Broker
A broker is a message broker environment running on Amazon MQ. It is the basic building block of Amazon MQ. For more information about the different components of an Amazon MQ broker, see How Amazon MQ works in the Amazon MQ Developer Guide.
URI
/v1/brokers/broker-id
HTTP methods
GET
Operation ID: DescribeBroker
Returns information about the specified broker.
| Name | Type | Required | Description | 
|---|---|---|---|
| broker-id | String | True | The unique ID that Amazon MQ generates for the broker. | 
| Status code | Response model | Description | 
|---|---|---|
| 200 | 
            
         DescribeBrokerOutput | HTTP Status Code 200: OK. | 
| 400 | Error | HTTP Status Code 400: Bad request due to incorrect input. Correct your request and then retry it. | 
| 403 | Error | HTTP Status Code 403: Access forbidden. Correct your credentials and then retry your request. | 
| 404 | Error | HTTP Status Code 404: Resource not found due to incorrect input. Correct your request and then retry it. | 
| 500 | Error | HTTP Status Code 500: Unexpected internal server error. Retrying your request might resolve the issue. | 
PUT
Operation ID: UpdateBroker
Adds a pending configuration change to a broker.
| Name | Type | Required | Description | 
|---|---|---|---|
| broker-id | String | True | The unique ID that Amazon MQ generates for the broker. | 
| Status code | Response model | Description | 
|---|---|---|
| 200 | 
            
         UpdateBrokerOutput | HTTP Status Code 200: OK. | 
| 400 | Error | HTTP Status Code 400: Bad request due to incorrect input. Correct your request and then retry it. | 
| 403 | Error | HTTP Status Code 403: Access forbidden. Correct your credentials and then retry your request. | 
| 404 | Error | HTTP Status Code 404: Resource not found due to incorrect input. Correct your request and then retry it. | 
| 409 | Error | HTTP Status Code 409: Configuration ID is already in use. Remove the configuration from all brokers and retry the request. | 
| 500 | Error | HTTP Status Code 500: Unexpected internal server error. Retrying your request might resolve the issue. | 
DELETE
Operation ID: DeleteBroker
Deletes a broker. Note: This API is asynchronous.
| Name | Type | Required | Description | 
|---|---|---|---|
| broker-id | String | True | The unique ID that Amazon MQ generates for the broker. | 
| Status code | Response model | Description | 
|---|---|---|
| 200 | 
            
         DeleteBrokerOutput | HTTP Status Code 200: OK. | 
| 400 | Error | HTTP Status Code 400: Bad request due to incorrect input. Correct your request and then retry it. | 
| 403 | Error | HTTP Status Code 403: Access forbidden. Correct your credentials and then retry your request. | 
| 404 | Error | HTTP Status Code 404: Resource not found due to incorrect input. Correct your request and then retry it. | 
| 500 | Error | HTTP Status Code 500: Unexpected internal server error. Retrying your request might resolve the issue. | 
OPTIONS
| Name | Type | Required | Description | 
|---|---|---|---|
| broker-id | String | True | The unique ID that Amazon MQ generates for the broker. | 
| Status code | Response model | Description | 
|---|---|---|
| 200 | None | Default response for CORS method | 
Schemas
Request bodies
{ "dataReplicationMode": enum, "engineVersion": "string", "maintenanceWindowStartTime": { "dayOfWeek": enum, "timeZone": "string", "timeOfDay": "string" }, "configuration": { "id": "string", "revision": integer }, "storageConfiguration": { "efs": { "throughputMode": enum } }, "authenticationStrategy": enum, "securityGroups": [ "string" ], "ldapServerMetadata": { "roleSearchMatching": "string", "serviceAccountPassword": "string", "roleBase": "string", "hosts": [ "string" ], "roleName": "string", "userBase": "string", "roleSearchSubtree": boolean, "serviceAccountUsername": "string", "userRoleName": "string", "userSearchMatching": "string", "userSearchSubtree": boolean }, "logs": { "general": boolean, "audit": boolean }, "hostInstanceType": "string", "autoMinorVersionUpgrade": boolean }
Response bodies
