diff --git a/example/main.tf b/example/main.tf index 113685a..230bbce 100644 --- a/example/main.tf +++ b/example/main.tf @@ -9,8 +9,10 @@ provider "elasticsearch" { module "opensearch" { source = "../" + enabled = true + cluster_name = var.cluster_name - cluster_version = "OpenSearch_2.11" + cluster_version = "OpenSearch_2.7" subnet_ids = var.subnet_ids security_group_ids = var.security_group_ids @@ -20,5 +22,7 @@ module "opensearch" { ebs_enabled = true ebs_volume_size = 50 + saml_options_enabled = false + cloudwatch_log_enabled = true } diff --git a/main.tf b/main.tf index e722cde..19f4347 100644 --- a/main.tf +++ b/main.tf @@ -54,7 +54,9 @@ resource "aws_elasticsearch_domain" "opensearch" { enabled = true internal_user_database_enabled = var.internal_user_database_enabled master_user_options { - master_user_arn = var.master_user_arn + master_user_arn = var.internal_user_database_enabled ? var.master_user_arn : null + master_user_name = var.internal_user_database_enabled ? var.master_user_name : null + master_user_password = var.internal_user_database_enabled ? var.master_user_password : null } } @@ -95,8 +97,9 @@ resource "aws_elasticsearch_domain" "opensearch" { } auto_tune_options { - desired_state = var.autotune_options.desired_state - rollback_on_disable = var.autotune_options.rollback_on_disable + desired_state = var.autotune_enabled ? var.autotune_options.desired_state : "DISABLED" + rollback_on_disable = var.autotune_enabled ? var.autotune_options.rollback_on_disable : null + maintenance_schedule { start_at = var.autotune_options.maintenance_schedule.start_at duration { @@ -112,6 +115,7 @@ resource "aws_elasticsearch_domain" "opensearch" { resource "aws_elasticsearch_domain_saml_options" "opensearch_saml_options" { domain_name = var.cluster_name + count = var.saml_options_enabled ? 1 : 0 saml_options { enabled = var.saml_options_enabled master_backend_role = var.saml_options_master_backend_role diff --git a/outputs.tf b/outputs.tf index 7f030db..f4cf981 100644 --- a/outputs.tf +++ b/outputs.tf @@ -20,7 +20,7 @@ output "cluster_endpoint" { output "cluster_version" { description = "The version of the OpenSearch cluster." - value = replace(aws_elasticsearch_domain.opensearch[*].elasticsearch_version, "OpenSearch_", "") + value = [for i in aws_elasticsearch_domain.opensearch[*] : replace(i.elasticsearch_version, "OpenSearch_", "")] } output "kibana_endpoint" { diff --git a/variables.tf b/variables.tf index 6273665..2568101 100644 --- a/variables.tf +++ b/variables.tf @@ -164,6 +164,18 @@ variable "master_user_arn" { default = null } +variable "master_user_name" { + description = "Name of the main user." + type = string + default = null +} + +variable "master_user_password" { + description = "Password of the main user." + type = string + default = null +} + variable "encrypt_kms_key_id" { description = "KMS key id to encrypt OpenSearch domain with." type = string @@ -266,6 +278,12 @@ variable "saml_options_idp_metadata_content" { default = null } +variable "autotune_enabled" { + type = bool + description = "Enable autotune options" + default = false +} + variable "autotune_options" { type = object({ desired_state = string @@ -281,7 +299,7 @@ variable "autotune_options" { rollback_on_disable = "NO_ROLLBACK" maintenance_schedule = { cron_expression = "value" - duration = 0 + duration = 1 start_at = "2000-01-01T00:00:00.00Z" } }