Usage:
data "aws_region" "current" {}
data "aws_caller_identity" "current" {}
module "es-cluster" {
source = "git::https://github.com/egarbi/terraform-aws-es-cluster"
name = "example"
vpc_id = "vpc-xxxxx"
subnet_ids = [ "subnet-one" ]
zone_id = "ZA863HSKDDD9"
itype = "m4.large.elasticsearch"
ingress_allow_cidr_blocks = [ "10.20.0.0/16", "10.22.0.0/16" ]
access_policies = <<CONFIG
{
"Version": "2012-10-17",
"Statement": [
{
"Action": "es:*",
"Principal": "*",
"Effect": "Allow",
"Resource": "arn:aws:es:${data.aws_region.current.name}:${data.aws_caller_identity.current.account_id}:domain/example/*"
}
]
}
CONFIG
}
Note On Multi-AZ Support:
AWS Supports up to 3 AZ's for a multi-az configuration. Understand that if you operate in more than 3 AZ's and you choose to deploy master nodes, only 3 AZ's will be supported and any more than that may result in TF returning AWS API errors.
For more information see here
Name | Description | Type | Default | Required |
---|---|---|---|---|
access_policies | IAM policy document specifying the access policies for the domain. | string | "" |
no |
create_iam_service_linked_role | Control the creation of the default service role, set it to false if you have already created it. | bool | true | no |
dedicated_master | Indicates whether our cluster have dedicated master nodes enabled. | string | "false" |
no |
elasticsearch_version | Elastic Search Service cluster version number. | string | "5.5" |
no |
encryption_enabled | Enable encription in Elastic Search. | string | "false" |
no |
encryption_kms_key_id | Enable encription in Elastic Search. | string | "" |
no |
icount | Elastic Search Service cluster Ec2 instance number. | string | "1" |
no |
indices_fielddata_cache_size | Percentage of Java heap space allocated to field data. | string | "" |
no |
indices_query_bool_max_clause_count | Maximum number of clauses allowed in a Lucene boolean query. | string | "1024" |
no |
ingress_allow_cidr_blocks | Specifies the ingress CIDR blocks allowed. | list | <list> |
no |
ingress_allow_security_groups | Specifies the ingress security groups allowed. | list | <list> |
no |
itype | Elastic Search Service cluster Ec2 instance type. | string | "m4.large.elasticsearch" |
no |
mcount | Elastic Search Service cluster dedicated master Ec2 instance number. | string | "0" |
no |
mtype | Elastic Search Service cluster dedicated master Ec2 instance type. | string | "" |
no |
name | Elastic Search Service cluster name. | string | n/a | yes |
rest_action_multi_allow_explicit_index | Specifies whether explicit references to indices are allowed inside the body of HTTP requests. | string | "true" |
no |
snapshot_start | Elastic Search Service maintenance/snapshot start time. | string | "0" |
no |
subnet_ids | List of VPC Subnet IDs for the Elastic Search Service EndPoints will be created. | list | n/a | yes |
volume_size | Default size of the EBS volumes. | string | "35" |
no |
volume_type | Default type of the EBS volumes. | string | "gp2" |
no |
vpc_id | Vpc id where the Elastic Search Service cluster will be launched. | string | n/a | yes |
zone_awareness | Indicates whether zone awareness is enabled. | string | "false" |
no |
zone_id | Route 53 zone id where the DNS record will be created. | string | "" |
no |
Name | Description |
---|---|
es_arn | Amazon Resource Name (ARN) of the domain |
es_availability_zones_ids | If the domain was created inside a VPC, the names of the availability zones the configured subnet_ids were created inside. |
es_domain_id | Unique identifier for the domain. |
es_endpoint | Domain-specific endpoint used to submit index, search, and data upload requests. |
es_kibana_endpoint | Domain-specific endpoint for kibana without https scheme. |
es_sg | The SG id created to allow communication with ElasticSearch cluster. |
es_vpc_ids | The VPC ID if the domain was created inside a VPC. |