{ "pendingEngineVersion": "string", "pendingAuthenticationStrategy": enum, "pendingSecurityGroups": [ "string" ], "configurations": { "current": { "id": "string", "revision": integer }, "pending": { "id": "string", "revision": integer }, "history": [ { "id": "string", "revision": integer } ] }, "brokerState": enum, "pendingDataReplicationMode": enum, "engineType": enum, "brokerInstances": [ { "endpoints": [ "string" ], "consoleURL": "string", "ipAddress": "string" } ], "hostInstanceType": "string", "dataReplicationMode": enum, "storageConfiguration": { "efs": { "throughputMode": enum } }, "publiclyAccessible": boolean, "logs": { "generalLogGroup": "string", "general": boolean, "audit": boolean, "pending": { "general": boolean, "audit": boolean }, "auditLogGroup": "string" }, "ldapServerMetadata": { "roleSearchMatching": "string", "roleBase": "string", "hosts": [ "string" ], "roleName": "string", "userBase": "string", "roleSearchSubtree": boolean, "serviceAccountUsername": "string", "userRoleName": "string", "userSearchMatching": "string", "userSearchSubtree": boolean }, "subnetIds": [ "string" ], "pendingHostInstanceType": "string", "engineVersion": "string", "brokerArn": "string", "brokerId": "string", "deploymentMode": enum, "maintenanceWindowStartTime": { "dayOfWeek": enum, "timeZone": "string", "timeOfDay": "string" }, "created": "string", "authenticationStrategy": enum, "users": [ { "pendingChange": enum, "username": "string" } ], "pendingStorageConfiguration": { "efs": { "throughputMode": enum } }, "tags": { }, "dataReplicationMetadata": { "dataReplicationCounterpart": { "brokerId": "string", "region": "string" }, "dataReplicationRole": "string" }, "pendingLdapServerMetadata": { "roleSearchMatching": "string", "roleBase": "string", "hosts": [ "string" ], "roleName": "string", "userBase": "string", "roleSearchSubtree": boolean, "serviceAccountUsername": "string", "userRoleName": "string", "userSearchMatching": "string", "userSearchSubtree": boolean }, "encryptionOptions": { "useAwsOwnedKey": boolean, "kmsKeyId": "string" }, "pendingDataReplicationMetadata": { "dataReplicationCounterpart": { "brokerId": "string", "region": "string" }, "dataReplicationRole": "string" }, "storageType": enum, "actionsRequired": [ { "actionRequiredCode": "string", "actionRequiredInfo": "string" } ], "securityGroups": [ "string" ], "brokerName": "string", "autoMinorVersionUpgrade": boolean }
{ "engineVersion": "string", "brokerId": "string", "maintenanceWindowStartTime": { "dayOfWeek": enum, "timeZone": "string", "timeOfDay": "string" }, "configuration": { "id": "string", "revision": integer }, "authenticationStrategy": enum, "pendingDataReplicationMode": enum, "hostInstanceType": "string", "pendingStorageConfiguration": { "efs": { "throughputMode": enum } }, "dataReplicationMode": enum, "dataReplicationMetadata": { "dataReplicationCounterpart": { "brokerId": "string", "region": "string" }, "dataReplicationRole": "string" }, "pendingDataReplicationMetadata": { "dataReplicationCounterpart": { "brokerId": "string", "region": "string" }, "dataReplicationRole": "string" }, "securityGroups": [ "string" ], "logs": { "general": boolean, "audit": boolean }, "ldapServerMetadata": { "roleSearchMatching": "string", "roleBase": "string", "hosts": [ "string" ], "roleName": "string", "userBase": "string", "roleSearchSubtree": boolean, "serviceAccountUsername": "string", "userRoleName": "string", "userSearchMatching": "string", "userSearchSubtree": boolean }, "autoMinorVersionUpgrade": boolean }
{ "brokerId": "string" }
{ "errorAttribute": "string", "message": "string" }
Properties
ActionRequired
Action required for a broker.
| Property | Type | Required | Description | 
|---|---|---|---|
| actionRequiredCode | string | False | The code you can use to find instructions on the action required to resolve your broker issue. | 
| actionRequiredInfo | string | False | Information about the action required to resolve your broker issue. | 
AuthenticationStrategy
Optional. The authentication strategy used to secure the broker. The
               default is SIMPLE.
