| Name | Version |
|---|---|
| terraform | >= 0.13.0 |
| aws | 5.49.0 |
| elasticsearch | >= 2.0.0 |
| Name | Version |
|---|---|
| aws | 5.49.0 |
No modules.
| Name | Type |
|---|---|
| aws_cloudwatch_log_group.cw_application | resource |
| aws_cloudwatch_log_group.cw_audit | resource |
| aws_cloudwatch_log_group.cw_index | resource |
| aws_cloudwatch_log_group.cw_search | resource |
| aws_cloudwatch_log_resource_policy.cw_resource_policy | resource |
| aws_elasticsearch_domain.opensearch | resource |
| aws_elasticsearch_domain_saml_options.opensearch_saml_options | resource |
| aws_iam_policy_document.cw_policy | data source |
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| autotune_enabled | Enable autotune options | bool |
false |
no |
| autotune_options | n/a | object({ |
{ |
no |
| availability_zones | The number of availability zones for the OpenSearch cluster. Valid values: 1, 2 or 3. | number |
3 |
no |
| cloudwatch_log_enabled | Enabled Cloudwatch. | bool |
true |
no |
| cloudwatch_log_kms_key_id | The ARN of the KMS key to use when encrypting log data. | string |
null |
no |
| cloudwatch_log_retention | Cloudwatch log retention in days. | number |
365 |
no |
| cluster_domain_name | The domain name for the OpenSearch cluster. | string |
null |
no |
| cluster_name | The name of the OpenSearch cluster. | string |
"opensearch" |
no |
| cluster_version | The version of OpenSearch to deploy. | string |
"OpenSearch_1.2" |
no |
| cognito_enabled | Enable AWS cognito for OpenSearch. | bool |
false |
no |
| cognito_identity_pool_id | ID of the Cognito identity pool to use. | string |
null |
no |
| cognito_role_arn | ARN of the IAM role that has the AmazonESCognitoAccess policy. | string |
null |
no |
| cognito_user_pool_id | ID of the Cognito user pool to use. | string |
null |
no |
| cold_enabled | Enable cold storage. | bool |
false |
no |
| custom_endpoint | FQDN of the custom endpoint | string |
null |
no |
| custom_endpoint_certificate_arn | ACM certificate ARN for your custom endpoint. | string |
null |
no |
| custom_endpoint_enabled | Enable custom endpoint. | bool |
false |
no |
| ebs_enabled | Enable EBS volumes for data nodes | bool |
false |
no |
| ebs_iops | Baseline I/O performance of EBS volumes attached to data nodes. | number |
null |
no |
| ebs_volume_size | EBS Volume size in GiB | number |
null |
no |
| ebs_volume_type | EBS volume type. https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-volume-types.html | string |
null |
no |
| enabled | Enable OpenSearch. | bool |
true |
no |
| encrypt_at_rest | Enable encryption at rest | bool |
true |
no |
| encrypt_kms_key_id | KMS key id to encrypt OpenSearch domain with. | string |
null |
no |
| enforce_https | Enforce HTTPS domain endpoint. | string |
null |
no |
| hot_instance_count | The number of dedicated hot nodes in the cluster. | number |
3 |
no |
| hot_instance_type | The instance type for dedicated hot nodes in the cluster. | string |
"t3.small.elasticsearch" |
no |
| internal_user_database_enabled | Enable internal user database. | bool |
true |
no |
| master_instance_count | The number of dedicated master nodes in the cluster. | number |
3 |
no |
| master_instance_type | Instance type for the OpenSearch master nodes. | string |
"t3.small.elasticsearch" |
no |
| master_user_arn | ARN of the main user. | string |
null |
no |
| master_user_name | Name of the main user. | string |
null |
no |
| master_user_password | Password of the main user. | string |
null |
no |
| node_to_node_encryption | Enable node-to-node encryption. | bool |
true |
no |
| saml_options_enabled | Enable saml_options | bool |
false |
no |
| saml_options_idp_entity_id | URL of the entity id | string |
null |
no |
| saml_options_idp_metadata_content | Contents of the saml-metadata.xml file | string |
null |
no |
| saml_options_master_backend_role | (Optional) This backend role from the SAML IdP receives full permissions to the cluster, equivalent to a new master user. | string |
null |
no |
| saml_options_master_user_name | (Optional) This username from the SAML IdP receives full permissions to the cluster, equivalent to a new master user. | string |
null |
no |
| saml_options_roles_key | (Optional) Element of the SAML assertion to use for backend roles. Default is roles. e.g. http://schemas.microsoft.com/ws/2008/06/identity/claims/groups | string |
null |
no |
| saml_options_session_timeout_minutes | (Optional) Duration of a session in minutes after a user logs in. Default is 60. Maximum value is 1,440. | number |
null |
no |
| saml_options_subject_key | (Optional) Custom SAML attribute to use for user names. Default is an empty string. This will cause Elasticsearch to use the NameID element of the Subject, which is the default location for name identifiers in the SAML specification. | string |
null |
no |
| security_group_ids | List of VPC security group id's. | list(string) |
[] |
no |
| subnet_ids | The subnet id where to deploy the OpenSearch cluster. | list(string) |
[] |
no |
| tags | A mapping of tags to assign to the OpenSearch cluster. | map(string) |
{} |
no |
| tls_security_policy | Name of TLS security policy to use at HTTPS endpoint. | string |
"Policy-Min-TLS-1-2-2019-07" |
no |
| vpc_id | The VPC id where to deploy the OpenSearch cluster. | string |
null |
no |
| warm_enabled | Enable warm nodes. | bool |
false |
no |
| warm_instance_count | The number of dedicated warm nodes in the cluster. | number |
3 |
no |
| warm_instance_type | The type of EC2 instances to run for each warm node. | string |
"ultrawarm1.medium.elasticsearch" |
no |
| Name | Description |
|---|---|
| cluster_endpoint | The endpoint URL of the OpenSearch cluster. |
| cluster_name | The name of the OpenSearch cluster. |
| cluster_version | The version of the OpenSearch cluster. |
| kibana_endpoint | The endpoint URL of Kibana. |
| opensearch_domain_arn | Return ARN of the OpenSearch cluster domain. |
| opensearch_domain_id | The domain id of the OpenSearch cluster. |