoming connections from CIDR address block, e.g. `10.20.0.0/16`. - `ip_filter_object` (Block Set, Max: 1024) Allow incoming connections from CIDR address block, e.g. `10.20.0.0/16` (see [below for nested schema](#nestedblock--thanos_user_config--ip_filter_object)) - `ip_filter_string` (Set of String) Allow incoming connections from CIDR address block, e.g. `10.20.0.0/16`. diff --git a/go.mod b/go.mod index 89ff1f093..c578e59a1 100644 --- a/go.mod +++ b/go.mod @@ -59,7 +59,7 @@ require ( cloud.google.com/go v0.112.0 // indirect cloud.google.com/go/storage v1.36.0 // indirect github.com/agext/levenshtein v1.2.3 // indirect - github.com/aiven/go-api-schemas v1.91.0 + github.com/aiven/go-api-schemas v1.92.0 github.com/aws/aws-sdk-go v1.44.122 // indirect github.com/bgentry/go-netrc v0.0.0-20140422174119-9fd32a8b3d3d // indirect github.com/davecgh/go-spew v1.1.1 // indirect diff --git a/go.sum b/go.sum index 7d90d5a8c..fe0e28dab 100644 --- a/go.sum +++ b/go.sum @@ -197,8 +197,8 @@ github.com/agext/levenshtein v1.2.3 h1:YB2fHEn0UJagG8T1rrWknE3ZQzWM06O8AMAatNn7l github.com/agext/levenshtein v1.2.3/go.mod h1:JEDfjyjHDjOF/1e4FlBE/PkbqA9OfWu2ki2W0IB5558= github.com/aiven/aiven-go-client/v2 v2.28.0 h1:P2UgIeUCwtDEgeeQkC1sdcWJHat1ViDc03QHS0OrUgQ= github.com/aiven/aiven-go-client/v2 v2.28.0/go.mod h1:KdHfLIlIRZIfCSEBd39j1Q81jlSb6Nd+oCQKqERfnuA= -github.com/aiven/go-api-schemas v1.91.0 h1:jiJpRwFKf3IcuZtMIzDmNyICmX0ayqDYMh9QF0GoFZY= -github.com/aiven/go-api-schemas v1.91.0/go.mod h1:qS3E/3R+aKQbHsqXzNHqlXATY1kbVNzhiJvk2IDmADI= +github.com/aiven/go-api-schemas v1.92.0 h1:nEPgkMAupqmqaBoVq3/MaKJqZwHstkVeLdCR8M8pBC0= +github.com/aiven/go-api-schemas v1.92.0/go.mod h1:qS3E/3R+aKQbHsqXzNHqlXATY1kbVNzhiJvk2IDmADI= github.com/aiven/go-client-codegen v0.41.0 h1:lFjl8njSqLmqbXzcHAD0nRBql/U8Ik5x68t+3f0kTnQ= github.com/aiven/go-client-codegen v0.41.0/go.mod h1:FfbH32Xb+Hx5zeKTIug1Y8SfMeB+AKNRzxgrzkts2oA= github.com/antihax/optional v1.0.0/go.mod h1:uupD/76wgC+ih3iEmQUL+0Ugr19nfwCT1kdvxnR2qWY= diff --git a/internal/sdkprovider/userconfig/service/grafana.go b/internal/sdkprovider/userconfig/service/grafana.go index 1db08e130..6a25cfbd1 100644 --- a/internal/sdkprovider/userconfig/service/grafana.go +++ b/internal/sdkprovider/userconfig/service/grafana.go @@ -431,7 +431,6 @@ func grafanaUserConfig() *schema.Schema { "access_key": { Description: "S3 access key. Requires permissions to the S3 bucket for the s3:PutObject and s3:PutObjectAcl actions. Example: `AAAAAAAAAAAAAAAAAAA`.", Required: true, - Sensitive: true, Type: schema.TypeString, }, "bucket_url": { diff --git a/internal/sdkprovider/userconfig/service/kafka.go b/internal/sdkprovider/userconfig/service/kafka.go index 63b9c78cd..15361f3ba 100644 --- a/internal/sdkprovider/userconfig/service/kafka.go +++ b/internal/sdkprovider/userconfig/service/kafka.go @@ -450,7 +450,6 @@ func kafkaUserConfig() *schema.Schema { "access_key": { Description: "Access key used to authenticate with aws.", Optional: true, - Sensitive: true, Type: schema.TypeString, }, "auth_method": { diff --git a/internal/sdkprovider/userconfig/service/kafka_connect.go b/internal/sdkprovider/userconfig/service/kafka_connect.go index 2f844dcbc..dc44309c9 100644 --- a/internal/sdkprovider/userconfig/service/kafka_connect.go +++ b/internal/sdkprovider/userconfig/service/kafka_connect.go @@ -224,7 +224,6 @@ func kafkaConnectUserConfig() *schema.Schema { "access_key": { Description: "Access key used to authenticate with aws.", Optional: true, - Sensitive: true, Type: schema.TypeString, }, "auth_method": { diff --git a/internal/sdkprovider/userconfig/service/opensearch.go b/internal/sdkprovider/userconfig/service/opensearch.go index 5164dae7b..c24ee2f65 100644 --- a/internal/sdkprovider/userconfig/service/opensearch.go +++ b/internal/sdkprovider/userconfig/service/opensearch.go @@ -591,11 +591,223 @@ func opensearchUserConfig() *schema.Schema { Optional: true, Type: schema.TypeString, }, + "search_backpressure": { + Description: "Search Backpressure Settings", + Elem: &schema.Resource{Schema: map[string]*schema.Schema{ + "mode": { + Description: "Enum: `monitor_only`, `enforced`, `disabled`. The search backpressure mode. Valid values are monitor_only, enforced, or disabled. Default is monitor_only.", + Optional: true, + Type: schema.TypeString, + ValidateFunc: validation.StringInSlice([]string{"monitor_only", "enforced", "disabled"}, false), + }, + "node_duress": { + Description: "Node duress settings", + Elem: &schema.Resource{Schema: map[string]*schema.Schema{ + "cpu_threshold": { + Description: "The CPU usage threshold (as a percentage) required for a node to be considered to be under duress. Default is 0.9.", + Optional: true, + Type: schema.TypeFloat, + }, + "heap_threshold": { + Description: "The heap usage threshold (as a percentage) required for a node to be considered to be under duress. Default is 0.7.", + Optional: true, + Type: schema.TypeFloat, + }, + "num_successive_breaches": { + Description: "The number of successive limit breaches after which the node is considered to be under duress. Default is 3.", + Optional: true, + Type: schema.TypeInt, + }, + }}, + MaxItems: 1, + Optional: true, + Type: schema.TypeList, + }, + "search_shard_task": { + Description: "Search shard settings", + Elem: &schema.Resource{Schema: map[string]*schema.Schema{ + "cancellation_burst": { + Description: "The maximum number of search tasks to cancel in a single iteration of the observer thread. Default is 10.0.", + Optional: true, + Type: schema.TypeFloat, + }, + "cancellation_rate": { + Description: "The maximum number of tasks to cancel per millisecond of elapsed time. Default is 0.003.", + Optional: true, + Type: schema.TypeFloat, + }, + "cancellation_ratio": { + Description: "The maximum number of tasks to cancel, as a percentage of successful task completions. Default is 0.1.", + Optional: true, + Type: schema.TypeFloat, + }, + "cpu_time_millis_threshold": { + Description: "The CPU usage threshold (in milliseconds) required for a single search shard task before it is considered for cancellation. Default is 15000.", + Optional: true, + Type: schema.TypeInt, + }, + "elapsed_time_millis_threshold": { + Description: "The elapsed time threshold (in milliseconds) required for a single search shard task before it is considered for cancellation. Default is 30000.", + Optional: true, + Type: schema.TypeInt, + }, + "heap_moving_average_window_size": { + Description: "The number of previously completed search shard tasks to consider when calculating the rolling average of heap usage. Default is 100.", + Optional: true, + Type: schema.TypeInt, + }, + "heap_percent_threshold": { + Description: "The heap usage threshold (as a percentage) required for a single search shard task before it is considered for cancellation. Default is 0.5.", + Optional: true, + Type: schema.TypeFloat, + }, + "heap_variance": { + Description: "The minimum variance required for a single search shard task’s heap usage compared to the rolling average of previously completed tasks before it is considered for cancellation. Default is 2.0.", + Optional: true, + Type: schema.TypeFloat, + }, + "total_heap_percent_threshold": { + Description: "The heap usage threshold (as a percentage) required for the sum of heap usages of all search shard tasks before cancellation is applied. Default is 0.5.", + Optional: true, + Type: schema.TypeFloat, + }, + }}, + MaxItems: 1, + Optional: true, + Type: schema.TypeList, + }, + "search_task": { + Description: "Search task settings", + Elem: &schema.Resource{Schema: map[string]*schema.Schema{ + "cancellation_burst": { + Description: "The maximum number of search tasks to cancel in a single iteration of the observer thread. Default is 5.0.", + Optional: true, + Type: schema.TypeFloat, + }, + "cancellation_rate": { + Description: "The maximum number of search tasks to cancel per millisecond of elapsed time. Default is 0.003.", + Optional: true, + Type: schema.TypeFloat, + }, + "cancellation_ratio": { + Description: "The maximum number of search tasks to cancel, as a percentage of successful search task completions. Default is 0.1.", + Optional: true, + Type: schema.TypeFloat, + }, + "cpu_time_millis_threshold": { + Description: "The CPU usage threshold (in milliseconds) required for an individual parent task before it is considered for cancellation. Default is 30000.", + Optional: true, + Type: schema.TypeInt, + }, + "elapsed_time_millis_threshold": { + Description: "The elapsed time threshold (in milliseconds) required for an individual parent task before it is considered for cancellation. Default is 45000.", + Optional: true, + Type: schema.TypeInt, + }, + "heap_moving_average_window_size": { + Description: "The window size used to calculate the rolling average of the heap usage for the completed parent tasks. Default is 10.", + Optional: true, + Type: schema.TypeInt, + }, + "heap_percent_threshold": { + Description: "The heap usage threshold (as a percentage) required for an individual parent task before it is considered for cancellation. Default is 0.2.", + Optional: true, + Type: schema.TypeFloat, + }, + "heap_variance": { + Description: "The heap usage variance required for an individual parent task before it is considered for cancellation. A task is considered for cancellation when taskHeapUsage is greater than or equal to heapUsageMovingAverage * variance. Default is 2.0.", + Optional: true, + Type: schema.TypeFloat, + }, + "total_heap_percent_threshold": { + Description: "The heap usage threshold (as a percentage) required for the sum of heap usages of all search tasks before cancellation is applied. Default is 0.5.", + Optional: true, + Type: schema.TypeFloat, + }, + }}, + MaxItems: 1, + Optional: true, + Type: schema.TypeList, + }, + }}, + MaxItems: 1, + Optional: true, + Type: schema.TypeList, + }, "search_max_buckets": { Description: "Maximum number of aggregation buckets allowed in a single response. OpenSearch default value is used when this is not defined. Example: `10000`.", Optional: true, Type: schema.TypeInt, }, + "shard_indexing_pressure": { + Description: "Shard indexing back pressure settings", + Elem: &schema.Resource{Schema: map[string]*schema.Schema{ + "enabled": { + Description: "Enable or disable shard indexing backpressure. Default is false.", + Optional: true, + Type: schema.TypeBool, + }, + "enforced": { + Description: "Run shard indexing backpressure in shadow mode or enforced mode.\n In shadow mode (value set as false), shard indexing backpressure tracks all granular-level metrics,\n but it doesn’t actually reject any indexing requests.\n In enforced mode (value set as true),\n shard indexing backpressure rejects any requests to the cluster that might cause a dip in its performance.\n Default is false.", + Optional: true, + Type: schema.TypeBool, + }, + "operating_factor": { + Description: "Operating factor", + Elem: &schema.Resource{Schema: map[string]*schema.Schema{ + "lower": { + Description: "Specify the lower occupancy limit of the allocated quota of memory for the shard.\n If the total memory usage of a shard is below this limit,\n shard indexing backpressure decreases the current allocated memory for that shard.\n Default is 0.75.", + Optional: true, + Type: schema.TypeFloat, + }, + "optimal": { + Description: "Specify the optimal occupancy of the allocated quota of memory for the shard.\n If the total memory usage of a shard is at this level,\n shard indexing backpressure doesn’t change the current allocated memory for that shard.\n Default is 0.85.", + Optional: true, + Type: schema.TypeFloat, + }, + "upper": { + Description: "Specify the upper occupancy limit of the allocated quota of memory for the shard.