- SIMPLE
- LDAP
- CONFIG_MANAGED
BrokerInstance
Returns information about all brokers.
| Property | Type | Required | Description | 
|---|---|---|---|
| consoleURL | string | False | The brokers web console URL. | 
| endpoints | Array of type string | False | The broker's wire-level protocol endpoints. | 
| ipAddress | string | False | The IP address of the Elastic Network Interface (ENI) attached to the broker. Does not apply to RabbitMQ brokers. | 
BrokerState
The broker's status.
- CREATION_IN_PROGRESS
- CREATION_FAILED
- DELETION_IN_PROGRESS
- RUNNING
- REBOOT_IN_PROGRESS
- CRITICAL_ACTION_REQUIRED
- REPLICA
BrokerStorageConfiguration
The storage configurations of a broker.
| Property | Type | Required | Description | 
|---|---|---|---|
| efs | False | 
BrokerStorageType
The broker's storage type.
Important
                  EFS is not supported for RabbitMQ engine type.
- EBS
- EFS
ChangeType
The type of change pending for the ActiveMQ user.
- CREATE
- UPDATE
- DELETE
ConfigurationId
A list of information about the configuration.
| Property | Type | Required | Description | 
|---|---|---|---|
| id | string | True | Required. The unique ID that Amazon MQ generates for the configuration. | 
| revision | integer | False | The revision number of the configuration. | 
Configurations
Broker configuration information
| Property | Type | Required | Description | 
|---|---|---|---|
| current | False | The broker's current configuration. | |
| history | Array of type ConfigurationId | False | The history of configurations applied to the broker. | 
| pending | False | The broker's pending configuration. | 
DataReplicationCounterpart
Specifies a broker in a data replication pair.
| Property | Type | Required | Description | 
|---|---|---|---|
| brokerId | string | True | Required. The unique broker id generated by Amazon MQ. | 
| region | string | True | Required. The region of the broker. | 
DataReplicationMetadataOutput
The replication details of the data replication-enabled broker. Only returned if dataReplicationMode or pendingDataReplicationMode is set to CRDR.
| Property | Type | Required | Description | 
|---|---|---|---|
| dataReplicationCounterpart | False | Describes the replica/primary broker. Only returned if this broker is currently set as a primary or replica in the broker's dataReplicationRole property. | |
| dataReplicationRole | string | True | Defines the role of this broker in a data replication pair. When a replica broker is promoted to primary, this role is interchanged. | 
DataReplicationMode
Specifies whether a broker is a part of a data replication pair.
- NONE
- CRDR
DeleteBrokerOutput
Returns information about the deleted broker.
| Property | Type | Required | Description | 
|---|---|---|---|
| brokerId | string | False | The unique ID that Amazon MQ generates for the broker. | 
DeploymentMode
The broker's deployment mode.
- SINGLE_INSTANCE
- ACTIVE_STANDBY_MULTI_AZ
- CLUSTER_MULTI_AZ
DescribeBrokerOutput
Returns information about the specified broker.
