-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
3 changed files
with
220 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,71 @@ | ||
| # Property Validation Elasticsearch Module | ||
|
|
||
| This module creates an Elasticsearch (AWS OpenSearch) cluster in AWS using Terraform. | ||
|
|
||
| The resource will be created in the VPC that is specified by your variables, and it will set up the necessary security groups and IAM roles for access. | ||
|
|
||
| ## Usage | ||
|
|
||
| ### Reference In Another Project: | ||
|
|
||
| ```terraform | ||
| module "property_validation_es" { | ||
| source = "github.com/<your-org>/terraform-modules//property-validation-es" | ||
| project_name = "[your project name]" | ||
| environment = "[your environment]" | ||
| vpc_id = "[VPC ID]" | ||
| subnet_ids = ["[Subnet ID]"] | ||
| elasticsearch_instance_type = "[Instance type]" | ||
| aws_region = "[AWS Region]" | ||
| aws_tags = { | ||
| "Name" = "[Resource name]" | ||
| // other tags | ||
| } | ||
| } | ||
| ``` | ||
|
|
||
| ### Use Independently: | ||
| - Set values for the required variables and save it in `vars.tfvars`: | ||
| ```bash | ||
| project_name = "[your project name]" | ||
| environment = "[your environment]" | ||
| vpc_id = "[VPC ID]" | ||
| subnet_ids = ["[Subnet ID]"] | ||
| elasticsearch_instance_type = "[Instance type]" | ||
| aws_region = "[AWS Region]" | ||
| aws_tags = { | ||
| "Name" = "[Resource name]" | ||
| // additional tags | ||
| } | ||
| ``` | ||
| - Initialise Terraform: | ||
| ```bash | ||
| terraform init | ||
| ``` | ||
| Terraform will prompt you for a path to your state file in a state bucket. To bypass this prompt, you can include this value in the `terraform {}` block at the top of your `main.tf` file. | ||
| - Plan: | ||
| ```bash | ||
| terraform plan -out=es_plan.tfplan | ||
| ``` | ||
| - Create the resources: | ||
| ```bash | ||
| terraform apply "es_plan.tfplan" | ||
| ``` | ||
|
|
||
| ## Inputs | ||
|
|
||
| | Name | Description | Type | Required | | ||
| |------|-------------|:----:|:--------:| | ||
| | project_name | The name of the project. | `string` | yes | | ||
| | environment | Target environment. Must be one of: `dev`, `stg`, `prod`. | `string` | yes | | ||
| | aws_region | AWS region to deploy to. | `string` | yes | | ||
| | subnet_ids | Subnet IDs to use for the Elasticsearch cluster. | `list(string)` | yes | | ||
| | vpc_id | VPC ID to use for the Elasticsearch cluster. | `string` | yes | | ||
| | elasticsearch_instance_type | Instance type to use for the Elasticsearch cluster. | `string` | yes | | ||
| | aws_tags | A map of tags to assign to the resources. | `map(string)` | yes | | ||
|
|
||
|
|
||
| ## Outputs | ||
| - `endpoint`: The endpoint of the created Elasticsearch domain. | ||
|
|
||
| Replace placeholder values like `[your project name]`, `[your environment]`, and other placeholders with actual values relevant to your project. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,111 @@ | ||
| locals { | ||
| domain_name = "${lower(var.project_name)}-es-${var.environment}" | ||
| } | ||
|
|
||
| data "aws_vpc" "property_validation" { | ||
| id = var.vpc_id | ||
| } | ||
|
|
||
| data "aws_caller_identity" "current" {} | ||
|
|
||
| resource "aws_security_group" "property_validation" { | ||
| name = lower("${var.project_name}-${var.environment}-es-sg") | ||
| description = "Managed by Terraform" | ||
| vpc_id = data.aws_vpc.property_validation.id | ||
|
|
||
| ingress { | ||
| from_port = 443 | ||
