Current security group doesn't allow DNS requests, therefor lambda function can't resolve ES cluster DNS name.

('Connection aborted.', gaierror(-3, 'Temporary failure in name resolution')): ConnectionError
Traceback (most recent call last):
File "/var/task/es-cleanup.py", line 180, in lambda_handler
for index in es.get_indices():
File "/var/task/es-cleanup.py", line 165, in get_indices
return self.send_to_es("/_cat/indices")
File "/var/task/es-cleanup.py", line 119, in send_to_es
res = session.send(preq)
File "/var/runtime/botocore/vendored/requests/sessions.py", line 573, in send
r = adapter.send(request, **kwargs)
File "/var/runtime/botocore/vendored/requests/adapters.py", line 415, in send
raise ConnectionError(err, request=request)
botocore.vendored.requests.exceptions.ConnectionError: ('Connection aborted.', gaierror(-3, 'Temporary failure in name resolution'))

Taking the following scenario into discussion where we would have the ES cleaner run against all indices in an ES cluster with the exception of a particular indice pattern, for example to exclude all indices matching openshift-infra-%Y.%m.%d.

I've tested adding an expression as openshift-infra-* to the skip_index parameter and when invoked manually, it finds the respective indice but also returns:

• "Keeping index: openshift-infra-2019.10.01"

For the default .kibana,.kibana_5 indice that "Keeping..." output is not returned, thus I assume it is skipped successfully.

Not very familiar with Python, thus I want to ask if the skip_index variable supports delimiting indices through regular expressions? Alternatively I guess the indices can be defined in the index variable instead of all value, which also raises the same question, if it supports expressions? :)

When I run es-cleanup.py locally it deletes the indices as expected.

When I run 'Test' in Lambda or lambda invoke on the command-line I get a timeout and the operation doesn't complete. CloudWatch Logs simply shows the time the command was invoked but no errors.

What could be wrong here?

only available in terraform #10

From v6.7.0 of Kibana, Kibana settings are stored within the .kibana_N indices where the .kibana index is an alias pointing to the latest .kibana_N index (e.g. .kibana_5).

Rather than only ignoring the .kibana index, it would make sense to ignore anything starting with .kibana

In my AWS Open Search cluster I have diverse index formats, such as:

• xxxxx-2021.09.09 (%Y.%m.%d index format)
• xxxxx-2021-08-11 (%Y-%m-%d index format)

Will be great if the lambda could evaluate different index formats simultaneously, i.o index_format = [ %Y.%m.%d, %Y-%m-%d, .... ]

when the related issue of

hashicorp/terraform-provider-aws#443
already resolved in
hashicorp/terraform-provider-aws#1341
but never merged

Optimised the terraform code

This would allow having a "cold" storage of logs/indexes before destroying them completely. The snapshots themselves should have a retention time as well.

Hi, I'm using in lambda function. From few days I'm facing below issue.

You can only send PreparedRequests.: ValueError
Traceback (most recent call last):
File "/var/task/lambda_function.py", line 180, in lambda_handler
for index in es.get_indices():
File "/var/task/lambda_function.py", line 165, in get_indices
return self.send_to_es("/_cat/indices")
File "/var/task/lambda_function.py", line 119, in send_to_es
res = session.send(preq)
File "/var/runtime/botocore/vendored/requests/sessions.py", line 551, in send
raise ValueError('You can only send PreparedRequests.')
ValueError: You can only send PreparedRequests.

The sns_alert is not used anywhere.

as discussed in #20 add on readme add AWSLambdaVPCAccessExecutionRole

Sorry, this is an enhancement!

aws-lambda-es-cleanup works when the date is part of the index like cwl-2017.08.28.

I'm wondering how challenging it would be to delete by date as part of a mapping? In the following example, the date is part of the index.

{
  "mappings": {
    "my_type": {
      "properties": {
        "date": {
          "type":   "date",
          "format": "yyyy-MM-dd"
        }
      }
    }
  }
}

Thank you for your response regarding me earlier issue. I agree that my request was too customized to offer any benefit.

If it's of interest, I built a CFN for this at, https://github.com/piedmont01/aws-lambda-es-cleanup/blob/master/CFN/aws-lambda-es-cleanup.yaml

Erick Kendall

If this ARN is valid this should be parameterised/omitted.

In the Terraform Provider, you are creating a package, however said package is not creating the file as other readable. This results in the function being unable to execute and spewing out an error message from the Lambda function:
START RequestId: x-x-x-x Version: $LATEST
module initialization error: [Errno 13] Permission denied: '/var/task/es-cleanup.py'

As per docs here, The file needs to be world readable as per the requirements:
https://docs.aws.amazon.com/lambda/latest/dg/deployment-package-v2.html

Further to this, this is actually a bug either with the data provider or lambda uploader in terraform:
hashicorp/terraform-provider-aws#3918

Zip info confirming permissions issue with world readable file:
$zipinfo es-cleanup.zip
Archive: es-cleanup.zip
Zip file size: 2346 bytes, number of entries: 1
-rwxrwx--- 2.0 unx 6485 bl defN 49-Jan-01 00:00 es-cleanup.py
1 file, 6485 bytes uncompressed, 2206 bytes compressed: 66.0%