| Property | Type | Required | Description | 
|---|---|---|---|
| actionsRequired | Array of type ActionRequired | False | Actions required for a broker. | 
| authenticationStrategy | False | The authentication strategy used to secure the broker. The default is
                   | |
| autoMinorVersionUpgrade | boolean | True | Enables automatic upgrades to new patch versions for brokers as new versions are released and supported by Amazon MQ. Automatic upgrades occur during the scheduled maintenance window or after a manual broker reboot. | 
| brokerArn | string | False | The broker's Amazon Resource Name (ARN). | 
| brokerId | string | False | The unique ID that Amazon MQ generates for the broker. | 
| brokerInstances | Array of type BrokerInstance | False | A list of information about allocated brokers. | 
| brokerName | string | False | The broker's name. This value must be unique in your AWS account account, 1-50 characters long, must contain only letters, numbers, dashes, and underscores, and must not contain white spaces, brackets, wildcard characters, or special characters. | 
| brokerState | False | The broker's status. | |
| configurations | False | The list of all revisions for the specified configuration. | |
| created | string Format: date-time | False | The time when the broker was created. | 
| dataReplicationMetadata | False | The replication details of the data replication-enabled broker. Only returned if dataReplicationMode is set to CRDR. | |
| dataReplicationMode | False | Describes whether this broker is a part of a data replication pair. | |
| deploymentMode | True | The broker's deployment mode. | |
| encryptionOptions | False | Encryption options for the broker. | |
| engineType | True | The type of broker engine. Currently, Amazon MQ supports  | |
| engineVersion | string | False | The broker engine version. For more information, see the ActiveMQ version management and the RabbitMQ version management sections in the Amazon MQ Developer Guide. | 
| hostInstanceType | string | False | The broker's instance type. | 
| ldapServerMetadata | False | The metadata of the LDAP server used to authenticate and authorize connections to the broker. | |
| logs | False | The list of information about logs currently enabled and pending to be deployed for the specified broker. | |
| maintenanceWindowStartTime | False | The parameters that determine the WeeklyStartTime. | |
| pendingAuthenticationStrategy | False | The authentication strategy that will be applied when the broker is
               rebooted. The default is  | |
| pendingDataReplicationMetadata | False | The pending replication details of the data replication-enabled broker. Only returned if pendingDataReplicationMode is set to CRDR. | |
| pendingDataReplicationMode | False | Describes whether this broker will be a part of a data replication pair after reboot. | |
| pendingEngineVersion | string | False | The broker engine version to upgrade to. For more information, see the ActiveMQ version management and the RabbitMQ version management sections in the Amazon MQ Developer Guide. | 
| pendingHostInstanceType | string | False | The broker's host instance type to upgrade to. For a list of supported instance types, see Broker instance types. | 
| pendingLdapServerMetadata | False | The metadata of the LDAP server that will be used to authenticate and authorize connections to the broker after it is rebooted. | |
| pendingSecurityGroups | Array of type string | False | The list of pending security groups to authorize connections to brokers. | 
| pendingStorageConfiguration | False | The pending broker's storage configuration. | |
| publiclyAccessible | boolean | True | Enables connections from applications outside of the VPC that hosts the broker's subnets. | 
| securityGroups | Array of type string | False | The list of rules (1 minimum, 125 maximum) that authorize connections to brokers. | 
| storageConfiguration | False | The broker's storage configuration. | |
| storageType | False | The broker's storage type. | |
| subnetIds | Array of type string | False | The list of groups that define which subnets and IP ranges the broker can use from different Availability Zones. | 
| tags | object | False | The list of all tags associated with this broker. | 
| users | Array of type UserSummary | False | The list of all broker usernames for the specified broker. | 
EfsBrokerStorageConfiguration
The storage configuration of an EFS broker storage
| Property | Type | Required | Description | 
|---|---|---|---|
| throughputMode | string Values:  | False | Throughput mode of EFS broker storage | 
EncryptionOptions
Encryption options for the broker.
| Property | Type | Required | Description | 
|---|---|---|---|
| kmsKeyId | string | False | The customer master key (CMK) to use for the A AWS KMS (KMS). This key is used to encrypt your data at rest. If not provided, Amazon MQ will use a default CMK to encrypt your data. | 
| useAwsOwnedKey | boolean | True | Enables the use of an AWS owned CMK using AWS KMS (KMS). Set to  | 
EngineType
The type of broker engine. Amazon MQ supports ActiveMQ and RabbitMQ.
- ACTIVEMQ
- RABBITMQ
Error
Returns information about an error.
| Property | Type | Required | Description | 
|---|---|---|---|
| errorAttribute | string | False | The attribute which caused the error. | 
| message | string | False | The explanation of the error. | 
LdapServerMetadataInput
Optional. The metadata of the LDAP server used to authenticate and authorize connections to the broker.
