:doc:`MQ <../../mq>` / Client / update_broker

*************
update_broker
*************



.. py:method:: MQ.Client.update_broker(**kwargs)

  

  Adds a pending configuration change to a broker.

  

  See also: `AWS API Documentation <https://docs.aws.amazon.com/goto/WebAPI/mq-2017-11-27/UpdateBroker>`_  


  **Request Syntax**
  ::

    response = client.update_broker(
        AuthenticationStrategy='SIMPLE'|'LDAP'|'CONFIG_MANAGED',
        AutoMinorVersionUpgrade=True|False,
        BrokerId='string',
        Configuration={
            'Id': 'string',
            'Revision': 123
        },
        EngineVersion='string',
        HostInstanceType='string',
        LdapServerMetadata={
            'Hosts': [
                'string',
            ],
            'RoleBase': 'string',
            'RoleName': 'string',
            'RoleSearchMatching': 'string',
            'RoleSearchSubtree': True|False,
            'ServiceAccountPassword': 'string',
            'ServiceAccountUsername': 'string',
            'UserBase': 'string',
            'UserRoleName': 'string',
            'UserSearchMatching': 'string',
            'UserSearchSubtree': True|False
        },
        Logs={
            'Audit': True|False,
            'General': True|False
        },
        MaintenanceWindowStartTime={
            'DayOfWeek': 'MONDAY'|'TUESDAY'|'WEDNESDAY'|'THURSDAY'|'FRIDAY'|'SATURDAY'|'SUNDAY',
            'TimeOfDay': 'string',
            'TimeZone': 'string'
        },
        SecurityGroups=[
            'string',
        ],
        DataReplicationMode='NONE'|'CRDR'
    )
    
  :type AuthenticationStrategy: string
  :param AuthenticationStrategy: 

    Optional. The authentication strategy used to secure the broker. The default is SIMPLE.

    

  
  :type AutoMinorVersionUpgrade: boolean
  :param AutoMinorVersionUpgrade: 

    Enables automatic upgrades to new patch versions for brokers as new versions are released and supported by Amazon MQ. Automatic upgrades occur during the scheduled maintenance window or after a manual broker reboot.

     

    .. note::

      

      Must be set to true for ActiveMQ brokers version 5.18 and above and for RabbitMQ brokers version 3.13 and above.

      

    

  
  :type BrokerId: string
  :param BrokerId: **[REQUIRED]** 

    The unique ID that Amazon MQ generates for the broker.

    

  
  :type Configuration: dict
  :param Configuration: 

    A list of information about the configuration.

    

  
    - **Id** *(string) --* **[REQUIRED]** 

      Required. The unique ID that Amazon MQ generates for the configuration.

      

    
    - **Revision** *(integer) --* 

      The revision number of the configuration.

      

    
  
  :type EngineVersion: string
  :param EngineVersion: 

    The broker engine version. For more information, see the `ActiveMQ version management <https://docs.aws.amazon.com//amazon-mq/latest/developer-guide/activemq-version-management.html>`__ and the `RabbitMQ version management <https://docs.aws.amazon.com//amazon-mq/latest/developer-guide/rabbitmq-version-management.html>`__ sections in the Amazon MQ Developer Guide.

     

    .. note::

      

      When upgrading to ActiveMQ version 5.18 and above or RabbitMQ version 3.13 and above, you must have autoMinorVersionUpgrade set to true for the broker.

      

    

  
  :type HostInstanceType: string
  :param HostInstanceType: 

    The broker's host instance type to upgrade to. For a list of supported instance types, see `Broker instance types <https://docs.aws.amazon.com//amazon-mq/latest/developer-guide/broker.html#broker-instance-types>`__.

    

  
  :type LdapServerMetadata: dict
  :param LdapServerMetadata: 

    Optional. The metadata of the LDAP server used to authenticate and authorize connections to the broker. Does not apply to RabbitMQ brokers.

    

  
    - **Hosts** *(list) --* **[REQUIRED]** 

      Specifies the location of the LDAP server such as Directory Service for Microsoft Active Directory. Optional failover server.

      

    
      - *(string) --* 

      
  
    - **RoleBase** *(string) --* **[REQUIRED]** 

      The distinguished name of the node in the directory information tree (DIT) to search for roles or groups. For example, ou=group, ou=corp, dc=corp, dc=example, dc=com.

