muneebaahmad/elasticsearch.tf

## elasticsearch.tf
resource "aws_elasticsearch_domain" "demo" {
  domain_name           = "demo"
  elasticsearch_version = "6.2"

  ebs_options {
    ebs_enabled = true
    volume_type = "gp2"
    volume_size = 10
  }

  cluster_config {
    instance_count           = 1
    instance_type            = "t2.small.elasticsearch"
    dedicated_master_enabled = false
    zone_awareness_enabled   = false
  }
}


resource "aws_elasticsearch_domain_policy" "demo" {
  domain_name     = "${aws_elasticsearch_domain.demo.domain_name}"
  access_policies = "${data.aws_iam_policy_document.elastic_search_demo_execution_policy.json}"
}

data "aws_iam_policy_document" "elastic_search_demo_execution_policy" {
  statement {
    effect    = "Allow"
    actions   = ["es:*"]
    resources = ["${aws_elasticsearch_domain.demo.arn}"]
    principals {
      type = "AWS"
      identifiers = ["${data.aws_iam_user.platform-api-user.arn}"]
    }
  }
  statement  {
    effect    = "Allow"
    actions   = ["es:*"]
    resources = ["${aws_elasticsearch_domain.demo.arn}/*"]
    principals {
      type = "AWS"
      identifiers = ["*"]
    }
    condition {
     test      = "IpAddress"
     variable  = "aws:SourceIp"
     values    = ["${data.aws_instance.kibana.public_ip}"]
   }
  }
}

data "aws_instance" "kibana" {
  instance_id = "i-#{KIBANA_INSTANCE_ID}"
}
	resource "aws_elasticsearch_domain" "demo" {
	domain_name = "demo"
	elasticsearch_version = "6.2"

	ebs_options {
	ebs_enabled = true
	volume_type = "gp2"
	volume_size = 10
	}

	cluster_config {
	instance_count = 1
	instance_type = "t2.small.elasticsearch"
	dedicated_master_enabled = false
	zone_awareness_enabled = false
	}
	}


	resource "aws_elasticsearch_domain_policy" "demo" {
	domain_name = "${aws_elasticsearch_domain.demo.domain_name}"
	access_policies = "${data.aws_iam_policy_document.elastic_search_demo_execution_policy.json}"
	}

	data "aws_iam_policy_document" "elastic_search_demo_execution_policy" {
	statement {
	effect = "Allow"
	actions = ["es:*"]
	resources = ["${aws_elasticsearch_domain.demo.arn}"]
	principals {
	type = "AWS"
	identifiers = ["${data.aws_iam_user.platform-api-user.arn}"]
	}
	}
	statement {
	effect = "Allow"
	actions = ["es:*"]
	resources = ["${aws_elasticsearch_domain.demo.arn}/*"]
	principals {
	type = "AWS"
	identifiers = ["*"]
	}
	condition {
	test = "IpAddress"
	variable = "aws:SourceIp"
	values = ["${data.aws_instance.kibana.public_ip}"]
	}
	}
	}

	data "aws_instance" "kibana" {
	instance_id = "i-#{KIBANA_INSTANCE_ID}"
	}