aws::elasticsearch-domain¶

Creates an elasticsearch domain.

Example¶

aws::elasticsearch-domain elasticsearch-domain-example
    domain-name: "testdomain"
    elastic-search-version: "7.1"

    ebs-options
        enable-ebs: true
        volume-type: standard
        volume-count: 10
    end

    node-to-node-encryption-options
        enable-node-to-node-encryption: true
    end

    encryption-at-rest-options
        enable-encryption-at-rest: true
    end

    cluster-configuration
        enable-zone-awareness: true
        instance-count: 4

        zone-awareness-configuration
            availability-zone-count: 2
        end
    end

    domain-endpoint-options
        enforce-https: true
    end

    advanced-security-options
        enable-advanced-security-options: true
        enable-internal-user-database: true

        master-user-options
            master-username: "masteruser"
            master-password: "MasterUser1!"
        end
    end

    access-policies: "access-policy.json"

    advanced-options: {
        "indices.query.bool.max_clause_count": "1026"
    }

    tags: {
        "description": "Test Domain"
    }

    vpc-options
        subnets: [
            $(aws::subnet example-subnet-1),
            $(aws::subnet example-subnet-3)
        ]

        security-groups: [
            $(aws::security-group example-security-group)
        ]
    end
end

Attributes¶

Attribute	Description
elastic-search-version	The version of ElasticSearch. Defaults to `1.5`.
domain-name	The name of the Elasticsearch Domain. The name can be a combination of lowercase letters, numbers, or hyphens (`-`) and it must start with a lowercase letter. It can be between `3` to `28` characters in length. Valid values satisfy the regex: `[^[a-z]([a-z]\|[0-9]\|-){2,27}$]`. (Required)
ebs-options subresource	The Elastic Block Storage options configuration. enable-ebs Enable the EBS volume, a block level storage device. (Required) volume-type The volume type for the EBS-based storage. Can only be set if `enable-ebs` is set to `true`. Valid values are `standard`, `gp2`, `gp3` or `io1`. volume-count The size of the EBS volume. Can only be set if `enable-ebs` is set to `true`. Valid values are between `10` to `1024`. iops The baseline I/O performance for the EBS volume. Only used by Provisioned IOPS volumes. Can only be set if `enable-ebs` is set to `true`. Valid values are between `1000` to `16000`.
cluster-configuration subresource	The Elasticsearch Domain cluster configuration. enable-zone-awareness Enable zone awareness for the domain. zone-awareness-configuration subresource The zone awareness options configuration. Can only be set if `enable-zone-awareness` is set. availability-zone-count The number of availability zones for a domain when zone awareness is enabled. (Required) instance-type The instance type for the Elasticsearch domain cluster. Defaults to `m4.large_elasticsearch`. instance-count The number of nodes in the specified domain cluster. Defaults to `1`. Valid values are between `0` to `40`. dedicated-master-enabled Dedicate master nodes to the domain cluster. Defaults to `false`. dedicated-master-type The instance type for the dedicated master nodes. Defaults to `m4.large_elasticsearch`. Can only be set if `dedicated-master-enabled` is set. dedicated-master-count The number of dedicated master nodes for the cluster. Defaults to `3`. Can only be set if `dedicated-master-enabled` is set. Valid values are between `2` to `5`. enable-warm Enable warm storage. Defaults to `false`. warm-count The number of warm nodes in the cluster. Defaults to `3`. Can only be set if `enable-warm` is set. Minimum allowed value is `3`. warm-type The instance type for warm nodes. Defaults to `ultrawarm1.medium.elasticsearch`. Valid values are `ultrawarm1.medium.elasticsearch` or `ultrawarm1.large.elasticsearch`. Can only be set if `enable-warm` is set.
snapshot-options subresource	The automated snapshot time configuration. automated-snapshot-start-hour The hour, in UTC format, when the service takes a daily automated snapshot of the specified Elasticsearch domain. Valid values are between `0` to `23`. (Required)
access-policies	The Json formatted IAM access policies. It can either be a JSON formatted string or the file path to a `.json` file.
advanced-options map	Configure advanced options for the cluster to allow references to indices in an HTTP request body. The valid options are `rest.action.multi.allow_explicit_index`: `true` \| `false` `indices.fielddata.cache.size`: A number between `1` and `100` `indices.query.bool.max_clause`: A number between `1` and `2147483647`.
node-to-node-encryption-options subresource	The node to node encryption options configuration. enable-node-to-node-encryption Enable node to node encryption to prevent potential interception of traffic between Elasticsearch nodes. (Required)
domain-endpoint-options subresource	The Elasticsearch domain endpoint options configuration. enforce-https Enforce HTTPS endpoints for the Elasticsearch cluster. (Required) tls-security-policy The TLS security policy that needs to be applied to the HTTPS endpoints of the Elasticsearch domain. Valid values are `Policy-Min-TLS-1-0-2019-07` or `Policy-Min-TLS-1-2-2019-07`.
encryption-at-rest-options subresource	The encryption at rest options configuration. enable-encryption-at-rest Enable encryption at rest to prevent unauthorized access to the data. (Required) kms-key-resource The KMS key resource for encryption options. Can only be set if `enable-encryption-at-rest` is set to `true`.
vpc-options subresource	The VPC options configuration. subnets set The list of subnets in the same region for the VPC endpoint. One subnet per availability zone. (Required) security-groups set The list if security groups for the VPC endpoint that need to access the domain. (Required)
advanced-security-options subresource	The advanced security options configuration. enable-advanced-security-options Enable advanced security for the domain. (Required) enable-internal-user-database Enable the Internal User Database. master-user-options subresource The master user options configuration. Can only be set if `enable-advanced-security-options` is set to `true`. master-username The master username stored in the domain’s internal database. Cannot be set if `master-user-arn` is set. master-password The master password stored in the domain’s internal database. Cannot be set if `master-user-arn` is set. master-user-arn The master user’s Amazon Resource Number. Cannot be set if any of `master-username` or `master-password` is set.
tags map	The list of tags.

Outputs¶

Attribute	Description
id	The ID of the Elasticsearch domain.
arn	The Amazon Resource Name of an Elasticsearch domain.