\n If the total memory usage of a shard is above this limit,\n shard indexing backpressure increases the current allocated memory for that shard.\n Default is 0.95.", + Optional: true, + Type: schema.TypeFloat, + }, + }}, + MaxItems: 1, + Optional: true, + Type: schema.TypeList, + }, + "primary_parameter": { + Description: "Primary parameter", + Elem: &schema.Resource{Schema: map[string]*schema.Schema{ + "node": { + Elem: &schema.Resource{Schema: map[string]*schema.Schema{"soft_limit": { + Description: "Define the percentage of the node-level memory\n threshold that acts as a soft indicator for strain on a node.\n Default is 0.7.", + Optional: true, + Type: schema.TypeFloat, + }}}, + MaxItems: 1, + Optional: true, + Type: schema.TypeList, + }, + "shard": { + Elem: &schema.Resource{Schema: map[string]*schema.Schema{"min_limit": { + Description: "Specify the minimum assigned quota for a new shard in any role (coordinator, primary, or replica).\n Shard indexing backpressure increases or decreases this allocated quota based on the inflow of traffic for the shard.\n Default is 0.001.", + Optional: true, + Type: schema.TypeFloat, + }}}, + MaxItems: 1, + Optional: true, + Type: schema.TypeList, + }, + }}, + MaxItems: 1, + Optional: true, + Type: schema.TypeList, + }, + }}, + MaxItems: 1, + Optional: true, + Type: schema.TypeList, + }, "thread_pool_analyze_queue_size": { Description: "Size for the thread pool queue. See documentation for exact details.", Optional: true, @@ -770,7 +982,6 @@ func opensearchUserConfig() *schema.Schema { "access_key": { Description: "AWS Access key.", Required: true, - Sensitive: true, Type: schema.TypeString, }, "base_path": { diff --git a/internal/sdkprovider/userconfig/service/thanos.go b/internal/sdkprovider/userconfig/service/thanos.go index 04d0e0eb1..55be45476 100644 --- a/internal/sdkprovider/userconfig/service/thanos.go +++ b/internal/sdkprovider/userconfig/service/thanos.go @@ -25,6 +25,7 @@ func thanosUserConfig() *schema.Schema { Type: schema.TypeList, }, "env": { + Deprecated: "This property is deprecated.", Description: "Environmental variables.", Optional: true, Type: schema.TypeMap, diff --git a/internal/sdkprovider/userconfig/serviceintegrationendpoint/external_aws_cloudwatch_logs.go b/internal/sdkprovider/userconfig/serviceintegrationendpoint/external_aws_cloudwatch_logs.go index 029c07116..812d195b9 100644 --- a/internal/sdkprovider/userconfig/serviceintegrationendpoint/external_aws_cloudwatch_logs.go +++ b/internal/sdkprovider/userconfig/serviceintegrationendpoint/external_aws_cloudwatch_logs.go @@ -16,7 +16,6 @@ func externalAwsCloudwatchLogsUserConfig() *schema.Schema { "access_key": { Description: "AWS access key. Required permissions are logs:CreateLogGroup, logs:CreateLogStream, logs:PutLogEvents and logs:DescribeLogStreams. Example: `AAAAAAAAAAAAAAAAAAAA`.", Required: true, - Sensitive: true, Type: schema.TypeString, }, "log_group_name": { diff --git a/internal/sdkprovider/userconfig/serviceintegrationendpoint/external_aws_cloudwatch_metrics.go b/internal/sdkprovider/userconfig/serviceintegrationendpoint/external_aws_cloudwatch_metrics.go index 0d438ebae..c9e01d2eb 100644 --- a/internal/sdkprovider/userconfig/serviceintegrationendpoint/external_aws_cloudwatch_metrics.go +++ b/internal/sdkprovider/userconfig/serviceintegrationendpoint/external_aws_cloudwatch_metrics.go @@ -16,7 +16,6 @@ func externalAwsCloudwatchMetricsUserConfig() *schema.Schema { "access_key": { Description: "AWS access key. Required permissions are cloudwatch:PutMetricData. Example: `AAAAAAAAAAAAAAAAAAAA`.", Required: true, - Sensitive: true, Type: schema.TypeString, }, "namespace": { diff --git a/internal/sdkprovider/userconfig/serviceintegrationendpoint/external_aws_s3.go b/internal/sdkprovider/userconfig/serviceintegrationendpoint/external_aws_s3.go