Important
Does not apply to RabbitMQ brokers.
| Property | Type | Required | Description | 
|---|---|---|---|
| hosts | Array of type string | True | Specifies the location of the LDAP server such as AWS Directory Service for Microsoft Active Directory. Optional failover server. | 
| roleBase | string | True | The distinguished name of the node in the directory information tree (DIT) to
               search for roles or groups. For example,  | 
| roleName | string | False | Specifies the LDAP attribute that identifies the group name attribute in the object returned from the group membership query. | 
| roleSearchMatching | string | True | The LDAP search filter used to find roles within the  | 
| roleSearchSubtree | boolean | False | The directory search scope for the role. If set to true, scope is to search the entire subtree. | 
| serviceAccountPassword | string | True | Service account password. A service account is an account in your LDAP server that
               has access to initiate a connection. For example,  | 
| serviceAccountUsername | string | True | Service account username. A service account is an account in your LDAP server that
               has access to initiate a connection. For example,  | 
| userBase | string | True | Select a particular subtree of the directory information tree (DIT) to search for
               user entries. The subtree is specified by a DN, which specifies the base node of the
               subtree. For example, by setting this option to  | 
| userRoleName | string | False | Specifies the name of the LDAP attribute for the user group membership. | 
| userSearchMatching | string | True | The LDAP search filter used to find users within the  | 
| userSearchSubtree | boolean | False | The directory search scope for the user. If set to true, scope is to search the entire subtree. | 
LdapServerMetadataOutput
Optional. The metadata of the LDAP server used to authenticate and authorize connections to the broker.
| Property | Type | Required | Description | 
|---|---|---|---|
| hosts | Array of type string | True | Specifies the location of the LDAP server such as AWS Directory Service for Microsoft Active Directory. Optional failover server. | 
| roleBase | string | True | The distinguished name of the node in the directory information tree (DIT) to
               search for roles or groups. For example,  | 
| roleName | string | False | Specifies the LDAP attribute that identifies the group name attribute in the object returned from the group membership query. | 
| roleSearchMatching | string | True | The LDAP search filter used to find roles within the  | 
| roleSearchSubtree | boolean | False | The directory search scope for the role. If set to true, scope is to search the entire subtree. | 
| serviceAccountUsername | string | True | Service account username. A service account is an account in your LDAP server that
               has access to initiate a connection. For example,  | 
| userBase | string | True | Select a particular subtree of the directory information tree (DIT) to search for
               user entries. The subtree is specified by a DN, which specifies the base node of the
               subtree. For example, by setting this option to  | 
| userRoleName | string | False | Specifies the name of the LDAP attribute for the user group membership. | 
| userSearchMatching | string | True | The LDAP search filter used to find users within the  | 
| userSearchSubtree | boolean | False | The directory search scope for the user. If set to true, scope is to search the entire subtree. | 
Logs
The list of information about logs to be enabled for the specified broker.
| Property | Type | Required | Description | 
|---|---|---|---|
| audit | boolean | False | Enables audit logging. Every user management action made using JMX or the ActiveMQ Web Console is logged. Does not apply to RabbitMQ brokers. | 
| general | boolean | False | Enables general logging. | 
LogsSummary
The list of information about logs currently enabled and pending to be deployed for the specified broker.
| Property | Type | Required | Description | 
|---|---|---|---|
| audit | boolean | False | Enables audit logging. Every user management action made using JMX or the ActiveMQ Web Console is logged. | 
| auditLogGroup | string | False | The location of the CloudWatch Logs log group where audit logs are sent. | 
| general | boolean | True | Enables general logging. | 
| generalLogGroup | string | True | The location of the CloudWatch Logs log group where general logs are sent. | 
| pending | False | The list of information about logs pending to be deployed for the specified broker. | 
PendingLogs
The list of information about logs to be enabled for the specified broker.
| Property | Type | Required | Description | 
|---|---|---|---|
| audit | boolean | False | Enables audit logging. Every user management action made using JMX or the ActiveMQ Web Console is logged. | 
| general | boolean | False | Enables general logging. | 
UpdateBrokerInput
Updates the broker using the specified properties.
