opensearch
idealo/opensearch/aws
Terraform module to provision an OpenSearch cluster with SAML authentication.
AWS OpenSearch Terraform Module Terraform module to provision an OpenSearch cluster with SAML authentication. Prerequisites - A hosted zone to route traffic to your OpenSearch domain - An entityID and metadata XML from your SAML identity provider (in case saml_enabled = true) Features - Create an AWS OpenSearch cluster with SAML authentication - All node types with local NVMe for high IO performance are supported - Create or manage various OpenSearch resources: - Index templates - Indices - ISM policies - Roles - Role mappings Usage This example is using Azure AD as SAML identity provider. ``terraform locals { cluster_name = "opensearch" cluster_domain = "example.com" saml_entity_id = "https://sts.windows.net/XXX-XXX-XXX-XXX-XXX/" saml_metadata_url = "https://login.microsoftonline.com/XXX-
| Name | Type | Description | Default |
|---|---|---|---|
| cluster_domain | string | The hosted zone name of the OpenSearch cluster. | |
| vpc_enabled | bool | Indicates whether the cluster is running inside a VPC. | false |
| access_policies | string | IAM policy document specifying the access policies for the domain. | null |
| cluster_version | string | The version of OpenSearch to deploy. | "2.11" |
| warm_instance_count | number | The number of dedicated warm nodes in the cluster. | 3 |
| ebs_volume_size | number | The size of EBS volumes attached to data nodes (in GiB). | 10 |
| ebs_throughput | number | The throughput (in MiB/s) of the EBS volumes attached to data nodes. Valid value | 125 |
| saml_roles_key | string | Element of the SAML assertion to use for backend roles. | "http://schemas.microsoft.com/ws/2008/06 |
| index_files | set(string) | A set of all index files to create. | [] |
| advanced_options | map(string) | Key-value string pairs to specify advanced configuration options. | null |
| auto_tune_options | object({ maintenance_sched | Configuration block for auto-tune options. The maintenance schedule block is req | {
"maintenance_schedule": [],
"rollb |
| create_service_role | bool | Indicates whether to create the service-linked role. See https://docs.aws.amazon | true |
| encrypt_kms_key_id | string | The KMS key ID to encrypt the OpenSearch cluster with. If not specified, then it | "" |
| saml_session_timeout | number | Duration of a session in minutes after a user logs in. Default is 60. Maximum va | 60 |
| master_instance_type | string | The type of EC2 instances to run for each master node. A list of available insta | "r6gd.large.elasticsearch" |
| availability_zones | number | The number of availability zones for the OpenSearch cluster. Valid values: 1, 2 | 3 |
| roles | map(any) | A map of all roles to create. | {} |
| advanced_security_options_internal_user_database_enabled | bool | Whether to enable or not internal Kibana user database for ELK OpenDistro securi | false |
| encrypt_at_rest_enabled | bool | Configuration block for encrypt at rest options | true |
| ebs_enabled | bool | Indicates whether attach EBS volumes to the data nodes. | false |
| ebs_volume_type | string | The type of EBS volumes attached to data nodes. | "gp3" |
| … and 10 more inputs | |||
cluster_endpoint — The endpoint URL of the OpenSearch cluster.kibana_endpoint — The endpoint URL of the OpenSearch dashboards.cluster_name — The name of the OpenSearch cluster.cluster_version — The version of the OpenSearch cluster.Azure landing zones Terraform module
Terraform supermodule for the Terraform platform engineering for Azure
Terraform module to deploy landing zone subscriptions (and much more) in Azure
Terraform Module to define a consistent naming convention by (namespace, stage,