index 44ccad6cd..35ff30429 100644 --- a/internal/sdkprovider/userconfig/serviceintegrationendpoint/external_aws_s3.go +++ b/internal/sdkprovider/userconfig/serviceintegrationendpoint/external_aws_s3.go @@ -16,7 +16,6 @@ func externalAwsS3UserConfig() *schema.Schema { "access_key_id": { Description: "Access Key Id. Example: `AAAAAAAAAAAAAAAAAAA`.", Required: true, - Sensitive: true, Type: schema.TypeString, }, "secret_access_key": { diff --git a/internal/sdkprovider/userconfig/serviceintegrationendpoint/external_google_cloud_bigquery.go b/internal/sdkprovider/userconfig/serviceintegrationendpoint/external_google_cloud_bigquery.go index b4884c995..bb0a0a485 100644 --- a/internal/sdkprovider/userconfig/serviceintegrationendpoint/external_google_cloud_bigquery.go +++ b/internal/sdkprovider/userconfig/serviceintegrationendpoint/external_google_cloud_bigquery.go @@ -21,6 +21,7 @@ func externalGoogleCloudBigqueryUserConfig() *schema.Schema { "service_account_credentials": { Description: "This is a JSON object with the fields documented in https://cloud.google.com/iam/docs/creating-managing-service-account-keys. Example: `{\"type\": \"service_account\", ...`.", Required: true, + Sensitive: true, Type: schema.TypeString, }, }}, diff --git a/internal/sdkprovider/userconfig/serviceintegrationendpoint/external_google_cloud_logging.go b/internal/sdkprovider/userconfig/serviceintegrationendpoint/external_google_cloud_logging.go index 518952e83..93553ea45 100644 --- a/internal/sdkprovider/userconfig/serviceintegrationendpoint/external_google_cloud_logging.go +++ b/internal/sdkprovider/userconfig/serviceintegrationendpoint/external_google_cloud_logging.go @@ -26,6 +26,7 @@ func externalGoogleCloudLoggingUserConfig() *schema.Schema { "service_account_credentials": { Description: "This is a JSON object with the fields documented in https://cloud.google.com/iam/docs/creating-managing-service-account-keys. Example: `{\"type\": \"service_account\", ...`.", Required: true, + Sensitive: true, Type: schema.TypeString, }, }}, diff --git a/internal/sdkprovider/userconfig/serviceintegrationendpoint/external_kafka.go b/internal/sdkprovider/userconfig/serviceintegrationendpoint/external_kafka.go index 0b33fd982..45c7a6b57 100644 --- a/internal/sdkprovider/userconfig/serviceintegrationendpoint/external_kafka.go +++ b/internal/sdkprovider/userconfig/serviceintegrationendpoint/external_kafka.go @@ -55,6 +55,7 @@ func externalKafkaUserConfig() *schema.Schema { "ssl_client_key": { Description: "PEM-encoded client key. Example: `-----BEGIN PRIVATE KEY-----\n...\n-----END PRIVATE KEY-----\n`.", Optional: true, + Sensitive: true, Type: schema.TypeString, }, "ssl_endpoint_identification_algorithm": { diff --git a/internal/sdkprovider/userconfig/serviceintegrationendpoint/rsyslog.go b/internal/sdkprovider/userconfig/serviceintegrationendpoint/rsyslog.go index 4132755f6..08b1929bd 100644 --- a/internal/sdkprovider/userconfig/serviceintegrationendpoint/rsyslog.go +++ b/internal/sdkprovider/userconfig/serviceintegrationendpoint/rsyslog.go @@ -33,6 +33,7 @@ func rsyslogUserConfig() *schema.Schema { "key": { Description: "PEM encoded client key. Example: `-----BEGIN PRIVATE KEY-----\n...\n-----END PRIVATE KEY-----\n`.", Optional: true, + Sensitive: true, Type: schema.TypeString, }, "logline": { diff --git a/ucgenerator/main.go b/ucgenerator/main.go index 5c5b824bc..48868c601 100644 --- a/ucgenerator/main.go +++ b/ucgenerator/main.go @@ -250,7 +250,7 @@ func getSchemaValues(o *object) (jen.Dict, error) { } if o.isScalar() { - if o.IsSensitive || reSensitive.MatchString(o.jsonName) { + if o.IsSensitive { values[jen.Id("Sensitive")] = jen.True() } @@ -437,7 +437,3 @@ func toTitle(s string) string { } return s } - -// reSensitive finds sensitive fields -// ignores token_url -var reSensitive = regexp.MustCompile(`(secret|access_key|api_key|^token$|password)`)