In the example below, we create a client, an index with non-default settings, insert a document to the index, search for the document, delete the document and finally delete the index.
package main
import (
"context"
"crypto/tls"
"errors"
"fmt"
"net/http"
"os"
"strings"
"github.com/opensearch-project/opensearch-go/v3"
"github.com/opensearch-project/opensearch-go/v3/opensearchapi"
"github.com/opensearch-project/opensearch-go/v3/opensearchutil"
)
const IndexName = "go-test-index1"
func main() {
if err := example(); err != nil {
fmt.Println(fmt.Sprintf("Error: %s", err))
os.Exit(1)
}
}
func example() error {
// Initialize the client with SSL/TLS enabled.
client, err := opensearchapi.NewClient(
opensearchapi.Config{
Client: opensearch.Config{
Transport: &http.Transport{
TLSClientConfig: &tls.Config{InsecureSkipVerify: true}, // For testing only. Use certificate for validation.
},
Addresses: []string{"https://localhost:9200"},
Username: "admin", // For testing only. Don't store credentials in code.
Password: "admin",
},
},
)
if err != nil {
return err
}
ctx := context.Background()
// Print OpenSearch version information on console.
infoResp, err := client.Info(ctx, nil)
if err != nil {
return err
}
fmt.Printf("Cluster INFO:\n Cluster Name: %s\n Cluster UUID: %s\n Version Number: %s\n", infoResp.ClusterName, infoResp.ClusterUUID, infoResp.Version.Number)
// Define index mapping.
// Note: these particular settings (eg, shards/replicas)
// will have no effect in AWS OpenSearch Serverless
mapping := strings.NewReader(`{
"settings": {
"index": {
"number_of_shards": 4
}
}
}`)
// Create an index with non-default settings.
var opensearchError opensearchapi.Error
createIndexResponse, err := client.Indices.Create(
ctx,
opensearchapi.IndicesCreateReq{
Index: IndexName,
Body: mapping,
},
)
// Load err into opensearchapi.Error to access the fields and tolerate if the index already exists
if err != nil {
if errors.As(err, &opensearchError) {
if opensearchError.Err.Type != "resource_already_exists_exception" {
return err
}
} else {
return err
}
}
fmt.Printf("Created Index: %s\n Shards Acknowledged: %t\n", createIndexResponse.Index, createIndexResponse.ShardsAcknowledged)
// When using a structure, the conversion process to io.Reader can be omitted using utility functions.
document := struct {
Title string `json:"title"`
Director string `json:"director"`
Year string `json:"year"`
}{
Title: "Moneyball",
Director: "Bennett Miller",
Year: "2011",
}
docId := "1"
insertResp, err := client.Index(
ctx,
opensearchapi.IndexReq{
Index: IndexName,
DocumentID: docId,
Body: opensearchutil.NewJSONReader(&document),
}
)
if err != nil {
return err
}
fmt.Printf("Created document in %s\n ID: %s\n", insertResp.Index, insertResp.ID)
// Search for the document.
content := strings.NewReader(`{
"size": 5,
"query": {
"multi_match": {
"query": "miller",
"fields": ["title^2", "director"]
}
}
}`)
searchResp, err := client.Search(
ctx,
&opensearchapi.SearchReq{
Body: content,
}
)
if err != nil {
return err
}
if searchResp.Hits.Total.Value > 0 {
indices := make([]string, 0)
for _, hit := range searchResp.Hits.Hits {
add := true
for _, index := range indices {
if index == hit.Index {
add = false
}
}
if add {
indices = append(indices, hit.Index)
}
}
fmt.Printf("Search indices: %s\n", strings.Join(indices, ","))
}
/*
// Delete the document.
deleteReq := opensearchapi.DeleteReq{
Index: IndexName,
DocumentID: docId,
}
deleteResponse, err := client.Indices.Delete(ctx, deleteReq)
if err != nil {
return err
}
fmt.Println("deleting document")
fmt.Println(deleteResponse)
*/
// Delete previously created index.
deleteIndexResp, err := client.Indices.Delete(ctx, opensearchapi.IndicesDeleteReq{Index: []string{IndexName}})
if err != nil {
return err
}
fmt.Println(fmt.Sprintf("Deleted index: %t", deleteIndexResp.Acknowledged))
// Try to delete the index again which failes as it does not exist
// Load err into opensearchapi.Error to access the fields and tolerate if the index is missing
_, err = client.Indices.Delete(ctx, deleteIndex)
if err != nil {
if errors.As(err, &opensearchError) {
if opensearchError.Err.Type != "index_not_found_exception" {
return nil
}
} else {
return err
}
}
return nil
}
Before starting, we strongly recommend reading the full AWS documentation regarding using IAM credentials to sign requests to OpenSearch APIs. See Identity and Access Management in Amazon OpenSearch Service.
Even if you configure a completely open resource-based access policy, all requests to the OpenSearch Service configuration API must be signed. If your policies specify IAM users or roles, requests to the OpenSearch APIs also must be signed using AWS Signature Version 4.
Depending on the version of AWS SDK used, import the v1 or v2 request signer from signer/aws
or signer/awsv2
respectively. Both signers are equivalent in their functionality, they provide AWS Signature Version 4 (SigV4).
To read more about SigV4 see Signature Version 4 signing process
Here are some Go samples that show how to sign each OpenSearch request and automatically search for AWS credentials from the ~/.aws folder or environment variables:
package main
import (
"context"
"fmt"
"os"
"github.com/aws/aws-sdk-go/aws/session"
requestsigner "github.com/opensearch-project/opensearch-go/v3/signer/aws"
"github.com/opensearch-project/opensearch-go/v3"
"github.com/opensearch-project/opensearch-go/v3/opensearchapi"
)
const IndexName = "go-test-index1"
func main() {
if err := example(); err != nil {
fmt.Println(fmt.Sprintf("Error: %s", err))
os.Exit(1)
}
}
const endpoint = "" // e.g. https://opensearch-domain.region.com
func example() error {
// Create an AWS request Signer and load AWS configuration using default config folder or env vars.
// See https://docs.aws.amazon.com/opensearch-service/latest/developerguide/request-signing.html#request-signing-go
signer, err := requestsigner.NewSignerWithService(
session.Options{SharedConfigState: session.SharedConfigEnable},
requestsigner.OpenSearchService, // Use requestsigner.OpenSearchServerless for Amazon OpenSearch Serverless.
)
if err != nil {
return err
}
// Create an opensearch client and use the request-signer.
client, err := opensearchapi.NewClient(
opensearchapi.Config{
Client: opensearch.Config{
Addresses: []string{endpoint},
Signer: signer,
},
},
)
if err != nil {
return err
}
ctx := context.Background()
ping, err := client.Ping(ctx, nil)
if err != nil {
return err
}
fmt.Println(ping)
return nil
}
Use the AWS SDK v2 for Go to authenticate with Amazon OpenSearch service.
package main
import (
"context"
"fmt"
"os"
"strings"
"github.com/aws/aws-sdk-go-v2/aws"
"github.com/aws/aws-sdk-go-v2/config"
"github.com/opensearch-project/opensearch-go/v3"
"github.com/opensearch-project/opensearch-go/v3/opensearchapi"
requestsigner "github.com/opensearch-project/opensearch-go/v3/signer/awsv2"
)
const endpoint = "" // e.g. https://opensearch-domain.region.com or Amazon OpenSearch Serverless endpoint
func main() {
if err := example(); err != nil {
fmt.Println(fmt.Sprintf("Error: %s", err))
os.Exit(1)
}
}
func example() error {
ctx := context.Background()
awsCfg, err := config.LoadDefaultConfig(ctx,
config.WithRegion("<AWS_REGION>"),
config.WithCredentialsProvider(
getCredentialProvider("<AWS_ACCESS_KEY>", "<AWS_SECRET_ACCESS_KEY>", "<AWS_SESSION_TOKEN>"),
),
)
if err != nil {
return err
}
// Create an AWS request Signer and load AWS configuration using default config folder or env vars.
signer, err := requestsigner.NewSignerWithService(awsCfg, "es") // Use "aoss" for Amazon OpenSearch Serverless
if err != nil {
return err
}
// Create an opensearch client and use the request-signer.
client, err := opensearchapi.NewClient(
opensearchapi.Config{
Client: opensearch.Config{
Addresses: []string{endpoint},
Signer: signer,
},
},
)
if err != nil {
return err
}
indexName := "go-test-index"
// Define index mapping.
mapping := strings.NewReader(`{
"settings": {
"index": {
"number_of_shards": 4
}
}
}`)
// Create an index with non-default settings.
createResp, err := client.Indices.Create(
ctx,
opensearchapi.IndicesCreateReq{
Index: indexName,
Body: mapping,
},
)
if err != nil {
return err
}
fmt.Println("created index: %s", createResp.Index)
delResp, err := client.Indices.Delete(ctx, opensearchapi.IndicesDeleteReq{Indices: []string{indexName}})
if err != nil {
return err
}
fmt.Println("deleted index: %#v", delResp.Acknowledged)
return nil
}
func getCredentialProvider(accessKey, secretAccessKey, token string) aws.CredentialsProviderFunc {
return func(ctx context.Context) (aws.Credentials, error) {
c := &aws.Credentials{
AccessKeyID: accessKey,
SecretAccessKey: secretAccessKey,
SessionToken: token,
}
return *c, nil
}
}