Terraform module for deploying and managing Amazon Elasticsearch Service.
This module creates an Elasticsearch domain and applies an access policy which permits unlimited access based on the intersection of the following two criteria:
- source IP address
- client IAM role
See this Stack Overflow post for further discussion of access policies for Elasticsearch.
Several options affect the resilience and scalability of your Elasticsearch domain. For a production deployment, set instance_count to an even number greater than or equal to 10 (the default is 6), choose an instance_type that is not in the T2 family, and set es_zone_awareness to true. This will result in a cluster with three dedicated master nodes, balanced across two availability zones.
For a production deployment it may also make sense to use EBS volumes rather that instance storage; to do so, set ebs_volume_size greater than 0 and optionally specify a value for ebs_volume_type (right now the only supported values are gp2 and magnetic).
None (but domain_name and management_public_ip_addresses are strongly recommended).
domain_name- unique identifier for the domain. The module will prefix it withtf-. e.g.domain_name = foowill result in a domain calledtf-foo.es_version- Elasticsearch version.instance_type- Elasticsearch instance type to use for data nodes (and dedicated master nodes unless otherwise specified).instance_count- Number of instances in the cluster.dedicated_master_type- Elasticsearch instance type to use for dedicated master nodes.management_iam_roles- List of ARNs of IAM roles to be granted full access to the domain.management_public_ip_addresses- List of IP addresses or CIDR blocks from which to permit full access to the domain. Remember that for hosts inside a VPC, you'll want to specify the Elastic IP(s) of any relevant NAT Gateway(s).es_zone_awareness- Enable or disable zone awareness (balancing instances across multiple availability zones). Note that setting this parameter totrueand then requesting an odd number of nodes will result in an invalid cluster configuration.ebs_volume_size- Size in GB of EBS volume to attach to each node and use for data storage. If this parameter is set to 0 (the default), nodes will use instance storage.ebs_volume_type- Storage class for EBS volumes. Just usegp2.snapshot_start_hour- Hour of the day (in UTC) at which to begin daily snapshots.
module "es" {
source = "github.com/terraform-community-modules/tf_aws_elasticsearch?ref=0.0.1"
domain_name = "my-elasticsearch-domain"
management_public_ip_addresses = ["34.203.XXX.YYY"]
instance_count = 16
instance_type = "m4.2xlarge.elasticsearch"
dedicated_master_type = "m4.large.elasticsearch"
es_zone_awareness = true
ebs_volume_size = 100
...
}
arn- ARN of the created Elasticsearch domain.domain_id- Unique identifier for the domain.endpoint- Domain-specific endpoint used to submit index, search, and data upload requests. Kibana is available athttps://${endpoint}/_plugin/kibana/.
0.0.2 - Bugfix (#1) which prevented module from executing correctly with variable defaults.
0.0.1 - Initial release.
This software is released under the MIT License (see LICENSE.md).