Firehose.Client.
create_delivery_stream
(**kwargs)¶Creates a Kinesis Data Firehose delivery stream.
By default, you can create up to 50 delivery streams per Amazon Web Services Region.
This is an asynchronous operation that immediately returns. The initial status of the delivery stream is CREATING
. After the delivery stream is created, its status is ACTIVE
and it now accepts data. If the delivery stream creation fails, the status transitions to CREATING_FAILED
. Attempts to send data to a delivery stream that is not in the ACTIVE
state cause an exception. To check the state of a delivery stream, use DescribeDeliveryStream.
If the status of a delivery stream is CREATING_FAILED
, this status doesn't change, and you can't invoke CreateDeliveryStream
again on it. However, you can invoke the DeleteDeliveryStream operation to delete it.
A Kinesis Data Firehose delivery stream can be configured to receive records directly from providers using PutRecord or PutRecordBatch, or it can be configured to use an existing Kinesis stream as its source. To specify a Kinesis data stream as input, set the DeliveryStreamType
parameter to KinesisStreamAsSource
, and provide the Kinesis stream Amazon Resource Name (ARN) and role ARN in the KinesisStreamSourceConfiguration
parameter.
To create a delivery stream with server-side encryption (SSE) enabled, include DeliveryStreamEncryptionConfigurationInput in your request. This is optional. You can also invoke StartDeliveryStreamEncryption to turn on SSE for an existing delivery stream that doesn't have SSE enabled.
A delivery stream is configured with a single destination: Amazon S3, Amazon ES, Amazon Redshift, or Splunk. You must specify only one of the following destination configuration parameters: ExtendedS3DestinationConfiguration
, S3DestinationConfiguration
, ElasticsearchDestinationConfiguration
, RedshiftDestinationConfiguration
, or SplunkDestinationConfiguration
.
When you specify S3DestinationConfiguration
, you can also provide the following optional values: BufferingHints, EncryptionConfiguration
, and CompressionFormat
. By default, if no BufferingHints
value is provided, Kinesis Data Firehose buffers data up to 5 MB or for 5 minutes, whichever condition is satisfied first. BufferingHints
is a hint, so there are some cases where the service cannot adhere to these conditions strictly. For example, record boundaries might be such that the size is a little over or under the configured buffering size. By default, no encryption is performed. We strongly recommend that you enable encryption to ensure secure data storage in Amazon S3.
A few notes about Amazon Redshift as a destination:
COPY
syntax to load data into an Amazon Redshift table. This is specified in the RedshiftDestinationConfiguration.S3Configuration
parameter.SNAPPY
or ZIP
cannot be specified in RedshiftDestinationConfiguration.S3Configuration
because the Amazon Redshift COPY
operation that reads from the S3 bucket doesn't support these compression formats.INSERT
permissions.Kinesis Data Firehose assumes the IAM role that is configured as part of the destination. The role should allow the Kinesis Data Firehose principal to assume the role, and the role should have permissions that allow the service to deliver the data. For more information, see Grant Kinesis Data Firehose Access to an Amazon S3 Destination in the Amazon Kinesis Data Firehose Developer Guide .
See also: AWS API Documentation
Request Syntax
response = client.create_delivery_stream(
DeliveryStreamName='string',
DeliveryStreamType='DirectPut'|'KinesisStreamAsSource',
KinesisStreamSourceConfiguration={
'KinesisStreamARN': 'string',
'RoleARN': 'string'
},
DeliveryStreamEncryptionConfigurationInput={
'KeyARN': 'string',
'KeyType': 'AWS_OWNED_CMK'|'CUSTOMER_MANAGED_CMK'
},
S3DestinationConfiguration={
'RoleARN': 'string',
'BucketARN': 'string',
'Prefix': 'string',
'ErrorOutputPrefix': 'string',
'BufferingHints': {
'SizeInMBs': 123,
'IntervalInSeconds': 123
},
'CompressionFormat': 'UNCOMPRESSED'|'GZIP'|'ZIP'|'Snappy'|'HADOOP_SNAPPY',
'EncryptionConfiguration': {
'NoEncryptionConfig': 'NoEncryption',
'KMSEncryptionConfig': {
'AWSKMSKeyARN': 'string'
}
},
'CloudWatchLoggingOptions': {
'Enabled': True|False,
'LogGroupName': 'string',
'LogStreamName': 'string'
}
},
ExtendedS3DestinationConfiguration={
'RoleARN': 'string',
'BucketARN': 'string',
'Prefix': 'string',
'ErrorOutputPrefix': 'string',
'BufferingHints': {
'SizeInMBs': 123,
'IntervalInSeconds': 123
},
'CompressionFormat': 'UNCOMPRESSED'|'GZIP'|'ZIP'|'Snappy'|'HADOOP_SNAPPY',
'EncryptionConfiguration': {
'NoEncryptionConfig': 'NoEncryption',
'KMSEncryptionConfig': {
'AWSKMSKeyARN': 'string'
}
},
'CloudWatchLoggingOptions': {
'Enabled': True|False,
'LogGroupName': 'string',
'LogStreamName': 'string'
},
'ProcessingConfiguration': {
'Enabled': True|False,
'Processors': [
{
'Type': 'RecordDeAggregation'|'Lambda'|'MetadataExtraction'|'AppendDelimiterToRecord',
'Parameters': [
{
'ParameterName': 'LambdaArn'|'NumberOfRetries'|'MetadataExtractionQuery'|'JsonParsingEngine'|'RoleArn'|'BufferSizeInMBs'|'BufferIntervalInSeconds'|'SubRecordType'|'Delimiter',
'ParameterValue': 'string'
},
]
},
]
},
'S3BackupMode': 'Disabled'|'Enabled',
'S3BackupConfiguration': {
'RoleARN': 'string',
'BucketARN': 'string',
'Prefix': 'string',
'ErrorOutputPrefix': 'string',
'BufferingHints': {
'SizeInMBs': 123,
'IntervalInSeconds': 123
},
'CompressionFormat': 'UNCOMPRESSED'|'GZIP'|'ZIP'|'Snappy'|'HADOOP_SNAPPY',
'EncryptionConfiguration': {
'NoEncryptionConfig': 'NoEncryption',
'KMSEncryptionConfig': {
'AWSKMSKeyARN': 'string'
}
},
'CloudWatchLoggingOptions': {
'Enabled': True|False,
'LogGroupName': 'string',
'LogStreamName': 'string'
}
},
'DataFormatConversionConfiguration': {
'SchemaConfiguration': {
'RoleARN': 'string',
'CatalogId': 'string',
'DatabaseName': 'string',
'TableName': 'string',
'Region': 'string',
'VersionId': 'string'
},
'InputFormatConfiguration': {
'Deserializer': {
'OpenXJsonSerDe': {
'ConvertDotsInJsonKeysToUnderscores': True|False,
'CaseInsensitive': True|False,
'ColumnToJsonKeyMappings': {
'string': 'string'
}
},
'HiveJsonSerDe': {
'TimestampFormats': [
'string',
]
}
}
},
'OutputFormatConfiguration': {
'Serializer': {
'ParquetSerDe': {
'BlockSizeBytes': 123,
'PageSizeBytes': 123,
'Compression': 'UNCOMPRESSED'|'GZIP'|'SNAPPY',
'EnableDictionaryCompression': True|False,
'MaxPaddingBytes': 123,
'WriterVersion': 'V1'|'V2'
},
'OrcSerDe': {
'StripeSizeBytes': 123,
'BlockSizeBytes': 123,
'RowIndexStride': 123,
'EnablePadding': True|False,
'PaddingTolerance': 123.0,
'Compression': 'NONE'|'ZLIB'|'SNAPPY',
'BloomFilterColumns': [
'string',
],
'BloomFilterFalsePositiveProbability': 123.0,
'DictionaryKeyThreshold': 123.0,
'FormatVersion': 'V0_11'|'V0_12'
}
}
},
'Enabled': True|False
},
'DynamicPartitioningConfiguration': {
'RetryOptions': {
'DurationInSeconds': 123
},
'Enabled': True|False
}
},
RedshiftDestinationConfiguration={
'RoleARN': 'string',
'ClusterJDBCURL': 'string',
'CopyCommand': {
'DataTableName': 'string',
'DataTableColumns': 'string',
'CopyOptions': 'string'
},
'Username': 'string',
'Password': 'string',
'RetryOptions': {
'DurationInSeconds': 123
},
'S3Configuration': {
'RoleARN': 'string',
'BucketARN': 'string',
'Prefix': 'string',
'ErrorOutputPrefix': 'string',
'BufferingHints': {
'SizeInMBs': 123,
'IntervalInSeconds': 123
},
'CompressionFormat': 'UNCOMPRESSED'|'GZIP'|'ZIP'|'Snappy'|'HADOOP_SNAPPY',
'EncryptionConfiguration': {
'NoEncryptionConfig': 'NoEncryption',
'KMSEncryptionConfig': {
'AWSKMSKeyARN': 'string'
}
},
'CloudWatchLoggingOptions': {
'Enabled': True|False,
'LogGroupName': 'string',
'LogStreamName': 'string'
}
},
'ProcessingConfiguration': {
'Enabled': True|False,
'Processors': [
{
'Type': 'RecordDeAggregation'|'Lambda'|'MetadataExtraction'|'AppendDelimiterToRecord',
'Parameters': [
{
'ParameterName': 'LambdaArn'|'NumberOfRetries'|'MetadataExtractionQuery'|'JsonParsingEngine'|'RoleArn'|'BufferSizeInMBs'|'BufferIntervalInSeconds'|'SubRecordType'|'Delimiter',
'ParameterValue': 'string'
},
]
},
]
},
'S3BackupMode': 'Disabled'|'Enabled',
'S3BackupConfiguration': {
'RoleARN': 'string',
'BucketARN': 'string',
'Prefix': 'string',
'ErrorOutputPrefix': 'string',
'BufferingHints': {
'SizeInMBs': 123,
'IntervalInSeconds': 123
},
'CompressionFormat': 'UNCOMPRESSED'|'GZIP'|'ZIP'|'Snappy'|'HADOOP_SNAPPY',
'EncryptionConfiguration': {
'NoEncryptionConfig': 'NoEncryption',
'KMSEncryptionConfig': {
'AWSKMSKeyARN': 'string'
}
},
'CloudWatchLoggingOptions': {
'Enabled': True|False,
'LogGroupName': 'string',
'LogStreamName': 'string'
}
},
'CloudWatchLoggingOptions': {
'Enabled': True|False,
'LogGroupName': 'string',
'LogStreamName': 'string'
}
},
ElasticsearchDestinationConfiguration={
'RoleARN': 'string',
'DomainARN': 'string',
'ClusterEndpoint': 'string',
'IndexName': 'string',
'TypeName': 'string',
'IndexRotationPeriod': 'NoRotation'|'OneHour'|'OneDay'|'OneWeek'|'OneMonth',
'BufferingHints': {
'IntervalInSeconds': 123,
'SizeInMBs': 123
},
'RetryOptions': {
'DurationInSeconds': 123
},
'S3BackupMode': 'FailedDocumentsOnly'|'AllDocuments',
'S3Configuration': {
'RoleARN': 'string',
'BucketARN': 'string',
'Prefix': 'string',
'ErrorOutputPrefix': 'string',
'BufferingHints': {
'SizeInMBs': 123,
'IntervalInSeconds': 123
},
'CompressionFormat': 'UNCOMPRESSED'|'GZIP'|'ZIP'|'Snappy'|'HADOOP_SNAPPY',
'EncryptionConfiguration': {
'NoEncryptionConfig': 'NoEncryption',
'KMSEncryptionConfig': {
'AWSKMSKeyARN': 'string'
}
},
'CloudWatchLoggingOptions': {
'Enabled': True|False,
'LogGroupName': 'string',
'LogStreamName': 'string'
}
},
'ProcessingConfiguration': {
'Enabled': True|False,
'Processors': [
{
'Type': 'RecordDeAggregation'|'Lambda'|'MetadataExtraction'|'AppendDelimiterToRecord',
'Parameters': [
{
'ParameterName': 'LambdaArn'|'NumberOfRetries'|'MetadataExtractionQuery'|'JsonParsingEngine'|'RoleArn'|'BufferSizeInMBs'|'BufferIntervalInSeconds'|'SubRecordType'|'Delimiter',
'ParameterValue': 'string'
},
]
},
]
},
'CloudWatchLoggingOptions': {
'Enabled': True|False,
'LogGroupName': 'string',
'LogStreamName': 'string'
},
'VpcConfiguration': {
'SubnetIds': [
'string',
],
'RoleARN': 'string',
'SecurityGroupIds': [
'string',
]
}
},
AmazonopensearchserviceDestinationConfiguration={
'RoleARN': 'string',
'DomainARN': 'string',
'ClusterEndpoint': 'string',
'IndexName': 'string',
'TypeName': 'string',
'IndexRotationPeriod': 'NoRotation'|'OneHour'|'OneDay'|'OneWeek'|'OneMonth',
'BufferingHints': {
'IntervalInSeconds': 123,
'SizeInMBs': 123
},
'RetryOptions': {
'DurationInSeconds': 123
},
'S3BackupMode': 'FailedDocumentsOnly'|'AllDocuments',
'S3Configuration': {
'RoleARN': 'string',
'BucketARN': 'string',
'Prefix': 'string',
'ErrorOutputPrefix': 'string',
'BufferingHints': {
'SizeInMBs': 123,
'IntervalInSeconds': 123
},
'CompressionFormat': 'UNCOMPRESSED'|'GZIP'|'ZIP'|'Snappy'|'HADOOP_SNAPPY',
'EncryptionConfiguration': {
'NoEncryptionConfig': 'NoEncryption',
'KMSEncryptionConfig': {
'AWSKMSKeyARN': 'string'
}
},
'CloudWatchLoggingOptions': {
'Enabled': True|False,
'LogGroupName': 'string',
'LogStreamName': 'string'
}
},
'ProcessingConfiguration': {
'Enabled': True|False,
'Processors': [
{
'Type': 'RecordDeAggregation'|'Lambda'|'MetadataExtraction'|'AppendDelimiterToRecord',
'Parameters': [
{
'ParameterName': 'LambdaArn'|'NumberOfRetries'|'MetadataExtractionQuery'|'JsonParsingEngine'|'RoleArn'|'BufferSizeInMBs'|'BufferIntervalInSeconds'|'SubRecordType'|'Delimiter',
'ParameterValue': 'string'
},
]
},
]
},
'CloudWatchLoggingOptions': {
'Enabled': True|False,
'LogGroupName': 'string',
'LogStreamName': 'string'
},
'VpcConfiguration': {
'SubnetIds': [
'string',
],
'RoleARN': 'string',
'SecurityGroupIds': [
'string',
]
}
},
SplunkDestinationConfiguration={
'HECEndpoint': 'string',
'HECEndpointType': 'Raw'|'Event',
'HECToken': 'string',
'HECAcknowledgmentTimeoutInSeconds': 123,
'RetryOptions': {
'DurationInSeconds': 123
},
'S3BackupMode': 'FailedEventsOnly'|'AllEvents',
'S3Configuration': {
'RoleARN': 'string',
'BucketARN': 'string',
'Prefix': 'string',
'ErrorOutputPrefix': 'string',
'BufferingHints': {
'SizeInMBs': 123,
'IntervalInSeconds': 123
},
'CompressionFormat': 'UNCOMPRESSED'|'GZIP'|'ZIP'|'Snappy'|'HADOOP_SNAPPY',
'EncryptionConfiguration': {
'NoEncryptionConfig': 'NoEncryption',
'KMSEncryptionConfig': {
'AWSKMSKeyARN': 'string'
}
},
'CloudWatchLoggingOptions': {
'Enabled': True|False,
'LogGroupName': 'string',
'LogStreamName': 'string'
}
},
'ProcessingConfiguration': {
'Enabled': True|False,
'Processors': [
{
'Type': 'RecordDeAggregation'|'Lambda'|'MetadataExtraction'|'AppendDelimiterToRecord',
'Parameters': [
{
'ParameterName': 'LambdaArn'|'NumberOfRetries'|'MetadataExtractionQuery'|'JsonParsingEngine'|'RoleArn'|'BufferSizeInMBs'|'BufferIntervalInSeconds'|'SubRecordType'|'Delimiter',
'ParameterValue': 'string'
},
]
},
]
},
'CloudWatchLoggingOptions': {
'Enabled': True|False,
'LogGroupName': 'string',
'LogStreamName': 'string'
}
},
HttpEndpointDestinationConfiguration={
'EndpointConfiguration': {
'Url': 'string',
'Name': 'string',
'AccessKey': 'string'
},
'BufferingHints': {
'SizeInMBs': 123,
'IntervalInSeconds': 123
},
'CloudWatchLoggingOptions': {
'Enabled': True|False,
'LogGroupName': 'string',
'LogStreamName': 'string'
},
'RequestConfiguration': {
'ContentEncoding': 'NONE'|'GZIP',
'CommonAttributes': [
{
'AttributeName': 'string',
'AttributeValue': 'string'
},
]
},
'ProcessingConfiguration': {
'Enabled': True|False,
'Processors': [
{
'Type': 'RecordDeAggregation'|'Lambda'|'MetadataExtraction'|'AppendDelimiterToRecord',
'Parameters': [
{
'ParameterName': 'LambdaArn'|'NumberOfRetries'|'MetadataExtractionQuery'|'JsonParsingEngine'|'RoleArn'|'BufferSizeInMBs'|'BufferIntervalInSeconds'|'SubRecordType'|'Delimiter',
'ParameterValue': 'string'
},
]
},
]
},
'RoleARN': 'string',
'RetryOptions': {
'DurationInSeconds': 123
},
'S3BackupMode': 'FailedDataOnly'|'AllData',
'S3Configuration': {
'RoleARN': 'string',
'BucketARN': 'string',
'Prefix': 'string',
'ErrorOutputPrefix': 'string',
'BufferingHints': {
'SizeInMBs': 123,
'IntervalInSeconds': 123
},
'CompressionFormat': 'UNCOMPRESSED'|'GZIP'|'ZIP'|'Snappy'|'HADOOP_SNAPPY',
'EncryptionConfiguration': {
'NoEncryptionConfig': 'NoEncryption',
'KMSEncryptionConfig': {
'AWSKMSKeyARN': 'string'
}
},
'CloudWatchLoggingOptions': {
'Enabled': True|False,
'LogGroupName': 'string',
'LogStreamName': 'string'
}
}
},
Tags=[
{
'Key': 'string',
'Value': 'string'
},
],
AmazonOpenSearchServerlessDestinationConfiguration={
'RoleARN': 'string',
'CollectionEndpoint': 'string',
'IndexName': 'string',
'BufferingHints': {
'IntervalInSeconds': 123,
'SizeInMBs': 123
},
'RetryOptions': {
'DurationInSeconds': 123
},
'S3BackupMode': 'FailedDocumentsOnly'|'AllDocuments',
'S3Configuration': {
'RoleARN': 'string',
'BucketARN': 'string',
'Prefix': 'string',
'ErrorOutputPrefix': 'string',
'BufferingHints': {
'SizeInMBs': 123,
'IntervalInSeconds': 123
},
'CompressionFormat': 'UNCOMPRESSED'|'GZIP'|'ZIP'|'Snappy'|'HADOOP_SNAPPY',
'EncryptionConfiguration': {
'NoEncryptionConfig': 'NoEncryption',
'KMSEncryptionConfig': {
'AWSKMSKeyARN': 'string'
}
},
'CloudWatchLoggingOptions': {
'Enabled': True|False,
'LogGroupName': 'string',
'LogStreamName': 'string'
}
},
'ProcessingConfiguration': {
'Enabled': True|False,
'Processors': [
{
'Type': 'RecordDeAggregation'|'Lambda'|'MetadataExtraction'|'AppendDelimiterToRecord',
'Parameters': [
{
'ParameterName': 'LambdaArn'|'NumberOfRetries'|'MetadataExtractionQuery'|'JsonParsingEngine'|'RoleArn'|'BufferSizeInMBs'|'BufferIntervalInSeconds'|'SubRecordType'|'Delimiter',
'ParameterValue': 'string'
},
]
},
]
},
'CloudWatchLoggingOptions': {
'Enabled': True|False,
'LogGroupName': 'string',
'LogStreamName': 'string'
},
'VpcConfiguration': {
'SubnetIds': [
'string',
],
'RoleARN': 'string',
'SecurityGroupIds': [
'string',
]
}
}
)
[REQUIRED]
The name of the delivery stream. This name must be unique per Amazon Web Services account in the same Amazon Web Services Region. If the delivery streams are in different accounts or different Regions, you can have multiple delivery streams with the same name.
