elasticsearch-domain
dod-iac/elasticsearch-domain/aws
Creates an Amazon Elasticsearch Service domain with secure defaults.
Install
README
Usage Creates an Amazon Elasticsearch Service domain with secure defaults. This module always requires node-to-node encryption, encryption at rest, HTTPS endpoints, and use of a VPC. ``hcl module "elasticsearch_domain" { source = "dod-iac/elasticsearch-domain/aws" domain_name = format("app-%s-%s", var.application, var.environment) kms_key_id = var.kms_key_id subnet_ids = slice(module.vpc.private_subnets, 0, 1) security_group_ids = [aws_security_group.elasticsearch.id] tags = { Application = var.application Environment = var.environment Automation = "Terraform" } } ` The IAM service-linked role for Amazon Elasticsearch Service is required before you can create a domain. If the role does not exist, then you can create the role with the following resource. `hcl resource "aws_iam_service_linke
Inputs (13)
| Name | Type | Description | Default |
|---|---|---|---|
| domain_name | string | Name of the domain. | |
| security_group_ids | list(string) | List of VPC Security Group IDs to be applied to the Elasticsearch domain endpoin | |
| volume_type | string | The type of EBS volumes attached to data nodes. | "gp2" |
| access_policies | string | IAM policy document specifying the access policies for the domain. | "" |
| automated_snapshot_start_hour | string | Hour during which the service takes an automated daily snapshot of the indices i | 23 |
| instance_count | number | Number of instances in the cluster. | 1 |
| kms_key_id | string | The KMS key id to encrypt the Elasticsearch domain with. If not specified then i | "" |
| instance_type | string | Instance type of data nodes in the cluster. | "r5.large.elasticsearch" |
| tls_security_policy | string | The name of the TLS security policy that needs to be applied to the HTTPS endpoi | "Policy-Min-TLS-1-2-2019-07" |
| elasticsearch_version | string | The version of Elasticsearch to deploy. | "7.7" |
| subnet_ids | list(string) | List of VPC Subnet IDs for the Elasticsearch domain endpoints to be created in. | [] |
| tags | map(string) | Tags applied to the KMS key. | {} |
| volume_size | number | The size of EBS volumes attached to data nodes (in GB). Required if ebs_enabled | 20 |
Resources (1)
Topics & Tags
Details
Similar packages
Azure landing zones Terraform module
Terraform supermodule for the Terraform platform engineering for Azure
Terraform module to deploy landing zone subscriptions (and much more) in Azure
Terraform Module to define a consistent naming convention by (namespace, stage,