| create |
Controls if resources should be created (affects nearly all resources) |
bool |
true |
no |
| tags |
A map of tags to add to all resources |
map(string) |
{} |
no |
| domain_name |
Name of the Elasticsearch domain |
string |
n/a |
yes |
| elasticsearch_version |
Version of Elasticsearch to deploy |
string |
7.10 |
no |
| advanced_options |
Key-value string pairs to specify advanced configuration options |
map(string) |
{} |
no |
| advanced_security_options_enabled |
Whether advanced security is enabled |
bool |
false |
no |
| advanced_security_options_internal_user_database_enabled |
Whether the internal user database is enabled |
bool |
false |
no |
| advanced_security_options_\master_user_arn |
ARN for the main user. If not specified, then it defaults to using the IAM user that is making the request |
string |
"" |
no |
| advanced_security_options_master_\user_name |
Main user's username, which is stored in the Amazon Elasticsearch Service domain's internal database. Applicable if advanced_security_options_internal_user_database_enabled set to true |
string |
"" |
no |
| advanced_security_options_master_user_password |
Main user's password, which is stored in the Amazon Elasticsearch Service domain's internal database. Applicable if advanced_security_options_internal_user_database_enabled set to true |
string |
"" |
no |
| auto_tune_options_enabled |
Whether auto tune options are enabled |
bool |
false |
no |
| auto_tune_options_rollback_on_disable |
Whether to roll back to default Auto-Tune settings when disabling Auto-Tune |
string |
NO_ROLLBACK |
no |
| auto_tune_options_maintenance_schedule_cron_expression |
A cron expression specifying the recurrence pattern for an Auto-Tune maintenance schedule |
string |
"" |
no |
| auto_tune_options_maintenance_schedule_start_at |
Date and time at which to start the Auto-Tune maintenance schedule in RFC3339 format |
string |
"" |
no |
| auto_tune_options_maintenance_schedule_duration_value |
An integer specifying the value of the duration of an Auto-Tune maintenance window |
number |
0 |
no |
| cluster_config |
Cluster configuration |
object({
cold_storage_options_enabled = optional(bool, false)
dedicated_master_enabled = optional(bool, true)
dedicated_master_count = optional(number, 3)
dedicated_master_type = optional(string, "m6g.large.elasticsearch")
instance_count = optional(number, 3)
instance_type = optional(string, "r6g.large.elasticsearch")
warm_enabled = optional(bool, false)
warm_count = optional(number, 2)
warm_type = optional(string, "ultrawarm1.medium.elasticsearch")
availability_zones = optional(number, 3)
}) |
{} |
no |
| cognito_options_enabled |
Whether Amazon Cognito authentication with Kibana is enabled or not |
bool |
false |
no |
| cognito_options |
Configuration block for authenticating Kibana with Cognito |
object({
identity_pool_id = string
role_arn = string
user_pool_id = string
}) |
{
"identity_pool_id": "",
"role_arn": "",
"user_pool_id": ""
} |
no |
| domain_endpoint_enforce_https |
Whether or not to require HTTPS |
bool |
true |
no |
| domain_endpoint_tls_security_policy |
Name of the TLS security policy that needs to be applied to the HTTPS endpoint. Valid values: Policy-Min-TLS-1-0-2019-07 and Policy-Min-TLS-1-2-2019-07 |
string |
"Policy-Min-TLS-1-2-2019-07" |
no |
| domain_endpoint_custom_endpoint_enabled |
Whether to enable custom endpoint for the Elasticsearch domain |
bool |
false |
no |
| domain_endpoint_custom_endpoint |
Fully qualified domain for your custom endpoint |
string |
"" |
no |
| domain_endpoint_custom_endpoint_certificate_arn |
ACM certificate ARN for your custom endpoint |
string |
"" |
no |
| ebs_enabled |
Whether EBS volumes are attached to data nodes in the domain |
bool |
false |
no |
| ebs_iops |
Baseline input/output (I/O) performance of EBS volumes attached to data nodes. Applicable only for the GP3 and Provisioned IOPS EBS volume types |
number |
3000 |
no |
| ebs_throughput |
(Required if volume_type is set to gp3) Specifies the throughput (in MiB/s) of the EBS volumes attached to data nodes. Applicable only for the gp3 volume type |
number |
125 |
no |
| ebs_volume_size |
(Required if ebs_enabled is set to true.) Size of EBS volumes attached to data nodes (in GiB) |
number |
10 |
no |
| ebs_volume_type |
Type of EBS volumes attached to data nodes |
string |
"gp3" |
no |
| encrypt_at_rest_enabled |
Whether to enable encryption at rest |
bool |
true |
no |
| encrypt_at_rest_kms_key_id |
KMS key ARN to encrypt the Elasticsearch domain with |
string |
"" |
no |
| log_publishing_options |
Configuration block for publishing slow and application logs to CloudWatch Logs |
list(object({
enabled = optional(bool, true)
cloudwatch_log_group_arn = string
log_type = string
})) |
[] |
no |
| node_to_node_encryption_enabled |
Whether to enable node-to-node encryption |
bool |
true |
no |
| vpc_enabled |
Whether the cluster is running inside a VPC |
bool |
false |
no |
| subnet_ids |
The list of VPC subnet IDs to use |
list(string) |
[] |
no |
| security_group_ids |
The list of VPC security groups IDs to attach |
list(string) |
[] |
no |
| domain_policy |
Policy for Elasticsearch domain |
string |
"" |
no |
| saml_enabled |
Whether SAML authentication is enabled |
bool |
false |
no |
| saml_config |
SAML config |
object({
idp_entity_id = string
idp_metadata_content = string
master_backend_role = optional(string, null)
master_user_name = optional(string, null)
roles_key = optional(string, null)
session_timeout_minutes = optional(number, null)
subject_key = optional(string, null)
}) |
{
"idp_entity_id": "",
idp_metadata_content: ""
} |
no |
React
Typescript
Django
Laravel
Facebook
Microsoft
Google
Alibaba
D3
Tencent