(feat) fix bug opensearch (#4)

* (feat) fix bug opensearch

* (docs) change example

CHANGELOG.md

@@ -0,0 +1,9 @@
+# Change Log
+
+All notable changes to this module will be documented in this file.
+
+## [1.0.0] - 2022-09-08
+
+### Added
+
+- init terraform-aws-opensearch

data.tf

@@ -3,11 +3,12 @@ data "aws_region" "current" {}
 data "aws_caller_identity" "current" {}
 
 data "aws_route53_zone" "opensearch" {
+  count = var.is_custom_endpoint_enabled ? 1 : 0
   name = var.cluster_domain
 }
 
 data "aws_vpc" "this" {
-  count = var.vpc_id == null ? 0 : 1
+  count = var.is_create_security_group ? 1 : 0
   id    = var.vpc_id
 }
 

examples/complete/README.md

@@ -0,0 +1,31 @@
+<!-- BEGIN_TF_DOCS -->
+## Requirements
+
+No requirements.
+
+## Providers
+
+No providers.
+
+## Modules
+
+| Name | Source | Version |
+|------|--------|---------|
+| <a name="module_vpc"></a> [vpc](#module\_vpc) | git@github.com:oozou/terraform-aws-vpc.git | v1.1.6 |
+| <a name="module_vpn"></a> [vpn](#module\_vpn) | ../../ | n/a |
+
+## Resources
+
+No resources.
+
+## Inputs
+
+No inputs.
+
+## Outputs
+
+| Name | Description |
+|------|-------------|
+| <a name="output_dns"></a> [dns](#output\_dns) | n/a |
+| <a name="output_efs_id"></a> [efs\_id](#output\_efs\_id) | n/a |
+<!-- END_TF_DOCS -->

examples/complete/acm.tf

@@ -0,0 +1,12 @@
+module "acm" {
+  source  = "oozou/acm/aws"
+  version = "1.0.4"
+
+  acms_domain_name = {
+    opensearch = {
+      domain_name = "opensearch.example.com"
+    }
+  }
+  route53_zone_name        = "example.com"
+  is_automatic_verify_acms = true
+}

examples/complete/main.tf

@@ -0,0 +1,27 @@
+module "opensearch" {
+  source                     = "../../"
+  cluster_name               = "opensearch"
+  is_custom_endpoint_enabled = true
+  cluster_domain             = "example.com" # route53 hostzone domain
+  cluster_version            = "OpenSearch_1.1"
+  subnets_ids                = module.vpc.private_subnet_ids
+  vpc_id                     = module.vpc.vpc_id
+  prefix                     = "oozou"
+  environment                = "dev"
+  hot_instance_count         = 3
+  availability_zones         = 3
+  is_master_instance_enabled = false
+  is_warm_instance_enabled   = false
+  master_user_name           = "admin"
+  master_user_password       = "AdminOpenSearchExample1@" #must be sensitive value
+  acm_arn                    = module.acm.certificate_arns.opensearch
+  bootstrap_config = {
+    vpc_id    = module.vpc.vpc_id
+    subnet_id = module.vpc.private_subnet_ids[0]
+  }
+  additional_iam_roles = []
+  tags                 = var.tags
+  depends_on = [
+    module.acm
+  ]
+}

examples/complete/outputs.tf

@@ -0,0 +1,9 @@
+output "custom_domain_endpoint" {
+  description = "custom domain for opensearch"
+  value       = module.opensearch.custom_domain_endpoint
+}
+
+output "endpoint" {
+  description = "endpoint for opensearch"
+  value       = module.opensearch.endpoint
+}

examples/complete/variables.tf

@@ -0,0 +1,15 @@
+variable "prefix" {
+  description = "The prefix name of customer to be displayed in AWS console and resource"
+  type        = string
+}
+
+variable "environment" {
+  description = "Environment Variable used as a prefix"
+  type        = string
+}
+
+variable "tags" {
+  description = "Tags to add more; default tags contian {terraform=true, environment=var.environment}"
+  type        = map(string)
+  default     = {}
+}

