This module will deploy a brand new AWS ElasticSearch domain to a VPC. It can be used for creating the EFK stack or any other needed ElasticSearch services.
Please read the Pre Commit documentation for more information on how to install and use the pre-commit hooks.
| Name | Version |
|---|---|
| terraform | >= 0.14 |
| aws | ~> 3.0, < 4.0.0 |
| Name | Type |
|---|---|
| aws_cloudwatch_log_group.logs | resource |
| aws_cloudwatch_log_resource_policy.logs_policy | resource |
| aws_elasticsearch_domain.es_domain | resource |
| aws_iam_service_linked_role.es | resource |
| aws_security_group.es | resource |
| aws_caller_identity.current | data source |
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| domain | Name of Elasticsearch domain to create | string |
n/a | yes |
| elasticsearch_version | Version of Elasticsearch to use | string |
n/a | yes |
| instance_count | Number of Elasticsearch nodes to create | string |
n/a | yes |
| instance_type | AWS instance type to use for Elasticsearch nodes. | string |
n/a | yes |
| private_subnets | Subnet IDs that can access Elasticsearch (once created). Typically the worker security group ID created by the EKS module. | list(string) |
n/a | yes |
| private_subnets_cidrs | The CIDR of IPs that should be able to access Elasticsearch. Typically the CIDR of worker nodes created by the EKS module. | list(string) |
n/a | yes |
| region | AWS region to create resources within | string |
n/a | yes |
| volume_size | Size of disk provisioned for Elasticsearch instances in GB. | string |
n/a | yes |
| vpc_id | VPC ID to create Elasticsearch domain within. | string |
n/a | yes |
| create_iam_service_linked_role | Create an AWS Service-Linked Role for use by Elasticsearch. The service linked role is used to provide the Elasticsearch cluster with the appropriate permissions to run. This should be 'true' for the first Elasticsearch cluster you create, and 'false' thereafter. (Only one service-linked role can be created per AWS account and it is shared by all ES domains.) More info at https://docs.aws.amazon.com/IAM/latest/UserGuide/using-service-linked-roles.html | string |
true |
no |
| create_log_group | Boolean that defines if the Log Group will be created or not | bool |
false |
no |
| dedicated_master_count | Determines how many dedicated master should be created (dedicated_master_enabled should be ture) | number |
3 |
no |
| dedicated_master_enabled | Determines if a dedicated master insatance is needed | bool |
false |
no |
| dedicated_master_type | Determines the type of dedicated master instances that should be created (dedicated_master_enabled should be ture) | string |
"c5.large.elasticsearch" |
no |
| ebs_type | Ebs type of volume | string |
"gp2" |
no |
| encrypt_at_rest | Whether or not to use encryption-at-rest for the newly created elasticsearch cluster. Needs to be disabled if using older instance types like t2 and m3 that do not support encryption. | bool |
true |
no |
| multiaz | Determines if the elasticsearch should be deployed to two AZs. (Default false) | bool |
false |
no |
| node_to_node_encryption | Whether or not to use node-node encryption for the newly created ES domain. Requires elasticsearch_version version >= 6 |
string |
false |
no |
| tags | A set of AWS tags to tag the resulting Elasticsearch cluster with. | map(string) |
{} |
no |
| Name | Description |
|---|---|
| endpoint | Domain-specific HTTPS endpoint used to submit index, search, and data upload requests. |