| to_port = 443 | ||
| protocol = "tcp" | ||
|
|
||
| cidr_blocks = [ | ||
| data.aws_vpc.property_validation.cidr_block, | ||
| ] | ||
| } | ||
| ingress { | ||
| from_port = 80 | ||
| to_port = 80 | ||
| protocol = "tcp" | ||
|
|
||
| cidr_blocks = [ | ||
| data.aws_vpc.property_validation.cidr_block, | ||
| ] | ||
| } | ||
| ingress { | ||
| from_port = 9300 | ||
| to_port = 9300 | ||
| protocol = "tcp" | ||
|
|
||
| cidr_blocks = [ | ||
| data.aws_vpc.property_validation.cidr_block, | ||
| ] | ||
| } | ||
| ingress { | ||
| from_port = 9200 | ||
| to_port = 9200 | ||
| protocol = "tcp" | ||
|
|
||
| cidr_blocks = [ | ||
| data.aws_vpc.property_validation.cidr_block, | ||
| ] | ||
| } | ||
| tags = var.aws_tags | ||
| } | ||
|
|
||
| resource "aws_iam_service_linked_role" "property_validation" { | ||
| aws_service_name = "opensearchservice.amazonaws.com" | ||
| } | ||
|
|
||
| data "aws_iam_policy_document" "property_validation" { | ||
| statement { | ||
| effect = "Allow" | ||
|
|
||
| principals { | ||
| type = "AWS" | ||
| identifiers = ["*"] | ||
| } | ||
|
|
||
| actions = ["es:*"] | ||
| resources = [ | ||
| "arn:aws:es:${var.aws_region}:${data.aws_caller_identity.current.account_id}:domain/${local.domain_name}/*", | ||
| "arn:aws:es:${var.aws_region}:${data.aws_caller_identity.current.account_id}:domain/${local.domain_name}" | ||
| ] | ||
| } | ||
| } | ||
|
|
||
| resource "aws_opensearch_domain" "property_validation" { | ||
| depends_on = [aws_iam_service_linked_role.property_validation] | ||
|
|
||
| domain_name = local.domain_name | ||
| engine_version = "Elasticsearch_7.10" | ||
| # engine_version = "OpenSearch_2.11 | ||
| ebs_options { | ||
| ebs_enabled = true | ||
| volume_size = 70 | ||
| } | ||
| cluster_config { | ||
| instance_type = var.elasticsearch_instance_type | ||
| zone_awareness_enabled = false | ||
| # instance_count = 2 | ||
| } | ||
|
|
||
| vpc_options { | ||
| subnet_ids = [ | ||
| var.subnet_ids[0] | ||
| ] | ||
|
|
||
| security_group_ids = [aws_security_group.property_validation.id] | ||
| } | ||
|
|
||
| advanced_options = { | ||
| "rest.action.multi.allow_explicit_index" = "true" | ||
| } | ||
|
|
||
| access_policies = data.aws_iam_policy_document.property_validation.json | ||
|
|
||
| tags = var.aws_tags | ||
| } | ||
|
|
||
| output "endpoint" { | ||
| value = aws_opensearch_domain.property_validation.endpoint | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,38 @@ | ||
| variable "project_name" { | ||
| description = "The name of the project" | ||
| type = string | ||
| } | ||
|
|
||
| variable environment { | ||
| description = "Target environment" | ||
| type = string | ||
|
|
||
| validation { | ||
| condition = contains(["dev", "stg", "prod"], var.environment) | ||
| error_message = "The environment must be one of: dev, stg, or prod." | ||
| } | ||
| } | ||
|
|
||
| variable "aws_region" { | ||
| description = "AWS region" | ||
| type = string | ||
| } | ||
|
|
||
| variable "subnet_ids" { | ||
| description = "The subnet IDs to use for the the cluster" | ||
| type = list(string) | ||
| } | ||
|
|
||
| variable vpc_id { | ||
| description = "The VPC ID to use for the Elasticsearch cluster" | ||
| type = string | ||
| } | ||
|
|
||
| variable "elasticsearch_instance_type" { | ||
| description = "The instance type to use for the Elasticsearch cluster" | ||
| type = string | ||
| } | ||
| variable "aws_tags" { | ||
| description = "A map of tags to assign to the resources" | ||
| type = map(string) | ||
| } |