examples/complete/versions.tf

@@ -0,0 +1,10 @@
+terraform {
+  required_version = ">= 1.0"
+
+  required_providers {
+    aws = {
+      source  = "hashicorp/aws"
+      version = ">= 4.9"
+    }
+  }
+}

examples/complete/vpc.tf

@@ -0,0 +1,17 @@
+module "vpc" {
+  source                       = "oozou/vpc/aws"
+  version                      = "1.1.7"
+  prefix                       = var.prefix
+  environment                  = var.environment
+  cidr                         = "10.105.0.0/16"
+  private_subnets              = ["10.105.60.0/22", "10.105.64.0/22", "10.105.68.0/22"]
+  public_subnets               = ["10.105.0.0/24", "10.105.1.0/24", "10.105.2.0/24"]
+  database_subnets             = ["10.105.20.0/23", "10.105.22.0/23", "10.105.24.0/23"]
+  availability_zone            = ["ap-southeast-1a", "ap-southeast-1b", "ap-southeast-1c"]
+  is_enable_dns_hostnames      = true
+  is_enable_dns_support        = true
+  is_create_nat_gateway        = true
+  is_enable_single_nat_gateway = true
+  account_mode                 = "hub"
+  tags                         = var.tags
+}

main.tf

@@ -53,7 +53,7 @@ resource "aws_opensearch_domain" "this" {
     tls_security_policy = "Policy-Min-TLS-1-2-2019-07"
 
     custom_endpoint_enabled         = var.is_custom_endpoint_enabled
-    custom_endpoint                 = format("%s.%s", var.cluster_name, data.aws_route53_zone.opensearch.name)
+    custom_endpoint                 = format("%s.%s", var.cluster_name, var.cluster_domain)
     custom_endpoint_certificate_arn = var.acm_arn
   }
 
@@ -77,7 +77,8 @@ resource "aws_opensearch_domain" "this" {
 }
 
 resource "aws_route53_record" "this" {
-  zone_id = data.aws_route53_zone.opensearch.id
+  count = var.is_custom_endpoint_enabled ? 1 : 0
+  zone_id = data.aws_route53_zone.opensearch[0].id
   name    = var.cluster_name
   type    = "CNAME"
   ttl     = "60"

outputs.tf

@@ -1,4 +1,9 @@
-output "domain" {
+output "custom_domain_endpoint" {
   description = "custom domain for opensearch"
-  value       = format("%s.%s", var.cluster_name, data.aws_route53_zone.opensearch.name)
+  value       =  format("%s.%s", var.cluster_name, var.cluster_domain)
+}
+
+output "endpoint" {
+  description = "endpoint for opensearch"
+  value       =  aws_opensearch_domain.this.endpoint
 }

sg.tf

@@ -1,5 +1,5 @@
 resource "aws_security_group" "this" {
-  count       = var.vpc_id == null ? 0 : 1
+  count       = var.is_create_security_group ? 1 : 0
   name        = format("%s-%s-opensearch-sg", local.prefix, var.cluster_name)
   description = "Security group for allow internal VPC interact with OpenSearch"
   vpc_id      = data.aws_vpc.this[0].id

variables.tf

@@ -147,7 +147,7 @@ variable "master_user_password" {
 variable "is_custom_endpoint_enabled" {
   description = "Whether to enable custom endpoint for the OpenSearch domain."
   type        = bool
-  default     = true
+  default     = false
 }
 
 variable "acm_arn" {
@@ -177,3 +177,9 @@ variable "additional_iam_roles" {
   type        = list(string)
   default     = []
 }
+
+variable "is_create_security_group" {
+    description = "if true will create security group for opensearch"
+    type = bool
+    default = true
+}

versions.tf

@@ -4,7 +4,7 @@ terraform {
   required_providers {
     aws = {
       source  = "hashicorp/aws"
-      version = ">= 4.0.0"
+      version = ">= 4.9.0"
     }
   }
 }