page_title | description |
---|---|
Provider: Elasticsearch |
The Elasticsearch provider is used to interact with the resources supported by Elasticsearch. The provider needs to be configured with an endpoint URL before it can be used. |
The Elasticsearch provider is used to interact with the resources supported by Elasticsearch. The provider needs to be configured with an endpoint URL before it can be used.
AWS Elasticsearch Service domains are supported.
Use the navigation to the left to read about the available resources.
# Configure the Elasticsearch provider
provider "elasticsearch" {
url = "http://127.0.0.1:9200"
}
# Create an index template
resource "elasticsearch_index_template" "template_1" {
name = "template_1"
body = <<EOF
{
"template": "te*",
"settings": {
"number_of_shards": 1
},
"mappings": {
"type1": {
"_source": {
"enabled": false
},
"properties": {
"host_name": {
"type": "keyword"
},
"created_at": {
"type": "date",
"format": "EEE MMM dd HH:mm:ss Z YYYY"
}
}
}
}
}
EOF
}
The following arguments are supported:
url
(Required) - Elasticsearch URL. Defaults toELASTICSEARCH_URL
from the environment.sniff
(Optional) - Set the node sniffing option for the elastic client. Client won't work with sniffing if nodes are not routable. Defaults toELASTICSEARCH_SNIFF
from the environment or true.healthcheck
(Optional) - Set the client healthcheck option for the elastic client. Healthchecking is designed for direct access to the cluster. Defaults toELASTICSEARCH_HEALTH
from the environment, or true.username
(Optional) - Username to use to connect to elasticsearch using basic auth. Defaults toELASTICSEARCH_USERNAME
from the environmentpassword
(Optional) - Password to use to connect to elasticsearch using basic auth. Defaults toELASTICSEARCH_PASSWORD
from the environmentaws_access_key
(Optional) - The access key for use with AWS Elasticsearch Service domains. It can also be sourced from theAWS_ACCESS_KEY_ID
environment variable.aws_secret_key
(Optional) - The secret key for use with AWS Elasticsearch Service domains. It can also be sourced from theAWS_SECRET_ACCESS_KEY
environment variable.aws_token
(Optional) - The session token for use with AWS Elasticsearch Service domains. It can also be sourced from theAWS_SESSION_TOKEN
environment variable.aws_profile
(Optional) - The AWS profile for use with AWS Elasticsearch Service domainsaws_region
(Optional) - The AWS region for use in signing of AWS elasticsearch requests. Must be specified in order to use AWS URL signing with AWS ElasticSearch endpoint exposed on a custom DNS domain.cacert_file
(Optional) - a custom CA certificate when communicating over SSL. You can specify either a path to the file or the contents of the certificate.insecure
(Optional) - Disable SSL verification of API calls (defaults tofalse
)client_cert_path
(Optional) - A X509 certificate to connect to elasticsearch. Defaults toES_CLIENT_CERTIFICATE_PATH
from the environmentclient_key_path
(Optional) - A X509 key to connect to elasticsearch. Defaults toES_CLIENT_KEY_PATH
sign_aws_requests
(Optional) - Enable signing of AWS elasticsearch requests (defauls totrue
). Theurl
must refer to AWS ES domain (*.<region>.es.amazonaws.com
), oraws_region
must be specified explicitly.elasticsearch_version
(Optional) - ElasticSearch Version, if set, skips the version detection at provider start.
The Elasticsearch provider is flexible in the means of providing credentials for authentication with AWS Elasticsearch domains. The following methods are supported, in this order, and explained below:
- Static credentials
- Environment variables
- Shared credentials file
Static credentials can be provided by adding an aws_access_key
and aws_secret_key
in-line in the Elasticsearch provider block. If applicable, you may also specify a aws_token
value.
Example usage:
provider "elasticsearch" {
url = "https://search-foo-bar-pqrhr4w3u4dzervg41frow4mmy.us-east-1.es.amazonaws.com"
aws_access_key = "anaccesskey"
aws_secret_key = "asecretkey"
aws_token = "" # if necessary
}
You can provide your credentials via the AWS_ACCESS_KEY_ID
and AWS_SECRET_ACCESS_KEY
, environment variables, representing your AWS Access Key and AWS Secret Key. If applicable, the AWS_SESSION_TOKEN
environment variables is also supported.
Example usage:
$ export AWS_ACCESS_KEY_ID="anaccesskey"
$ export AWS_SECRET_ACCESS_KEY="asecretkey"
$ terraform plan
You can specify a named profile that will be used for credentials (either static, or sts assumed role creds). eg:
provider "elasticsearch" {
url = "https://search-foo-bar-pqrhr4w3u4dzervg41frow4mmy.us-east-1.es.amazonaws.com"
aws_profile = "profilename"
}
You can use an AWS credentials file to specify your credentials. The default location is $HOME/.aws/credentials
on Linux and macOS, or %USERPROFILE%\.aws\credentials
for Windows users.
Please refer to the official userguide for instructions on how to create the credentials file.