terraform module for AWS Elasticsearch Service

Examples

Check the examples folder

Requirements

Name	Version
terraform	>= 0.12.7, < 0.14
aws	>= 2.68, < 4.0

Providers

Name	Version
aws	>= 2.68, < 4.0

Inputs

Name	Description	Type	Default	Required
access_policies	(Optional) IAM policy document specifying the access policies for the domain	string	null	no
advanced_options	(Optional) Key-value string pairs to specify advanced configuration options. Note that the values for these configuration options must be strings (wrapped in quotes) or they may be wrong and cause a perpetual diff, causing Terraform to want to recreate your Elasticsearch domain on every apply.	map(string)	{}	no
advanced_security_options	(Optional) Options for fine-grained access control.	map	{}	no
cloudwatch_log_group_arn	(Optional) ARN of the Cloudwatch log group to which log needs to be published.	string	""	no
cloudwatch_log_kms_key_id	(Optional) The ARN of the KMS Key to use when encrypting log data. Please note, after the AWS KMS CMK is disassociated from the log group, AWS CloudWatch Logs stops encrypting newly ingested data for the log group.	string	null	no
cloudwatch_log_retention_in_days	(Optional) Specifies the number of days you want to retain log events in the specified log group. Possible values are: 1, 3, 5, 7, 14, 30, 60, 90, 120, 150, 180, 365, 400, 545, 731, 1827, 3653, and 0. If you select 0, the events in the log group are always retained and never expire.	number	0	no
cluster_config	(Optional) Cluster configuration of the domain	map	{ "dedicated_master_count": 3, "dedicated_master_enabled": true, "dedicated_master_type": "r5.large.elasticsearch", "instance_count": 3, "instance_type": "r5.large.elasticsearch", "zone_awareness_enabled": false }	no
cognito_options	(Optional) Options for Amazon Cognito Authentication for Kibana	map	{ "enabled": false }	no
create	Do you want to create ES Cluster	bool	true	no
create_service_link_role	Create service link role for AWS Elasticsearch Service	bool	true	no
domain_endpoint_options	(Optional) Domain endpoint HTTP(S) related options.	any	{ "enforce_https": true, "tls_security_policy": "Policy-Min-TLS-1-2-2019-07" }	no
domain_name	(Required) Name of the domain.	string	n/a	yes
ebs_options	(Optional) EBS related options, may be required based on chosen instance size.	map	{ "ebs_enabled": true, "volume_size": 20, "volume_type": "gp2" }	no
elasticsearch_version	(Optional) The version of Elasticsearch to deploy. Defaults to 1.5	string	"1.5"	no
encrypt_at_rest	Optional) Encrypt at rest options. Only available for certain instance types.	map	{ "enabled": true }	no
log_publishing_options	(Optional) Options for publishing slow and application logs to CloudWatch Logs. This block can be declared multiple times, for each log_type, within the same resource.	any	[ { "log_type": "AUDIT_LOGS" }, { "log_type": "INDEX_SLOW_LOGS" }, { "log_type": "SEARCH_SLOW_LOGS" }, { "log_type": "ES_APPLICATION_LOGS" } ]	no
node_to_node_encryption	(Optional) Node-to-node encryption options.	map	{ "enabled": false }	no
snapshot_options	(Optional) Snapshot related options	map	{}	no
tags	(Optional) A map of tags to assign to the resource	map	{}	no
timeouts	Timeouts map.	map	{}	no
vpc_options	(Optional) VPC related options, Adding or removing this configuration forces a new resource	map	{}	no

Outputs

Name	Description
arn	Amazon Resource Name (ARN) of the domain
domain_id	Unique identifier for the domain
endpoint	Domain-specific endpoint used to submit index, search, and data upload requests
kibana_endpoint	Domain-specific endpoint for kibana without https scheme

License

Apache 2 Licensed. See LICENSE for full details.