The delivery stream type. This parameter can be one of the following values:
DirectPut
: Provider applications access the delivery stream directly.KinesisStreamAsSource
: The delivery stream uses a Kinesis data stream as a source.When a Kinesis data stream is used as the source for the delivery stream, a KinesisStreamSourceConfiguration containing the Kinesis data stream Amazon Resource Name (ARN) and the role ARN for the source stream.
The ARN of the source Kinesis data stream. For more information, see Amazon Kinesis Data Streams ARN Format.
The ARN of the role that provides access to the source Kinesis data stream. For more information, see Amazon Web Services Identity and Access Management (IAM) ARN Format.
Used to specify the type and Amazon Resource Name (ARN) of the KMS key needed for Server-Side Encryption (SSE).
If you set KeyType
to CUSTOMER_MANAGED_CMK
, you must specify the Amazon Resource Name (ARN) of the CMK. If you set KeyType
to Amazon Web Services_OWNED_CMK
, Kinesis Data Firehose uses a service-account CMK.
Indicates the type of customer master key (CMK) to use for encryption. The default setting is Amazon Web Services_OWNED_CMK
. For more information about CMKs, see Customer Master Keys (CMKs). When you invoke CreateDeliveryStream or StartDeliveryStreamEncryption with KeyType
set to CUSTOMER_MANAGED_CMK, Kinesis Data Firehose invokes the Amazon KMS operation CreateGrant to create a grant that allows the Kinesis Data Firehose service to use the customer managed CMK to perform encryption and decryption. Kinesis Data Firehose manages that grant.
When you invoke StartDeliveryStreamEncryption to change the CMK for a delivery stream that is encrypted with a customer managed CMK, Kinesis Data Firehose schedules the grant it had on the old CMK for retirement.
You can use a CMK of type CUSTOMER_MANAGED_CMK to encrypt up to 500 delivery streams. If a CreateDeliveryStream or StartDeliveryStreamEncryption operation exceeds this limit, Kinesis Data Firehose throws a LimitExceededException
.
Warning
To encrypt your delivery stream, use symmetric CMKs. Kinesis Data Firehose doesn't support asymmetric CMKs. For information about symmetric and asymmetric CMKs, see About Symmetric and Asymmetric CMKs in the Amazon Web Services Key Management Service developer guide.
[Deprecated] The destination in Amazon S3. You can specify only one destination.
The Amazon Resource Name (ARN) of the Amazon Web Services credentials. For more information, see Amazon Resource Names (ARNs) and Amazon Web Services Service Namespaces.
The ARN of the S3 bucket. For more information, see Amazon Resource Names (ARNs) and Amazon Web Services Service Namespaces.
The "YYYY/MM/DD/HH" time format prefix is automatically used for delivered Amazon S3 files. You can also specify a custom prefix, as described in Custom Prefixes for Amazon S3 Objects.
A prefix that Kinesis Data Firehose evaluates and adds to failed records before writing them to S3. This prefix appears immediately following the bucket name. For information about how to specify this prefix, see Custom Prefixes for Amazon S3 Objects.
The buffering option. If no value is specified, BufferingHints
object default values are used.
Buffer incoming data to the specified size, in MiBs, before delivering it to the destination. The default value is 5. This parameter is optional but if you specify a value for it, you must also specify a value for IntervalInSeconds
, and vice versa.
We recommend setting this parameter to a value greater than the amount of data you typically ingest into the delivery stream in 10 seconds. For example, if you typically ingest data at 1 MiB/sec, the value should be 10 MiB or higher.
Buffer incoming data for the specified period of time, in seconds, before delivering it to the destination. The default value is 300. This parameter is optional but if you specify a value for it, you must also specify a value for SizeInMBs
, and vice versa.
The compression format. If no value is specified, the default is UNCOMPRESSED
.
The compression formats SNAPPY
or ZIP
cannot be specified for Amazon Redshift destinations because they are not supported by the Amazon Redshift COPY
operation that reads from the S3 bucket.
The encryption configuration. If no value is specified, the default is no encryption.
Specifically override existing encryption information to ensure that no encryption is used.
The encryption key.
The Amazon Resource Name (ARN) of the encryption key. Must belong to the same Amazon Web Services Region as the destination Amazon S3 bucket. For more information, see Amazon Resource Names (ARNs) and Amazon Web Services Service Namespaces.
The CloudWatch logging options for your delivery stream.
Enables or disables CloudWatch logging.
The CloudWatch group name for logging. This value is required if CloudWatch logging is enabled.
The CloudWatch log stream name for logging. This value is required if CloudWatch logging is enabled.
The destination in Amazon S3. You can specify only one destination.
The Amazon Resource Name (ARN) of the Amazon Web Services credentials. For more information, see Amazon Resource Names (ARNs) and Amazon Web Services Service Namespaces.
The ARN of the S3 bucket. For more information, see Amazon Resource Names (ARNs) and Amazon Web Services Service Namespaces.
The "YYYY/MM/DD/HH" time format prefix is automatically used for delivered Amazon S3 files. You can also specify a custom prefix, as described in Custom Prefixes for Amazon S3 Objects.
A prefix that Kinesis Data Firehose evaluates and adds to failed records before writing them to S3. This prefix appears immediately following the bucket name. For information about how to specify this prefix, see Custom Prefixes for Amazon S3 Objects.
The buffering option.
Buffer incoming data to the specified size, in MiBs, before delivering it to the destination. The default value is 5. This parameter is optional but if you specify a value for it, you must also specify a value for IntervalInSeconds
, and vice versa.
We recommend setting this parameter to a value greater than the amount of data you typically ingest into the delivery stream in 10 seconds. For example, if you typically ingest data at 1 MiB/sec, the value should be 10 MiB or higher.
Buffer incoming data for the specified period of time, in seconds, before delivering it to the destination. The default value is 300. This parameter is optional but if you specify a value for it, you must also specify a value for SizeInMBs
, and vice versa.
The compression format. If no value is specified, the default is UNCOMPRESSED.
The encryption configuration. If no value is specified, the default is no encryption.
Specifically override existing encryption information to ensure that no encryption is used.
The encryption key.
The Amazon Resource Name (ARN) of the encryption key. Must belong to the same Amazon Web Services Region as the destination Amazon S3 bucket. For more information, see Amazon Resource Names (ARNs) and Amazon Web Services Service Namespaces.
The Amazon CloudWatch logging options for your delivery stream.
Enables or disables CloudWatch logging.
The CloudWatch group name for logging. This value is required if CloudWatch logging is enabled.
The CloudWatch log stream name for logging. This value is required if CloudWatch logging is enabled.
The data processing configuration.
Enables or disables data processing.
The data processors.
Describes a data processor.
The type of processor.
The processor parameters.
Describes the processor parameter.
The name of the parameter. Currently the following default values are supported: 3 for NumberOfRetries
and 60 for the BufferIntervalInSeconds
. The BufferSizeInMBs
ranges between 0.2 MB and up to 3MB. The default buffering hint is 1MB for all destinations, except Splunk. For Splunk, the default buffering hint is 256 KB.
The parameter value.
The Amazon S3 backup mode. After you create a delivery stream, you can update it to enable Amazon S3 backup if it is disabled. If backup is enabled, you can't update the delivery stream to disable it.
The configuration for backup in Amazon S3.
The Amazon Resource Name (ARN) of the Amazon Web Services credentials. For more information, see Amazon Resource Names (ARNs) and Amazon Web Services Service Namespaces.
The ARN of the S3 bucket. For more information, see Amazon Resource Names (ARNs) and Amazon Web Services Service Namespaces.
The "YYYY/MM/DD/HH" time format prefix is automatically used for delivered Amazon S3 files. You can also specify a custom prefix, as described in Custom Prefixes for Amazon S3 Objects.
A prefix that Kinesis Data Firehose evaluates and adds to failed records before writing them to S3. This prefix appears immediately following the bucket name. For information about how to specify this prefix, see Custom Prefixes for Amazon S3 Objects.
The buffering option. If no value is specified, BufferingHints
object default values are used.
Buffer incoming data to the specified size, in MiBs, before delivering it to the destination. The default value is 5. This parameter is optional but if you specify a value for it, you must also specify a value for IntervalInSeconds
, and vice versa.
We recommend setting this parameter to a value greater than the amount of data you typically ingest into the delivery stream in 10 seconds. For example, if you typically ingest data at 1 MiB/sec, the value should be 10 MiB or higher.
Buffer incoming data for the specified period of time, in seconds, before delivering it to the destination. The default value is 300. This parameter is optional but if you specify a value for it, you must also specify a value for SizeInMBs
, and vice versa.
The compression format. If no value is specified, the default is UNCOMPRESSED
.
The compression formats SNAPPY
or ZIP
cannot be specified for Amazon Redshift destinations because they are not supported by the Amazon Redshift COPY
operation that reads from the S3 bucket.
The encryption configuration. If no value is specified, the default is no encryption.
Specifically override existing encryption information to ensure that no encryption is used.
The encryption key.
The Amazon Resource Name (ARN) of the encryption key. Must belong to the same Amazon Web Services Region as the destination Amazon S3 bucket. For more information, see Amazon Resource Names (ARNs) and Amazon Web Services Service Namespaces.
The CloudWatch logging options for your delivery stream.
Enables or disables CloudWatch logging.
The CloudWatch group name for logging. This value is required if CloudWatch logging is enabled.
The CloudWatch log stream name for logging. This value is required if CloudWatch logging is enabled.
The serializer, deserializer, and schema for converting data from the JSON format to the Parquet or ORC format before writing it to Amazon S3.
Specifies the Amazon Web Services Glue Data Catalog table that contains the column information. This parameter is required if Enabled
is set to true.
The role that Kinesis Data Firehose can use to access Amazon Web Services Glue. This role must be in the same account you use for Kinesis Data Firehose. Cross-account roles aren't allowed.
Warning
If the SchemaConfiguration
request parameter is used as part of invoking the CreateDeliveryStream
API, then the RoleARN
property is required and its value must be specified.
The ID of the Amazon Web Services Glue Data Catalog. If you don't supply this, the Amazon Web Services account ID is used by default.
Specifies the name of the Amazon Web Services Glue database that contains the schema for the output data.
Warning
If the SchemaConfiguration
request parameter is used as part of invoking the CreateDeliveryStream
API, then the DatabaseName
property is required and its value must be specified.
Specifies the Amazon Web Services Glue table that contains the column information that constitutes your data schema.
Warning
If the SchemaConfiguration
request parameter is used as part of invoking the CreateDeliveryStream
API, then the TableName
property is required and its value must be specified.
If you don't specify an Amazon Web Services Region, the default is the current Region.
Specifies the table version for the output data schema. If you don't specify this version ID, or if you set it to LATEST
, Kinesis Data Firehose uses the most recent version. This means that any updates to the table are automatically picked up.
Specifies the deserializer that you want Kinesis Data Firehose to use to convert the format of your data from JSON. This parameter is required if Enabled
is set to true.
Specifies which deserializer to use. You can choose either the Apache Hive JSON SerDe or the OpenX JSON SerDe. If both are non-null, the server rejects the request.
The OpenX SerDe. Used by Kinesis Data Firehose for deserializing data, which means converting it from the JSON format in preparation for serializing it to the Parquet or ORC format. This is one of two deserializers you can choose, depending on which one offers the functionality you need. The other option is the native Hive / HCatalog JsonSerDe.
When set to true
, specifies that the names of the keys include dots and that you want Kinesis Data Firehose to replace them with underscores. This is useful because Apache Hive does not allow dots in column names. For example, if the JSON contains a key whose name is "a.b", you can define the column name to be "a_b" when using this option.
The default is false
.
When set to true
, which is the default, Kinesis Data Firehose converts JSON keys to lowercase before deserializing them.
Maps column names to JSON keys that aren't identical to the column names. This is useful when the JSON contains keys that are Hive keywords. For example, timestamp
is a Hive keyword. If you have a JSON key named timestamp
, set this parameter to {"ts": "timestamp"}
to map this key to a column named ts
.
The native Hive / HCatalog JsonSerDe. Used by Kinesis Data Firehose for deserializing data, which means converting it from the JSON format in preparation for serializing it to the Parquet or ORC format. This is one of two deserializers you can choose, depending on which one offers the functionality you need. The other option is the OpenX SerDe.
Indicates how you want Kinesis Data Firehose to parse the date and timestamps that may be present in your input data JSON. To specify these format strings, follow the pattern syntax of JodaTime's DateTimeFormat format strings. For more information, see Class DateTimeFormat. You can also use the special value millis
to parse timestamps in epoch milliseconds. If you don't specify a format, Kinesis Data Firehose uses java.sql.Timestamp::valueOf
by default.
Specifies the serializer that you want Kinesis Data Firehose to use to convert the format of your data to the Parquet or ORC format. This parameter is required if Enabled
is set to true.
Specifies which serializer to use. You can choose either the ORC SerDe or the Parquet SerDe. If both are non-null, the server rejects the request.
A serializer to use for converting data to the Parquet format before storing it in Amazon S3. For more information, see Apache Parquet.
The Hadoop Distributed File System (HDFS) block size. This is useful if you intend to copy the data from Amazon S3 to HDFS before querying. The default is 256 MiB and the minimum is 64 MiB. Kinesis Data Firehose uses this value for padding calculations.
The Parquet page size. Column chunks are divided into pages. A page is conceptually an indivisible unit (in terms of compression and encoding). The minimum value is 64 KiB and the default is 1 MiB.
The compression code to use over data blocks. The possible values are UNCOMPRESSED
, SNAPPY
, and GZIP
, with the default being SNAPPY
. Use SNAPPY
for higher decompression speed. Use GZIP
if the compression ratio is more important than speed.
Indicates whether to enable dictionary compression.
The maximum amount of padding to apply. This is useful if you intend to copy the data from Amazon S3 to HDFS before querying. The default is 0.
Indicates the version of row format to output. The possible values are V1
and V2
. The default is V1
.
A serializer to use for converting data to the ORC format before storing it in Amazon S3. For more information, see Apache ORC.
The number of bytes in each stripe. The default is 64 MiB and the minimum is 8 MiB.
The Hadoop Distributed File System (HDFS) block size. This is useful if you intend to copy the data from Amazon S3 to HDFS before querying. The default is 256 MiB and the minimum is 64 MiB. Kinesis Data Firehose uses this value for padding calculations.
The number of rows between index entries. The default is 10,000 and the minimum is 1,000.
Set this to true
to indicate that you want stripes to be padded to the HDFS block boundaries. This is useful if you intend to copy the data from Amazon S3 to HDFS before querying. The default is false
.
A number between 0 and 1 that defines the tolerance for block padding as a decimal fraction of stripe size. The default value is 0.05, which means 5 percent of stripe size.
For the default values of 64 MiB ORC stripes and 256 MiB HDFS blocks, the default block padding tolerance of 5 percent reserves a maximum of 3.2 MiB for padding within the 256 MiB block. In such a case, if the available size within the block is more than 3.2 MiB, a new, smaller stripe is inserted to fit within that space. This ensures that no stripe crosses block boundaries and causes remote reads within a node-local task.
Kinesis Data Firehose ignores this parameter when OrcSerDe$EnablePadding is false
.
The compression code to use over data blocks. The default is SNAPPY
.
The column names for which you want Kinesis Data Firehose to create bloom filters. The default is null
.
The Bloom filter false positive probability (FPP). The lower the FPP, the bigger the Bloom filter. The default value is 0.05, the minimum is 0, and the maximum is 1.
Represents the fraction of the total number of non-null rows. To turn off dictionary encoding, set this fraction to a number that is less than the number of distinct keys in a dictionary. To always use dictionary encoding, set this threshold to 1.
The version of the file to write. The possible values are V0_11
and V0_12
. The default is V0_12
.
Defaults to true
. Set it to false
if you want to disable format conversion while preserving the configuration details.
The configuration of the dynamic partitioning mechanism that creates smaller data sets from the streaming data by partitioning it based on partition keys. Currently, dynamic partitioning is only supported for Amazon S3 destinations.
The retry behavior in case Kinesis Data Firehose is unable to deliver data to an Amazon S3 prefix.
The period of time during which Kinesis Data Firehose retries to deliver data to the specified Amazon S3 prefix.
Specifies that the dynamic partitioning is enabled for this Kinesis Data Firehose delivery stream.
The destination in Amazon Redshift. You can specify only one destination.
The Amazon Resource Name (ARN) of the Amazon Web Services credentials. For more information, see Amazon Resource Names (ARNs) and Amazon Web Services Service Namespaces.
The database connection string.
The COPY
command.
The name of the target table. The table must already exist in the database.
A comma-separated list of column names.
Optional parameters to use with the Amazon Redshift COPY
command. For more information, see the "Optional Parameters" section of Amazon Redshift COPY command. Some possible examples that would apply to Kinesis Data Firehose are as follows:
delimiter '\t' lzop;
- fields are delimited with "t" (TAB character) and compressed using lzop.
delimiter '|'
- fields are delimited with "|" (this is the default delimiter).
delimiter '|' escape
- the delimiter should be escaped.
fixedwidth 'venueid:3,venuename:25,venuecity:12,venuestate:2,venueseats:6'
- fields are fixed width in the source, with each width specified after every column in the table.
JSON 's3://mybucket/jsonpaths.txt'
- data is in JSON format, and the path specified is the format of the data.
For more examples, see Amazon Redshift COPY command examples.
The name of the user.
The user password.
The retry behavior in case Kinesis Data Firehose is unable to deliver documents to Amazon Redshift. Default value is 3600 (60 minutes).
The length of time during which Kinesis Data Firehose retries delivery after a failure, starting from the initial request and including the first attempt. The default value is 3600 seconds (60 minutes). Kinesis Data Firehose does not retry if the value of DurationInSeconds
is 0 (zero) or if the first delivery attempt takes longer than the current value.
