This module is the Terraform code to provide the AWS Elasticsearch Service inside AWS VPC and ECS Fargate Nginx proxy server so that you can access kibana from outside.
$ ENCODED_CONFIG=$(cat assets/default.template | base64)
$ docker run --rm \
-eKIBANA_HOST=KIBANA_HOST \
-eES_HOST=es-host.test.com \
-p8080:80 \
nginx:1.19.9-alpine \
/bin/sh -c "echo $ENCODED_CONFIG | base64 -d > /tmp/default.template && envsubst < /tmp/default.template > /etc/nginx/conf.d/default.conf && cat /etc/nginx/conf.d/default.conf && nginx -g 'daemon off;'"
- Modify
.tfordefault.templatefile. - Taint terraform task definition state then apply it. Example:
$ terraform taint module.module-name.aws_ecs_task_definition.main
$ terraform apply
- Go AWS ECS Console, select cluster - Service -
Updatethen select the latest task definition
The default master user's name is admin and password is Change-me!-123.
When you first access Kibana, please change your password
from the profile icon Reset password menu in the upper right corner.
| Name | Version |
|---|---|
| terraform | >= 0.14.0 |
| aws | ~> 3.0 |
| random | ~> 3.0 |
| Name | Version |
|---|---|
| aws | ~> 3.0 |
| random | ~> 3.0 |
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| alb_ssl_policy | n/a | string |
"ELBSecurityPolicy-2016-08" |
no |
| consumer_security_group_id | n/a | string |
null |
no |
| create_consumer_security_group | n/a | bool |
false |
no |
| es_availability_zone_count | Number of Availability Zones for the domain to use with zone_awareness_enabled. 1 means the zone_awareness_enabled is false | number |
1 |
no |
| es_ebs_volume_size | n/a | number |
10 |
no |
| es_encrypt_at_rest | n/a | bool |
false |
no |
| es_master_node_count | Dedicated master node count. 0 means that dedecated master nodes are not used. | number |
0 |
no |
| es_master_node_type | n/a | string |
"m3.medium.elasticsearch" |
no |
| es_master_user_password | n/a | string |
"Change-me!-123" |
no |
| es_node_count | For two or three Availability Zones, we recommend instances in multiples of az count for equal distribution across the Availability Zones. | number |
1 |
no |
| es_node_to_node_encryption | n/a | bool |
false |
no |
| es_node_type | n/a | string |
"t3.medium.elasticsearch" |
no |
| kibana_custom_domain | Domain for kibana access | string |
n/a | yes |
| name_prefix | For most of resource names | string |
"terraform-es" |
no |
| name_suffix | If omitted, random string is used. | string |
"" |
no |
| private_subnet_cidr_blocks | n/a | list(string) |
[] |
no |
| private_subnet_ids | n/a | list(string) |
[] |
no |
| public_subnet_cidr_blocks | n/a | list(string) |
[] |
no |
| public_subnet_ids | n/a | list(string) |
[] |
no |
| route53_zone_id | Route53 zone id for kibana_proxy_host | string |
n/a | yes |
| service_ingress_cidr_rules | n/a | list(string) |
[ |
no |
| tags | n/a | map(string) |
{} |
no |
| use_vpc | n/a | bool |
true |
no |
| vpc_id | If you provide vpc_id, elasticsearch will be deployed in that vpc. Or it is distributed outside the vpc. | string |
n/a | yes |
| Name | Description |
|---|---|
| es_name | elasticsearch_domain name |
| output | Resource information for accessing elasticsearch |