      

    
    - **RoleName** *(string) --* 

      Specifies the LDAP attribute that identifies the group name attribute in the object returned from the group membership query.

      

    
    - **RoleSearchMatching** *(string) --* **[REQUIRED]** 

      The LDAP search filter used to find roles within the roleBase. The distinguished name of the user matched by userSearchMatching is substituted into the {0} placeholder in the search filter. The client's username is substituted into the {1} placeholder. For example, if you set this option to (member=uid={1})for the user janedoe, the search filter becomes (member=uid=janedoe) after string substitution. It matches all role entries that have a member attribute equal to uid=janedoe under the subtree selected by the roleBase.

      

    
    - **RoleSearchSubtree** *(boolean) --* 

      The directory search scope for the role. If set to true, scope is to search the entire subtree.

      

    
    - **ServiceAccountPassword** *(string) --* **[REQUIRED]** 

      Service account password. A service account is an account in your LDAP server that has access to initiate a connection. For example, cn=admin,dc=corp, dc=example, dc=com.

      

    
    - **ServiceAccountUsername** *(string) --* **[REQUIRED]** 

      Service account username. A service account is an account in your LDAP server that has access to initiate a connection. For example, cn=admin,dc=corp, dc=example, dc=com.

      

    
    - **UserBase** *(string) --* **[REQUIRED]** 

      Select a particular subtree of the directory information tree (DIT) to search for user entries. The subtree is specified by a DN, which specifies the base node of the subtree. For example, by setting this option to ou=Users,ou=corp, dc=corp, dc=example, dc=com, the search for user entries is restricted to the subtree beneath ou=Users, ou=corp, dc=corp, dc=example, dc=com.

      

    
    - **UserRoleName** *(string) --* 

      Specifies the name of the LDAP attribute for the user group membership.

      

    
    - **UserSearchMatching** *(string) --* **[REQUIRED]** 

      The LDAP search filter used to find users within the userBase. The client's username is substituted into the {0} placeholder in the search filter. For example, if this option is set to (uid={0}) and the received username is janedoe, the search filter becomes (uid=janedoe) after string substitution. It will result in matching an entry like uid=janedoe, ou=Users,ou=corp, dc=corp, dc=example, dc=com.

      

    
    - **UserSearchSubtree** *(boolean) --* 

      The directory search scope for the user. If set to true, scope is to search the entire subtree.

      

    
  
  :type Logs: dict
  :param Logs: 

    Enables Amazon CloudWatch logging for brokers.

    

  
    - **Audit** *(boolean) --* 

      Enables audit logging. Every user management action made using JMX or the ActiveMQ Web Console is logged. Does not apply to RabbitMQ brokers.

      

    
    - **General** *(boolean) --* 

      Enables general logging.

      

    
  
  :type MaintenanceWindowStartTime: dict
  :param MaintenanceWindowStartTime: 

    The parameters that determine the WeeklyStartTime.

    

  
    - **DayOfWeek** *(string) --* **[REQUIRED]** 

      Required. The day of the week.

      

    
    - **TimeOfDay** *(string) --* **[REQUIRED]** 

      Required. The time, in 24-hour format.

      

    
    - **TimeZone** *(string) --* 

      The time zone, UTC by default, in either the Country/City format, or the UTC offset format.

      

    
  
  :type SecurityGroups: list
  :param SecurityGroups: 

    The list of security groups (1 minimum, 5 maximum) that authorizes connections to brokers.

    

  
    - *(string) --* 

    

  :type DataReplicationMode: string
  :param DataReplicationMode: 

    Defines whether this broker is a part of a data replication pair.

    

  
  
  :rtype: dict
  :returns: 
    
    **Response Syntax**

    
    ::

      {
          'AuthenticationStrategy': 'SIMPLE'|'LDAP'|'CONFIG_MANAGED',
          'AutoMinorVersionUpgrade': True|False,
          'BrokerId': 'string',
          'Configuration': {
              'Id': 'string',
              'Revision': 123
          },
          'EngineVersion': 'string',
          'HostInstanceType': 'string',
          'LdapServerMetadata': {
              'Hosts': [
                  'string',
              ],
              'RoleBase': 'string',
              'RoleName': 'string',
              'RoleSearchMatching': 'string',
              'RoleSearchSubtree': True|False,
              'ServiceAccountUsername': 'string',
              'UserBase': 'string',
              'UserRoleName': 'string',
              'UserSearchMatching': 'string',
              'UserSearchSubtree': True|False
          },
          'Logs': {
              'Audit': True|False,
              'General': True|False
          },
          'MaintenanceWindowStartTime': {
              'DayOfWeek': 'MONDAY'|'TUESDAY'|'WEDNESDAY'|'THURSDAY'|'FRIDAY'|'SATURDAY'|'SUNDAY',
              'TimeOfDay': 'string',
              'TimeZone': 'string'
          },
          'SecurityGroups': [
              'string',
          ],
          'DataReplicationMetadata': {
              'DataReplicationCounterpart': {
                  'BrokerId': 'string',
                  'Region': 'string'
              },
              'DataReplicationRole': 'string'
          },
          'DataReplicationMode': 'NONE'|'CRDR',
          'PendingDataReplicationMetadata': {
              'DataReplicationCounterpart': {
                  'BrokerId': 'string',
                  'Region': 'string'
              },
              'DataReplicationRole': 'string'
          },
          'PendingDataReplicationMode': 'NONE'|'CRDR'
      }
      
    **Response Structure**

    

    - *(dict) --* 

      HTTP Status Code 200: OK.

      
      

      - **AuthenticationStrategy** *(string) --* 

        Optional. The authentication strategy used to secure the broker. The default is SIMPLE.

        
      

      - **AutoMinorVersionUpgrade** *(boolean) --* 

        Enables automatic upgrades to new patch versions for brokers as new versions are released and supported by Amazon MQ. Automatic upgrades occur during the scheduled maintenance window or after a manual broker reboot.

        
      

      - **BrokerId** *(string) --* 

        Required. The unique ID that Amazon MQ generates for the broker.

        
      

      - **Configuration** *(dict) --* 

        The ID of the updated configuration.

        
        

        - **Id** *(string) --* 

          Required. The unique ID that Amazon MQ generates for the configuration.

          
        

        - **Revision** *(integer) --* 

          The revision number of the configuration.

          
    
      

      - **EngineVersion** *(string) --* 

        The broker engine version to upgrade to. For more information, see the `ActiveMQ version management <https://docs.aws.amazon.com//amazon-mq/latest/developer-guide/activemq-version-management.html>`__ and the `RabbitMQ version management <https://docs.aws.amazon.com//amazon-mq/latest/developer-guide/rabbitmq-version-management.html>`__ sections in the Amazon MQ Developer Guide.

        
      

      - **HostInstanceType** *(string) --* 

        The broker's host instance type to upgrade to. For a list of supported instance types, see `Broker instance types <https://docs.aws.amazon.com//amazon-mq/latest/developer-guide/broker.html#broker-instance-types>`__.

        
      

      - **LdapServerMetadata** *(dict) --* 

        Optional. The metadata of the LDAP server used to authenticate and authorize connections to the broker. Does not apply to RabbitMQ brokers.

        
        

        - **Hosts** *(list) --* 

          Specifies the location of the LDAP server such as Directory Service for Microsoft Active Directory. Optional failover server.

          
          

          - *(string) --* 
      
        

        - **RoleBase** *(string) --* 

          The distinguished name of the node in the directory information tree (DIT) to search for roles or groups. For example, ou=group, ou=corp, dc=corp, dc=example, dc=com.

          
        

        - **RoleName** *(string) --* 

          Specifies the LDAP attribute that identifies the group name attribute in the object returned from the group membership query.

          
        

        - **RoleSearchMatching** *(string) --* 

          The LDAP search filter used to find roles within the roleBase. The distinguished name of the user matched by userSearchMatching is substituted into the {0} placeholder in the search filter. The client's username is substituted into the {1} placeholder. For example, if you set this option to (member=uid={1})for the user janedoe, the search filter becomes (member=uid=janedoe) after string substitution. It matches all role entries that have a member attribute equal to uid=janedoe under the subtree selected by the roleBase.

          
        

        - **RoleSearchSubtree** *(boolean) --* 

          The directory search scope for the role. If set to true, scope is to search the entire subtree.

          
        

        - **ServiceAccountUsername** *(string) --* 

          Service account username. A service account is an account in your LDAP server that has access to initiate a connection. For example, cn=admin,dc=corp, dc=example, dc=com.

          
        

        - **UserBase** *(string) --* 

          Select a particular subtree of the directory information tree (DIT) to search for user entries. The subtree is specified by a DN, which specifies the base node of the subtree. For example, by setting this option to ou=Users,ou=corp, dc=corp, dc=example, dc=com, the search for user entries is restricted to the subtree beneath ou=Users, ou=corp, dc=corp, dc=example, dc=com.

          
        

        - **UserRoleName** *(string) --* 

          Specifies the name of the LDAP attribute for the user group membership.

          
        

        - **UserSearchMatching** *(string) --* 

          The LDAP search filter used to find users within the userBase. The client's username is substituted into the {0} placeholder in the search filter. For example, if this option is set to (uid={0}) and the received username is janedoe, the search filter becomes (uid=janedoe) after string substitution. It will result in matching an entry like uid=janedoe, ou=Users,ou=corp, dc=corp, dc=example, dc=com.

          
        

        - **UserSearchSubtree** *(boolean) --* 

          The directory search scope for the user. If set to true, scope is to search the entire subtree.

          
    
      

      - **Logs** *(dict) --* 

        The list of information about logs to be enabled for the specified broker.

        
        

        - **Audit** *(boolean) --* 

          Enables audit logging. Every user management action made using JMX or the ActiveMQ Web Console is logged. Does not apply to RabbitMQ brokers.

          
        

        - **General** *(boolean) --* 

          Enables general logging.

          
    
      

      - **MaintenanceWindowStartTime** *(dict) --* 

        The parameters that determine the WeeklyStartTime.

        
        

        - **DayOfWeek** *(string) --* 

          Required. The day of the week.

          
        

        - **TimeOfDay** *(string) --* 

          Required. The time, in 24-hour format.

          
        

        - **TimeZone** *(string) --* 

          The time zone, UTC by default, in either the Country/City format, or the UTC offset format.

          
    
      

      - **SecurityGroups** *(list) --* 

        The list of security groups (1 minimum, 5 maximum) that authorizes connections to brokers.

        
        

        - *(string) --* 
    
      

      - **DataReplicationMetadata** *(dict) --* 

        The replication details of the data replication-enabled broker. Only returned if dataReplicationMode is set to CRDR.

        
        

        - **DataReplicationCounterpart** *(dict) --* 

          Describes the replica/primary broker. Only returned if this broker is currently set as a primary or replica in the broker's dataReplicationRole property.

          
          

          - **BrokerId** *(string) --* 

            Required. The unique broker id generated by Amazon MQ.

            
          

          - **Region** *(string) --* 

            Required. The region of the broker.

            
      
        

        - **DataReplicationRole** *(string) --* 

          Defines the role of this broker in a data replication pair. When a replica broker is promoted to primary, this role is interchanged.

          
    
      

      - **DataReplicationMode** *(string) --* 

        Describes whether this broker is a part of a data replication pair.

        
      

      - **PendingDataReplicationMetadata** *(dict) --* 

        The pending replication details of the data replication-enabled broker. Only returned if pendingDataReplicationMode is set to CRDR.

        
        

        - **DataReplicationCounterpart** *(dict) --* 

          Describes the replica/primary broker. Only returned if this broker is currently set as a primary or replica in the broker's dataReplicationRole property.

          
          

          - **BrokerId** *(string) --* 

            Required. The unique broker id generated by Amazon MQ.

            
          

          - **Region** *(string) --* 

            Required. The region of the broker.

            
      
        

        - **DataReplicationRole** *(string) --* 

          Defines the role of this broker in a data replication pair. When a replica broker is promoted to primary, this role is interchanged.

          
    
      

      - **PendingDataReplicationMode** *(string) --* 

        Describes whether this broker will be a part of a data replication pair after reboot.

        
  
  **Exceptions**
  
  *   :py:class:`MQ.Client.exceptions.NotFoundException`

  
  *   :py:class:`MQ.Client.exceptions.BadRequestException`

  
  *   :py:class:`MQ.Client.exceptions.InternalServerErrorException`

  
  *   :py:class:`MQ.Client.exceptions.ConflictException`

  
  *   :py:class:`MQ.Client.exceptions.ForbiddenException`

  