OpenSearch Endpoint Integration for Existing Amazon Connect Environment [DRAFT]
This document will serve as a guide in migrating the public OpenSearch to be redeployed in a private VPC.
Procedure
Create a backup snapshot stored in S3.
No downtime required
When migrating OpenSearch from public to private VPC you need to deploy a new one.
Deleting the old OpenSearch would be irreversible.
To potentially rollback – we need to take a manual snapshot of the OpenSearch store on S3
The snapshot can be used to recover the OpenSearch if needed.
Customer Side:
Create an S3 bucket to store Elasticsearch snapshot repository[s3://emite-{client-name}-snapshots/repository]
Attach an IAM Polciy to the eMite role to allow creation of the repository on S3[arn:aws:iam::{AWS-Account-Number}:role/emite-elasticsearch-s3repo-role]
Also attach this policy to Elasticsearch service role
eMite Side:
Create the repository and the backup snapshot before the start of the upgrade activity.
Deploy a new OpenSearch using a cloudformation template provided by eMite:
Download the CF template from this link:
Parameters:
Use the same size of data nodes.
Use the same number of data nodes.
Authorize Emite AWS Account to Use OpenSearch VPC Endpoint
Now that the Kinesis Stream and Firehose have been set up, we can now enable data streaming from Amazon Connect.
Go to the OpenSearch Console > Select the "emite-kinesis-connect"
Go to VPC Endpoints tab > Select Authorize Principal
Input the AWS Account ID referring to EmiteAccountID parameter.
Attach the IAM Role from the OLD Elasticsearch to the newly deployed one.
eMite Cloud Ops:
Once the EmiteAccountID has been authorized we will now create a VPC Endpoint to connect to the OpenSearch.
Once the VPC Endpoint has been established. We will now restore the data from the snapshot that is stored in S3.
Modify Schema, RTBI, and Global Configuration file to store data in the OpenSearch.
Customer Side:
Will now confirm there are any missing data.
Manually delete the OpenSearch from the AWS Console.