forked from cloudposse/terraform-aws-elasticsearch
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathvariables.tf
242 lines (202 loc) · 7.05 KB
/
variables.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
variable "namespace" {
type = string
description = "Namespace (e.g. `eg` or `cp`)"
default = ""
}
variable "stage" {
type = string
description = "Stage (e.g. `prod`, `dev`, `staging`)"
default = ""
}
variable "name" {
type = string
description = "Name of the application"
}
variable "delimiter" {
type = string
default = "-"
description = "Delimiter to be used between `namespace`, `stage`, `name` and `attributes`"
}
variable "attributes" {
type = list(string)
default = []
description = "Additional attributes (e.g. `1`)"
}
variable "tags" {
type = map(string)
default = {}
description = "Additional tags (e.g. map(`BusinessUnit`,`XYZ`)"
}
variable "enabled" {
type = bool
default = true
description = "Set to false to prevent the module from creating any resources"
}
variable "security_groups" {
type = list(string)
default = []
description = "List of security group IDs to be allowed to connect to the cluster"
}
variable "allowed_cidr_blocks" {
type = list(string)
default = []
description = "List of CIDR blocks to be allowed to connect to the cluster"
}
variable "vpc_id" {
type = string
description = "VPC ID"
}
variable "subnet_ids" {
type = list(string)
description = "Subnet IDs"
}
variable "dns_zone_id" {
type = string
default = ""
description = "Route53 DNS Zone ID to add hostname records for Elasticsearch domain and Kibana"
}
variable "elasticsearch_version" {
type = string
default = "6.5"
description = "Version of Elasticsearch to deploy"
}
variable "instance_type" {
type = string
default = "t2.small.elasticsearch"
description = "Elasticsearch instance type for data nodes in the cluster"
}
variable "instance_count" {
type = number
description = "Number of data nodes in the cluster"
default = 4
}
variable "iam_role_arns" {
type = list(string)
default = []
description = "List of IAM role ARNs to permit access to the Elasticsearch domain"
}
variable "iam_authorizing_role_arns" {
type = list(string)
default = []
description = "List of IAM role ARNs to permit to assume the Elasticsearch user role"
}
variable "iam_actions" {
type = list(string)
default = []
description = "List of actions to allow for the IAM roles, _e.g._ `es:ESHttpGet`, `es:ESHttpPut`, `es:ESHttpPost`"
}
variable "zone_awareness_enabled" {
type = bool
default = true
description = "Enable zone awareness for Elasticsearch cluster"
}
variable "availability_zone_count" {
type = number
default = 2
description = "Number of Availability Zones for the domain to use."
}
variable "ebs_volume_size" {
type = number
description = "EBS volumes for data storage in GB"
default = 0
}
variable "ebs_volume_type" {
type = string
default = "gp2"
description = "Storage type of EBS volumes"
}
variable "ebs_iops" {
type = number
default = 0
description = "The baseline input/output (I/O) performance of EBS volumes attached to data nodes. Applicable only for the Provisioned IOPS EBS volume type"
}
variable "encrypt_at_rest_enabled" {
type = bool
default = true
description = "Whether to enable encryption at rest"
}
variable "encrypt_at_rest_kms_key_id" {
type = string
default = ""
description = "The KMS key ID to encrypt the Elasticsearch domain with. If not specified, then it defaults to using the AWS/Elasticsearch service KMS key"
}
variable "log_publishing_index_enabled" {
type = bool
default = false
description = "Specifies whether log publishing option for INDEX_SLOW_LOGS is enabled or not"
}
variable "log_publishing_search_enabled" {
type = bool
default = false
description = "Specifies whether log publishing option for SEARCH_SLOW_LOGS is enabled or not"
}
variable "log_publishing_application_enabled" {
type = bool
default = false
description = "Specifies whether log publishing option for ES_APPLICATION_LOGS is enabled or not"
}
variable "log_publishing_index_cloudwatch_log_group_arn" {
type = string
default = ""
description = "ARN of the CloudWatch log group to which log for INDEX_SLOW_LOGS needs to be published"
}
variable "log_publishing_search_cloudwatch_log_group_arn" {
type = string
default = ""
description = "ARN of the CloudWatch log group to which log for SEARCH_SLOW_LOGS needs to be published"
}
variable "log_publishing_application_cloudwatch_log_group_arn" {
type = string
default = ""
description = "ARN of the CloudWatch log group to which log for ES_APPLICATION_LOGS needs to be published"
}
variable "automated_snapshot_start_hour" {
type = number
description = "Hour at which automated snapshots are taken, in UTC"
default = 0
}
variable "dedicated_master_enabled" {
type = bool
default = false
description = "Indicates whether dedicated master nodes are enabled for the cluster"
}
variable "dedicated_master_count" {
type = number
description = "Number of dedicated master nodes in the cluster"
default = 0
}
variable "dedicated_master_type" {
type = string
default = "t2.small.elasticsearch"
description = "Instance type of the dedicated master nodes in the cluster"
}
variable "advanced_options" {
type = map(string)
default = {}
description = "Key-value string pairs to specify advanced configuration options"
}
variable "kibana_subdomain_name" {
type = string
default = "kibana"
description = "The name of the subdomain for Kibana in the DNS zone (_e.g._ `kibana`, `ui`, `ui-es`, `search-ui`, `kibana.elasticsearch`)"
}
variable "create_iam_service_linked_role" {
type = bool
default = true
description = "Whether to create `AWSServiceRoleForAmazonElasticsearchService` service-linked role. Set it to `false` if you already have an ElasticSearch cluster created in the AWS account and AWSServiceRoleForAmazonElasticsearchService already exists. See https://github.com/terraform-providers/terraform-provider-aws/issues/5218 for more info"
}
variable "node_to_node_encryption_enabled" {
type = bool
default = false
description = "Whether to enable node-to-node encryption"
}
variable "existing_security_groups_for_access" {
type = list(string)
default = []
description = "List of VPC Security Group IDs to be applied to the Elasticsearch domain endpoints. If omitted, the default Security Group for the VPC will be used. When providing this with an list of values then no new security groups will be provisioned, but rather these existing ones will be used."
}
variable "custom_access_policies" {
type = string
default = ""
description = "A custom IAM policy document specifying the access policies for the ElasticSearch domain. If this is specified, then it will override the auto-generated one based on the variables iam_role_arns and iam_authorizing_role_arns."
}