The configuration for the intermediate Amazon S3 location from which Amazon Redshift obtains data. Restrictions are described in the topic for CreateDeliveryStream.
The compression formats SNAPPY
or ZIP
cannot be specified in RedshiftDestinationConfiguration.S3Configuration
because the Amazon Redshift COPY
operation that reads from the S3 bucket doesn't support these compression formats.
The Amazon Resource Name (ARN) of the Amazon Web Services credentials. For more information, see Amazon Resource Names (ARNs) and Amazon Web Services Service Namespaces.
The ARN of the S3 bucket. For more information, see Amazon Resource Names (ARNs) and Amazon Web Services Service Namespaces.
The "YYYY/MM/DD/HH" time format prefix is automatically used for delivered Amazon S3 files. You can also specify a custom prefix, as described in Custom Prefixes for Amazon S3 Objects.
A prefix that Kinesis Data Firehose evaluates and adds to failed records before writing them to S3. This prefix appears immediately following the bucket name. For information about how to specify this prefix, see Custom Prefixes for Amazon S3 Objects.
The buffering option. If no value is specified, BufferingHints
object default values are used.
Buffer incoming data to the specified size, in MiBs, before delivering it to the destination. The default value is 5. This parameter is optional but if you specify a value for it, you must also specify a value for IntervalInSeconds
, and vice versa.
We recommend setting this parameter to a value greater than the amount of data you typically ingest into the delivery stream in 10 seconds. For example, if you typically ingest data at 1 MiB/sec, the value should be 10 MiB or higher.
Buffer incoming data for the specified period of time, in seconds, before delivering it to the destination. The default value is 300. This parameter is optional but if you specify a value for it, you must also specify a value for SizeInMBs
, and vice versa.
The compression format. If no value is specified, the default is UNCOMPRESSED
.
The compression formats SNAPPY
or ZIP
cannot be specified for Amazon Redshift destinations because they are not supported by the Amazon Redshift COPY
operation that reads from the S3 bucket.
The encryption configuration. If no value is specified, the default is no encryption.
Specifically override existing encryption information to ensure that no encryption is used.
The encryption key.
The Amazon Resource Name (ARN) of the encryption key. Must belong to the same Amazon Web Services Region as the destination Amazon S3 bucket. For more information, see Amazon Resource Names (ARNs) and Amazon Web Services Service Namespaces.
The CloudWatch logging options for your delivery stream.
Enables or disables CloudWatch logging.
The CloudWatch group name for logging. This value is required if CloudWatch logging is enabled.
The CloudWatch log stream name for logging. This value is required if CloudWatch logging is enabled.
The data processing configuration.
Enables or disables data processing.
The data processors.
Describes a data processor.
The type of processor.
The processor parameters.
Describes the processor parameter.
The name of the parameter. Currently the following default values are supported: 3 for NumberOfRetries
and 60 for the BufferIntervalInSeconds
. The BufferSizeInMBs
ranges between 0.2 MB and up to 3MB. The default buffering hint is 1MB for all destinations, except Splunk. For Splunk, the default buffering hint is 256 KB.
The parameter value.
The Amazon S3 backup mode. After you create a delivery stream, you can update it to enable Amazon S3 backup if it is disabled. If backup is enabled, you can't update the delivery stream to disable it.
The configuration for backup in Amazon S3.
The Amazon Resource Name (ARN) of the Amazon Web Services credentials. For more information, see Amazon Resource Names (ARNs) and Amazon Web Services Service Namespaces.
The ARN of the S3 bucket. For more information, see Amazon Resource Names (ARNs) and Amazon Web Services Service Namespaces.
The "YYYY/MM/DD/HH" time format prefix is automatically used for delivered Amazon S3 files. You can also specify a custom prefix, as described in Custom Prefixes for Amazon S3 Objects.
A prefix that Kinesis Data Firehose evaluates and adds to failed records before writing them to S3. This prefix appears immediately following the bucket name. For information about how to specify this prefix, see Custom Prefixes for Amazon S3 Objects.
The buffering option. If no value is specified, BufferingHints
object default values are used.
Buffer incoming data to the specified size, in MiBs, before delivering it to the destination. The default value is 5. This parameter is optional but if you specify a value for it, you must also specify a value for IntervalInSeconds
, and vice versa.
We recommend setting this parameter to a value greater than the amount of data you typically ingest into the delivery stream in 10 seconds. For example, if you typically ingest data at 1 MiB/sec, the value should be 10 MiB or higher.
Buffer incoming data for the specified period of time, in seconds, before delivering it to the destination. The default value is 300. This parameter is optional but if you specify a value for it, you must also specify a value for SizeInMBs
, and vice versa.
The compression format. If no value is specified, the default is UNCOMPRESSED
.
The compression formats SNAPPY
or ZIP
cannot be specified for Amazon Redshift destinations because they are not supported by the Amazon Redshift COPY
operation that reads from the S3 bucket.
The encryption configuration. If no value is specified, the default is no encryption.
Specifically override existing encryption information to ensure that no encryption is used.
The encryption key.
The Amazon Resource Name (ARN) of the encryption key. Must belong to the same Amazon Web Services Region as the destination Amazon S3 bucket. For more information, see Amazon Resource Names (ARNs) and Amazon Web Services Service Namespaces.
The CloudWatch logging options for your delivery stream.
Enables or disables CloudWatch logging.
The CloudWatch group name for logging. This value is required if CloudWatch logging is enabled.
The CloudWatch log stream name for logging. This value is required if CloudWatch logging is enabled.
The CloudWatch logging options for your delivery stream.
Enables or disables CloudWatch logging.
The CloudWatch group name for logging. This value is required if CloudWatch logging is enabled.
The CloudWatch log stream name for logging. This value is required if CloudWatch logging is enabled.
The destination in Amazon ES. You can specify only one destination.
The Amazon Resource Name (ARN) of the IAM role to be assumed by Kinesis Data Firehose for calling the Amazon ES Configuration API and for indexing documents. For more information, see Grant Kinesis Data Firehose Access to an Amazon S3 Destination and Amazon Resource Names (ARNs) and Amazon Web Services Service Namespaces.
The ARN of the Amazon ES domain. The IAM role must have permissions for DescribeDomain
, DescribeDomains
, and DescribeDomainConfig
after assuming the role specified in RoleARN . For more information, see Amazon Resource Names (ARNs) and Amazon Web Services Service Namespaces.
Specify either ClusterEndpoint
or DomainARN
.
The endpoint to use when communicating with the cluster. Specify either this ClusterEndpoint
or the DomainARN
field.
The Elasticsearch index name.
The Elasticsearch type name. For Elasticsearch 6.x, there can be only one type per index. If you try to specify a new type for an existing index that already has another type, Kinesis Data Firehose returns an error during run time.
For Elasticsearch 7.x, don't specify a TypeName
.
The Elasticsearch index rotation period. Index rotation appends a timestamp to the IndexName
to facilitate the expiration of old data. For more information, see Index Rotation for the Amazon ES Destination. The default value is OneDay
.
The buffering options. If no value is specified, the default values for ElasticsearchBufferingHints
are used.
Buffer incoming data for the specified period of time, in seconds, before delivering it to the destination. The default value is 300 (5 minutes).
Buffer incoming data to the specified size, in MBs, before delivering it to the destination. The default value is 5.
We recommend setting this parameter to a value greater than the amount of data you typically ingest into the delivery stream in 10 seconds. For example, if you typically ingest data at 1 MB/sec, the value should be 10 MB or higher.
The retry behavior in case Kinesis Data Firehose is unable to deliver documents to Amazon ES. The default value is 300 (5 minutes).
After an initial failure to deliver to Amazon ES, the total amount of time during which Kinesis Data Firehose retries delivery (including the first attempt). After this time has elapsed, the failed documents are written to Amazon S3. Default value is 300 seconds (5 minutes). A value of 0 (zero) results in no retries.
Defines how documents should be delivered to Amazon S3. When it is set to FailedDocumentsOnly
, Kinesis Data Firehose writes any documents that could not be indexed to the configured Amazon S3 destination, with AmazonOpenSearchService-failed/
appended to the key prefix. When set to AllDocuments
, Kinesis Data Firehose delivers all incoming records to Amazon S3, and also writes failed documents with AmazonOpenSearchService-failed/
appended to the prefix. For more information, see Amazon S3 Backup for the Amazon ES Destination. Default value is FailedDocumentsOnly
.
You can't change this backup mode after you create the delivery stream.
The configuration for the backup Amazon S3 location.
The Amazon Resource Name (ARN) of the Amazon Web Services credentials. For more information, see Amazon Resource Names (ARNs) and Amazon Web Services Service Namespaces.
The ARN of the S3 bucket. For more information, see Amazon Resource Names (ARNs) and Amazon Web Services Service Namespaces.
The "YYYY/MM/DD/HH" time format prefix is automatically used for delivered Amazon S3 files. You can also specify a custom prefix, as described in Custom Prefixes for Amazon S3 Objects.
A prefix that Kinesis Data Firehose evaluates and adds to failed records before writing them to S3. This prefix appears immediately following the bucket name. For information about how to specify this prefix, see Custom Prefixes for Amazon S3 Objects.
The buffering option. If no value is specified, BufferingHints
object default values are used.
Buffer incoming data to the specified size, in MiBs, before delivering it to the destination. The default value is 5. This parameter is optional but if you specify a value for it, you must also specify a value for IntervalInSeconds
, and vice versa.
We recommend setting this parameter to a value greater than the amount of data you typically ingest into the delivery stream in 10 seconds. For example, if you typically ingest data at 1 MiB/sec, the value should be 10 MiB or higher.
Buffer incoming data for the specified period of time, in seconds, before delivering it to the destination. The default value is 300. This parameter is optional but if you specify a value for it, you must also specify a value for SizeInMBs
, and vice versa.
The compression format. If no value is specified, the default is UNCOMPRESSED
.
The compression formats SNAPPY
or ZIP
cannot be specified for Amazon Redshift destinations because they are not supported by the Amazon Redshift COPY
operation that reads from the S3 bucket.
The encryption configuration. If no value is specified, the default is no encryption.
Specifically override existing encryption information to ensure that no encryption is used.
The encryption key.
The Amazon Resource Name (ARN) of the encryption key. Must belong to the same Amazon Web Services Region as the destination Amazon S3 bucket. For more information, see Amazon Resource Names (ARNs) and Amazon Web Services Service Namespaces.
The CloudWatch logging options for your delivery stream.
Enables or disables CloudWatch logging.
The CloudWatch group name for logging. This value is required if CloudWatch logging is enabled.
The CloudWatch log stream name for logging. This value is required if CloudWatch logging is enabled.
The data processing configuration.
Enables or disables data processing.
The data processors.
Describes a data processor.
The type of processor.
The processor parameters.
Describes the processor parameter.
The name of the parameter. Currently the following default values are supported: 3 for NumberOfRetries
and 60 for the BufferIntervalInSeconds
. The BufferSizeInMBs
ranges between 0.2 MB and up to 3MB. The default buffering hint is 1MB for all destinations, except Splunk. For Splunk, the default buffering hint is 256 KB.
The parameter value.
The Amazon CloudWatch logging options for your delivery stream.
Enables or disables CloudWatch logging.
The CloudWatch group name for logging. This value is required if CloudWatch logging is enabled.
The CloudWatch log stream name for logging. This value is required if CloudWatch logging is enabled.
The details of the VPC of the Amazon ES destination.
The IDs of the subnets that you want Kinesis Data Firehose to use to create ENIs in the VPC of the Amazon ES destination. Make sure that the routing tables and inbound and outbound rules allow traffic to flow from the subnets whose IDs are specified here to the subnets that have the destination Amazon ES endpoints. Kinesis Data Firehose creates at least one ENI in each of the subnets that are specified here. Do not delete or modify these ENIs.
The number of ENIs that Kinesis Data Firehose creates in the subnets specified here scales up and down automatically based on throughput. To enable Kinesis Data Firehose to scale up the number of ENIs to match throughput, ensure that you have sufficient quota. To help you calculate the quota you need, assume that Kinesis Data Firehose can create up to three ENIs for this delivery stream for each of the subnets specified here. For more information about ENI quota, see Network Interfaces in the Amazon VPC Quotas topic.
The ARN of the IAM role that you want the delivery stream to use to create endpoints in the destination VPC. You can use your existing Kinesis Data Firehose delivery role or you can specify a new role. In either case, make sure that the role trusts the Kinesis Data Firehose service principal and that it grants the following permissions:
ec2:DescribeVpcs
ec2:DescribeVpcAttribute
ec2:DescribeSubnets
ec2:DescribeSecurityGroups
ec2:DescribeNetworkInterfaces
ec2:CreateNetworkInterface
ec2:CreateNetworkInterfacePermission
ec2:DeleteNetworkInterface
If you revoke these permissions after you create the delivery stream, Kinesis Data Firehose can't scale out by creating more ENIs when necessary. You might therefore see a degradation in performance.
The IDs of the security groups that you want Kinesis Data Firehose to use when it creates ENIs in the VPC of the Amazon ES destination. You can use the same security group that the Amazon ES domain uses or different ones. If you specify different security groups here, ensure that they allow outbound HTTPS traffic to the Amazon ES domain's security group. Also ensure that the Amazon ES domain's security group allows HTTPS traffic from the security groups specified here. If you use the same security group for both your delivery stream and the Amazon ES domain, make sure the security group inbound rule allows HTTPS traffic. For more information about security group rules, see Security group rules in the Amazon VPC documentation.
The destination in Amazon OpenSearch Service. You can specify only one destination.
The Amazon Resource Name (ARN) of the IAM role to be assumed by Kinesis Data Firehose for calling the Amazon OpenSearch Service Configuration API and for indexing documents.
The ARN of the Amazon OpenSearch Service domain. The IAM role must have permissions for DescribeElasticsearchDomain, DescribeElasticsearchDomains, and DescribeElasticsearchDomainConfig after assuming the role specified in RoleARN.
The endpoint to use when communicating with the cluster. Specify either this ClusterEndpoint or the DomainARN field.
The ElasticsearAmazon OpenSearch Service index name.
The Amazon OpenSearch Service type name. For Elasticsearch 6.x, there can be only one type per index. If you try to specify a new type for an existing index that already has another type, Kinesis Data Firehose returns an error during run time.
The Amazon OpenSearch Service index rotation period. Index rotation appends a timestamp to the IndexName to facilitate the expiration of old data.
The buffering options. If no value is specified, the default values for AmazonopensearchserviceBufferingHints are used.
Buffer incoming data for the specified period of time, in seconds, before delivering it to the destination. The default value is 300 (5 minutes).
Buffer incoming data to the specified size, in MBs, before delivering it to the destination. The default value is 5.
We recommend setting this parameter to a value greater than the amount of data you typically ingest into the delivery stream in 10 seconds. For example, if you typically ingest data at 1 MB/sec, the value should be 10 MB or higher.
The retry behavior in case Kinesis Data Firehose is unable to deliver documents to Amazon OpenSearch Service. The default value is 300 (5 minutes).
After an initial failure to deliver to Amazon OpenSearch Service, the total amount of time during which Kinesis Data Firehose retries delivery (including the first attempt). After this time has elapsed, the failed documents are written to Amazon S3. Default value is 300 seconds (5 minutes). A value of 0 (zero) results in no retries.
Defines how documents should be delivered to Amazon S3. When it is set to FailedDocumentsOnly, Kinesis Data Firehose writes any documents that could not be indexed to the configured Amazon S3 destination, with AmazonOpenSearchService-failed/ appended to the key prefix. When set to AllDocuments, Kinesis Data Firehose delivers all incoming records to Amazon S3, and also writes failed documents with AmazonOpenSearchService-failed/ appended to the prefix.
Describes the configuration of a destination in Amazon S3.
The Amazon Resource Name (ARN) of the Amazon Web Services credentials. For more information, see Amazon Resource Names (ARNs) and Amazon Web Services Service Namespaces.
The ARN of the S3 bucket. For more information, see Amazon Resource Names (ARNs) and Amazon Web Services Service Namespaces.
The "YYYY/MM/DD/HH" time format prefix is automatically used for delivered Amazon S3 files. You can also specify a custom prefix, as described in Custom Prefixes for Amazon S3 Objects.
A prefix that Kinesis Data Firehose evaluates and adds to failed records before writing them to S3. This prefix appears immediately following the bucket name. For information about how to specify this prefix, see Custom Prefixes for Amazon S3 Objects.
The buffering option. If no value is specified, BufferingHints
object default values are used.
Buffer incoming data to the specified size, in MiBs, before delivering it to the destination. The default value is 5. This parameter is optional but if you specify a value for it, you must also specify a value for IntervalInSeconds
, and vice versa.
We recommend setting this parameter to a value greater than the amount of data you typically ingest into the delivery stream in 10 seconds. For example, if you typically ingest data at 1 MiB/sec, the value should be 10 MiB or higher.
Buffer incoming data for the specified period of time, in seconds, before delivering it to the destination. The default value is 300. This parameter is optional but if you specify a value for it, you must also specify a value for SizeInMBs
, and vice versa.
The compression format. If no value is specified, the default is UNCOMPRESSED
.
The compression formats SNAPPY
or ZIP
cannot be specified for Amazon Redshift destinations because they are not supported by the Amazon Redshift COPY
operation that reads from the S3 bucket.
The encryption configuration. If no value is specified, the default is no encryption.
Specifically override existing encryption information to ensure that no encryption is used.
The encryption key.
The Amazon Resource Name (ARN) of the encryption key. Must belong to the same Amazon Web Services Region as the destination Amazon S3 bucket. For more information, see Amazon Resource Names (ARNs) and Amazon Web Services Service Namespaces.
The CloudWatch logging options for your delivery stream.
Enables or disables CloudWatch logging.
The CloudWatch group name for logging. This value is required if CloudWatch logging is enabled.
The CloudWatch log stream name for logging. This value is required if CloudWatch logging is enabled.
Describes a data processing configuration.
Enables or disables data processing.
The data processors.
Describes a data processor.
The type of processor.
The processor parameters.
Describes the processor parameter.
The name of the parameter. Currently the following default values are supported: 3 for NumberOfRetries
and 60 for the BufferIntervalInSeconds
. The BufferSizeInMBs
ranges between 0.2 MB and up to 3MB. The default buffering hint is 1MB for all destinations, except Splunk. For Splunk, the default buffering hint is 256 KB.
The parameter value.
Describes the Amazon CloudWatch logging options for your delivery stream.
Enables or disables CloudWatch logging.
The CloudWatch group name for logging. This value is required if CloudWatch logging is enabled.
The CloudWatch log stream name for logging. This value is required if CloudWatch logging is enabled.
The details of the VPC of the Amazon ES destination.
The IDs of the subnets that you want Kinesis Data Firehose to use to create ENIs in the VPC of the Amazon ES destination. Make sure that the routing tables and inbound and outbound rules allow traffic to flow from the subnets whose IDs are specified here to the subnets that have the destination Amazon ES endpoints. Kinesis Data Firehose creates at least one ENI in each of the subnets that are specified here. Do not delete or modify these ENIs.
The number of ENIs that Kinesis Data Firehose creates in the subnets specified here scales up and down automatically based on throughput. To enable Kinesis Data Firehose to scale up the number of ENIs to match throughput, ensure that you have sufficient quota. To help you calculate the quota you need, assume that Kinesis Data Firehose can create up to three ENIs for this delivery stream for each of the subnets specified here. For more information about ENI quota, see Network Interfaces in the Amazon VPC Quotas topic.
The ARN of the IAM role that you want the delivery stream to use to create endpoints in the destination VPC. You can use your existing Kinesis Data Firehose delivery role or you can specify a new role. In either case, make sure that the role trusts the Kinesis Data Firehose service principal and that it grants the following permissions:
ec2:DescribeVpcs
ec2:DescribeVpcAttribute
ec2:DescribeSubnets
ec2:DescribeSecurityGroups
ec2:DescribeNetworkInterfaces
ec2:CreateNetworkInterface
ec2:CreateNetworkInterfacePermission
ec2:DeleteNetworkInterface
If you revoke these permissions after you create the delivery stream, Kinesis Data Firehose can't scale out by creating more ENIs when necessary. You might therefore see a degradation in performance.
The IDs of the security groups that you want Kinesis Data Firehose to use when it creates ENIs in the VPC of the Amazon ES destination. You can use the same security group that the Amazon ES domain uses or different ones. If you specify different security groups here, ensure that they allow outbound HTTPS traffic to the Amazon ES domain's security group. Also ensure that the Amazon ES domain's security group allows HTTPS traffic from the security groups specified here. If you use the same security group for both your delivery stream and the Amazon ES domain, make sure the security group inbound rule allows HTTPS traffic. For more information about security group rules, see Security group rules in the Amazon VPC documentation.
The destination in Splunk. You can specify only one destination.
The HTTP Event Collector (HEC) endpoint to which Kinesis Data Firehose sends your data.
This type can be either "Raw" or "Event."
This is a GUID that you obtain from your Splunk cluster when you create a new HEC endpoint.
The amount of time that Kinesis Data Firehose waits to receive an acknowledgment from Splunk after it sends it data. At the end of the timeout period, Kinesis Data Firehose either tries to send the data again or considers it an error, based on your retry settings.
The retry behavior in case Kinesis Data Firehose is unable to deliver data to Splunk, or if it doesn't receive an acknowledgment of receipt from Splunk.
The total amount of time that Kinesis Data Firehose spends on retries. This duration starts after the initial attempt to send data to Splunk fails. It doesn't include the periods during which Kinesis Data Firehose waits for acknowledgment from Splunk after each attempt.
Defines how documents should be delivered to Amazon S3. When set to FailedEventsOnly
, Kinesis Data Firehose writes any data that could not be indexed to the configured Amazon S3 destination. When set to AllEvents
, Kinesis Data Firehose delivers all incoming records to Amazon S3, and also writes failed documents to Amazon S3. The default value is FailedEventsOnly
.
You can update this backup mode from FailedEventsOnly
to AllEvents
. You can't update it from AllEvents
to FailedEventsOnly
.
The configuration for the backup Amazon S3 location.
The Amazon Resource Name (ARN) of the Amazon Web Services credentials. For more information, see Amazon Resource Names (ARNs) and Amazon Web Services Service Namespaces.
The ARN of the S3 bucket. For more information, see Amazon Resource Names (ARNs) and Amazon Web Services Service Namespaces.
The "YYYY/MM/DD/HH" time format prefix is automatically used for delivered Amazon S3 files. You can also specify a custom prefix, as described in Custom Prefixes for Amazon S3 Objects.
A prefix that Kinesis Data Firehose evaluates and adds to failed records before writing them to S3. This prefix appears immediately following the bucket name. For information about how to specify this prefix, see Custom Prefixes for Amazon S3 Objects.
The buffering option. If no value is specified, BufferingHints
object default values are used.
Buffer incoming data to the specified size, in MiBs, before delivering it to the destination. The default value is 5. This parameter is optional but if you specify a value for it, you must also specify a value for IntervalInSeconds
, and vice versa.
We recommend setting this parameter to a value greater than the amount of data you typically ingest into the delivery stream in 10 seconds. For example, if you typically ingest data at 1 MiB/sec, the value should be 10 MiB or higher.
Buffer incoming data for the specified period of time, in seconds, before delivering it to the destination. The default value is 300. This parameter is optional but if you specify a value for it, you must also specify a value for SizeInMBs
, and vice versa.
The compression format. If no value is specified, the default is UNCOMPRESSED
.
The compression formats SNAPPY
or ZIP
cannot be specified for Amazon Redshift destinations because they are not supported by the Amazon Redshift COPY
operation that reads from the S3 bucket.
The encryption configuration. If no value is specified, the default is no encryption.
Specifically override existing encryption information to ensure that no encryption is used.
The encryption key.
The Amazon Resource Name (ARN) of the encryption key. Must belong to the same Amazon Web Services Region as the destination Amazon S3 bucket. For more information, see Amazon Resource Names (ARNs) and Amazon Web Services Service Namespaces.
The CloudWatch logging options for your delivery stream.
Enables or disables CloudWatch logging.
The CloudWatch group name for logging. This value is required if CloudWatch logging is enabled.
The CloudWatch log stream name for logging. This value is required if CloudWatch logging is enabled.
The data processing configuration.
Enables or disables data processing.
The data processors.
Describes a data processor.
The type of processor.
The processor parameters.
Describes the processor parameter.
The name of the parameter. Currently the following default values are supported: 3 for NumberOfRetries
and 60 for the BufferIntervalInSeconds
. The BufferSizeInMBs
ranges between 0.2 MB and up to 3MB. The default buffering hint is 1MB for all destinations, except Splunk. For Splunk, the default buffering hint is 256 KB.
The parameter value.
The Amazon CloudWatch logging options for your delivery stream.
Enables or disables CloudWatch logging.
The CloudWatch group name for logging. This value is required if CloudWatch logging is enabled.
The CloudWatch log stream name for logging. This value is required if CloudWatch logging is enabled.
Enables configuring Kinesis Firehose to deliver data to any HTTP endpoint destination. You can specify only one destination.
The configuration of the HTTP endpoint selected as the destination.
The URL of the HTTP endpoint selected as the destination.
Warning
If you choose an HTTP endpoint as your destination, review and follow the instructions in the Appendix - HTTP Endpoint Delivery Request and Response Specifications.
The name of the HTTP endpoint selected as the destination.
The access key required for Kinesis Firehose to authenticate with the HTTP endpoint selected as the destination.
The buffering options that can be used before data is delivered to the specified destination. Kinesis Data Firehose treats these options as hints, and it might choose to use more optimal values. The SizeInMBs
and IntervalInSeconds
parameters are optional. However, if you specify a value for one of them, you must also provide a value for the other.
Buffer incoming data to the specified size, in MBs, before delivering it to the destination. The default value is 5.
We recommend setting this parameter to a value greater than the amount of data you typically ingest into the delivery stream in 10 seconds. For example, if you typically ingest data at 1 MB/sec, the value should be 10 MB or higher.
Buffer incoming data for the specified period of time, in seconds, before delivering it to the destination. The default value is 300 (5 minutes).
Describes the Amazon CloudWatch logging options for your delivery stream.
Enables or disables CloudWatch logging.
The CloudWatch group name for logging. This value is required if CloudWatch logging is enabled.
The CloudWatch log stream name for logging. This value is required if CloudWatch logging is enabled.
The configuration of the requeste sent to the HTTP endpoint specified as the destination.
Kinesis Data Firehose uses the content encoding to compress the body of a request before sending the request to the destination. For more information, see Content-Encoding in MDN Web Docs, the official Mozilla documentation.
Describes the metadata sent to the HTTP endpoint destination.
Describes the metadata that's delivered to the specified HTTP endpoint destination.
The name of the HTTP endpoint common attribute.
The value of the HTTP endpoint common attribute.
Describes a data processing configuration.
Enables or disables data processing.
The data processors.
Describes a data processor.
The type of processor.
The processor parameters.
Describes the processor parameter.
The name of the parameter. Currently the following default values are supported: 3 for NumberOfRetries
and 60 for the BufferIntervalInSeconds
. The BufferSizeInMBs
ranges between 0.2 MB and up to 3MB. The default buffering hint is 1MB for all destinations, except Splunk. For Splunk, the default buffering hint is 256 KB.
The parameter value.
Kinesis Data Firehose uses this IAM role for all the permissions that the delivery stream needs.
Describes the retry behavior in case Kinesis Data Firehose is unable to deliver data to the specified HTTP endpoint destination, or if it doesn't receive a valid acknowledgment of receipt from the specified HTTP endpoint destination.
The total amount of time that Kinesis Data Firehose spends on retries. This duration starts after the initial attempt to send data to the custom destination via HTTPS endpoint fails. It doesn't include the periods during which Kinesis Data Firehose waits for acknowledgment from the specified destination after each attempt.
Describes the S3 bucket backup options for the data that Kinesis Data Firehose delivers to the HTTP endpoint destination. You can back up all documents ( AllData
) or only the documents that Kinesis Data Firehose could not deliver to the specified HTTP endpoint destination ( FailedDataOnly
).
Describes the configuration of a destination in Amazon S3.
The Amazon Resource Name (ARN) of the Amazon Web Services credentials. For more information, see Amazon Resource Names (ARNs) and Amazon Web Services Service Namespaces.
The ARN of the S3 bucket. For more information, see Amazon Resource Names (ARNs) and Amazon Web Services Service Namespaces.
The "YYYY/MM/DD/HH" time format prefix is automatically used for delivered Amazon S3 files. You can also specify a custom prefix, as described in Custom Prefixes for Amazon S3 Objects.
A prefix that Kinesis Data Firehose evaluates and adds to failed records before writing them to S3. This prefix appears immediately following the bucket name. For information about how to specify this prefix, see Custom Prefixes for Amazon S3 Objects.
The buffering option. If no value is specified, BufferingHints
object default values are used.
Buffer incoming data to the specified size, in MiBs, before delivering it to the destination. The default value is 5. This parameter is optional but if you specify a value for it, you must also specify a value for IntervalInSeconds
, and vice versa.
We recommend setting this parameter to a value greater than the amount of data you typically ingest into the delivery stream in 10 seconds. For example, if you typically ingest data at 1 MiB/sec, the value should be 10 MiB or higher.
Buffer incoming data for the specified period of time, in seconds, before delivering it to the destination. The default value is 300. This parameter is optional but if you specify a value for it, you must also specify a value for SizeInMBs
, and vice versa.
The compression format. If no value is specified, the default is UNCOMPRESSED
.
The compression formats SNAPPY
or ZIP
cannot be specified for Amazon Redshift destinations because they are not supported by the Amazon Redshift COPY
operation that reads from the S3 bucket.
The encryption configuration. If no value is specified, the default is no encryption.
Specifically override existing encryption information to ensure that no encryption is used.
The encryption key.
The Amazon Resource Name (ARN) of the encryption key. Must belong to the same Amazon Web Services Region as the destination Amazon S3 bucket. For more information, see Amazon Resource Names (ARNs) and Amazon Web Services Service Namespaces.
The CloudWatch logging options for your delivery stream.
Enables or disables CloudWatch logging.
The CloudWatch group name for logging. This value is required if CloudWatch logging is enabled.
The CloudWatch log stream name for logging. This value is required if CloudWatch logging is enabled.
A set of tags to assign to the delivery stream. A tag is a key-value pair that you can define and assign to Amazon Web Services resources. Tags are metadata. For example, you can add friendly names and descriptions or other types of information that can help you distinguish the delivery stream. For more information about tags, see Using Cost Allocation Tags in the Amazon Web Services Billing and Cost Management User Guide.
You can specify up to 50 tags when creating a delivery stream.
Metadata that you can assign to a delivery stream, consisting of a key-value pair.
A unique identifier for the tag. Maximum length: 128 characters. Valid characters: Unicode letters, digits, white space, _ . / = + - % @
An optional string, which you can use to describe or define the tag. Maximum length: 256 characters. Valid characters: Unicode letters, digits, white space, _ . / = + - % @
The destination in the Serverless offering for Amazon OpenSearch Service. You can specify only one destination.
The Amazon Resource Name (ARN) of the IAM role to be assumed by Kinesis Data Firehose for calling the Serverless offering for Amazon OpenSearch Service Configuration API and for indexing documents.
The endpoint to use when communicating with the collection in the Serverless offering for Amazon OpenSearch Service.
The Serverless offering for Amazon OpenSearch Service index name.
The buffering options. If no value is specified, the default values for AmazonopensearchserviceBufferingHints are used.
Buffer incoming data for the specified period of time, in seconds, before delivering it to the destination. The default value is 300 (5 minutes).
Buffer incoming data to the specified size, in MBs, before delivering it to the destination. The default value is 5.
We recommend setting this parameter to a value greater than the amount of data you typically ingest into the delivery stream in 10 seconds. For example, if you typically ingest data at 1 MB/sec, the value should be 10 MB or higher.
The retry behavior in case Kinesis Data Firehose is unable to deliver documents to the Serverless offering for Amazon OpenSearch Service. The default value is 300 (5 minutes).
After an initial failure to deliver to the Serverless offering for Amazon OpenSearch Service, the total amount of time during which Kinesis Data Firehose retries delivery (including the first attempt). After this time has elapsed, the failed documents are written to Amazon S3. Default value is 300 seconds (5 minutes). A value of 0 (zero) results in no retries.
Defines how documents should be delivered to Amazon S3. When it is set to FailedDocumentsOnly, Kinesis Data Firehose writes any documents that could not be indexed to the configured Amazon S3 destination, with AmazonOpenSearchService-failed/ appended to the key prefix. When set to AllDocuments, Kinesis Data Firehose delivers all incoming records to Amazon S3, and also writes failed documents with AmazonOpenSearchService-failed/ appended to the prefix.
Describes the configuration of a destination in Amazon S3.
The Amazon Resource Name (ARN) of the Amazon Web Services credentials. For more information, see Amazon Resource Names (ARNs) and Amazon Web Services Service Namespaces.
The ARN of the S3 bucket. For more information, see Amazon Resource Names (ARNs) and Amazon Web Services Service Namespaces.
The "YYYY/MM/DD/HH" time format prefix is automatically used for delivered Amazon S3 files. You can also specify a custom prefix, as described in Custom Prefixes for Amazon S3 Objects.
A prefix that Kinesis Data Firehose evaluates and adds to failed records before writing them to S3. This prefix appears immediately following the bucket name. For information about how to specify this prefix, see Custom Prefixes for Amazon S3 Objects.
The buffering option. If no value is specified, BufferingHints
object default values are used.
Buffer incoming data to the specified size, in MiBs, before delivering it to the destination. The default value is 5. This parameter is optional but if you specify a value for it, you must also specify a value for IntervalInSeconds
, and vice versa.
We recommend setting this parameter to a value greater than the amount of data you typically ingest into the delivery stream in 10 seconds. For example, if you typically ingest data at 1 MiB/sec, the value should be 10 MiB or higher.
Buffer incoming data for the specified period of time, in seconds, before delivering it to the destination. The default value is 300. This parameter is optional but if you specify a value for it, you must also specify a value for SizeInMBs
, and vice versa.
The compression format. If no value is specified, the default is UNCOMPRESSED
.
The compression formats SNAPPY
or ZIP
cannot be specified for Amazon Redshift destinations because they are not supported by the Amazon Redshift COPY
operation that reads from the S3 bucket.
The encryption configuration. If no value is specified, the default is no encryption.
Specifically override existing encryption information to ensure that no encryption is used.
The encryption key.
The Amazon Resource Name (ARN) of the encryption key. Must belong to the same Amazon Web Services Region as the destination Amazon S3 bucket. For more information, see Amazon Resource Names (ARNs) and Amazon Web Services Service Namespaces.
The CloudWatch logging options for your delivery stream.
Enables or disables CloudWatch logging.
The CloudWatch group name for logging. This value is required if CloudWatch logging is enabled.
The CloudWatch log stream name for logging. This value is required if CloudWatch logging is enabled.
Describes a data processing configuration.
Enables or disables data processing.
The data processors.
Describes a data processor.
The type of processor.
The processor parameters.
Describes the processor parameter.
The name of the parameter. Currently the following default values are supported: 3 for NumberOfRetries
and 60 for the BufferIntervalInSeconds
. The BufferSizeInMBs
ranges between 0.2 MB and up to 3MB. The default buffering hint is 1MB for all destinations, except Splunk. For Splunk, the default buffering hint is 256 KB.
The parameter value.
Describes the Amazon CloudWatch logging options for your delivery stream.
Enables or disables CloudWatch logging.
The CloudWatch group name for logging. This value is required if CloudWatch logging is enabled.
The CloudWatch log stream name for logging. This value is required if CloudWatch logging is enabled.
The details of the VPC of the Amazon ES destination.
The IDs of the subnets that you want Kinesis Data Firehose to use to create ENIs in the VPC of the Amazon ES destination. Make sure that the routing tables and inbound and outbound rules allow traffic to flow from the subnets whose IDs are specified here to the subnets that have the destination Amazon ES endpoints. Kinesis Data Firehose creates at least one ENI in each of the subnets that are specified here. Do not delete or modify these ENIs.
The number of ENIs that Kinesis Data Firehose creates in the subnets specified here scales up and down automatically based on throughput. To enable Kinesis Data Firehose to scale up the number of ENIs to match throughput, ensure that you have sufficient quota. To help you calculate the quota you need, assume that Kinesis Data Firehose can create up to three ENIs for this delivery stream for each of the subnets specified here. For more information about ENI quota, see Network Interfaces in the Amazon VPC Quotas topic.
The ARN of the IAM role that you want the delivery stream to use to create endpoints in the destination VPC. You can use your existing Kinesis Data Firehose delivery role or you can specify a new role. In either case, make sure that the role trusts the Kinesis Data Firehose service principal and that it grants the following permissions:
ec2:DescribeVpcs
ec2:DescribeVpcAttribute
ec2:DescribeSubnets
ec2:DescribeSecurityGroups
ec2:DescribeNetworkInterfaces
ec2:CreateNetworkInterface
ec2:CreateNetworkInterfacePermission
ec2:DeleteNetworkInterface
If you revoke these permissions after you create the delivery stream, Kinesis Data Firehose can't scale out by creating more ENIs when necessary. You might therefore see a degradation in performance.
The IDs of the security groups that you want Kinesis Data Firehose to use when it creates ENIs in the VPC of the Amazon ES destination. You can use the same security group that the Amazon ES domain uses or different ones. If you specify different security groups here, ensure that they allow outbound HTTPS traffic to the Amazon ES domain's security group. Also ensure that the Amazon ES domain's security group allows HTTPS traffic from the security groups specified here. If you use the same security group for both your delivery stream and the Amazon ES domain, make sure the security group inbound rule allows HTTPS traffic. For more information about security group rules, see Security group rules in the Amazon VPC documentation.
dict
Response Syntax
{
'DeliveryStreamARN': 'string'
}
Response Structure
(dict) --
DeliveryStreamARN (string) --
The ARN of the delivery stream.
Exceptions
Firehose.Client.exceptions.InvalidArgumentException
Firehose.Client.exceptions.LimitExceededException
Firehose.Client.exceptions.ResourceInUseException
Firehose.Client.exceptions.InvalidKMSResourceException