| Property | Type | Required | Description | 
|---|---|---|---|
| authenticationStrategy | False | Optional. The authentication strategy used to secure the broker. The
               default is  | |
| autoMinorVersionUpgrade | boolean | False | Enables automatic upgrades to new patch versions for brokers as new versions are released and supported by Amazon MQ. Automatic upgrades occur during the scheduled maintenance window or after a manual broker reboot. NoteMust be set to  | 
| configuration | False | A list of information about the configuration. | |
| dataReplicationMode | False | Defines whether this broker is a part of a data replication pair. | |
| engineVersion | string | False | The broker engine version. For more information, see the ActiveMQ version management and the RabbitMQ version management sections in the Amazon MQ Developer Guide. NoteWhen upgrading to ActiveMQ version 5.18 and above or RabbitMQ version 3.13 and above,
             you must have  | 
| hostInstanceType | string | False | The broker's host instance type to upgrade to. For a list of supported instance types, see Broker instance types. | 
| ldapServerMetadata | False | Optional. The metadata of the LDAP server used to authenticate and authorize connections to the broker. Does not apply to RabbitMQ brokers. | |
| logs | False | Enables Amazon CloudWatch logging for brokers. | |
| maintenanceWindowStartTime | False | The parameters that determine the WeeklyStartTime. | |
| securityGroups | Array of type string | False | The list of security groups (1 minimum, 5 maximum) that authorizes connections to brokers. | 
| storageConfiguration | False | The broker's storage configuration. | 
UpdateBrokerOutput
Returns information about the updated broker.
| Property | Type | Required | Description | 
|---|---|---|---|
| authenticationStrategy | False | Optional. The authentication strategy used to secure the broker. The
               default is  | |
| autoMinorVersionUpgrade | boolean | False | Enables automatic upgrades to new patch versions for brokers as new versions are released and supported by Amazon MQ. Automatic upgrades occur during the scheduled maintenance window or after a manual broker reboot. | 
| brokerId | string | True | Required. The unique ID that Amazon MQ generates for the broker. | 
| configuration | False | The ID of the updated configuration. | |
| dataReplicationMetadata | False | The replication details of the data replication-enabled broker. Only returned if dataReplicationMode is set to CRDR. | |
| dataReplicationMode | False | Describes whether this broker is a part of a data replication pair. | |
| engineVersion | string | False | The broker engine version to upgrade to. For more information, see the ActiveMQ version management and the RabbitMQ version management sections in the Amazon MQ Developer Guide. | 
| hostInstanceType | string | False | The broker's host instance type to upgrade to. For a list of supported instance types, see Broker instance types. | 
| ldapServerMetadata | False | Optional. The metadata of the LDAP server used to authenticate and authorize connections to the broker. Does not apply to RabbitMQ brokers. | |
| logs | False | The list of information about logs to be enabled for the specified broker. | |
| maintenanceWindowStartTime | False | The parameters that determine the WeeklyStartTime. | |
| pendingDataReplicationMetadata | False | The pending replication details of the data replication-enabled broker. Only returned if pendingDataReplicationMode is set to CRDR. | |
| pendingDataReplicationMode | False | Describes whether this broker will be a part of a data replication pair after reboot. | |
| pendingStorageConfiguration | False | The pending broker's storage configuration. | |
| securityGroups | Array of type string | False | The list of security groups (1 minimum, 5 maximum) that authorizes connections to brokers. | 
UserSummary
Returns a list of all broker users. Does not apply to RabbitMQ brokers.
| Property | Type | Required | Description | 
|---|---|---|---|
| pendingChange | False | The type of change pending for the broker user. | |
| username | string | True | Required. The username of the broker user. This value can contain only alphanumeric characters, dashes, periods, underscores, and tildes (- . _ ~). This value must be 2-100 characters long. | 
WeeklyStartTime
The scheduled time period relative to UTC during which Amazon MQ begins to apply pending updates or patches to the broker.
| Property | Type | Required | Description | 
|---|---|---|---|
| dayOfWeek | string Values:  | True | Required. The day of the week. | 
| timeOfDay | string | True | Required. The time, in 24-hour format. | 
| timeZone | string | False | The time zone, UTC by default, in either the Country/City format, or the UTC offset format. | 
See also
For more information about using this API in one of the language-specific AWS SDKs and references, see the following: