diff --git a/CHANGELOG.md b/CHANGELOG.md
new file mode 100644
index 0000000..724dec3
--- /dev/null
+++ b/CHANGELOG.md
@@ -0,0 +1,9 @@
+# Change Log
+
+All notable changes to this module will be documented in this file.
+
+## [1.0.0] - 2022-09-08
+
+### Added
+
+- init terraform-aws-opensearch
diff --git a/data.tf b/data.tf
index 148c843..6c9fd7a 100644
--- a/data.tf
+++ b/data.tf
@@ -3,11 +3,12 @@ data "aws_region" "current" {}
data "aws_caller_identity" "current" {}
data "aws_route53_zone" "opensearch" {
+ count = var.is_custom_endpoint_enabled ? 1 : 0
name = var.cluster_domain
}
data "aws_vpc" "this" {
- count = var.vpc_id == null ? 0 : 1
+ count = var.is_create_security_group ? 1 : 0
id = var.vpc_id
}
diff --git a/examples/complete/README.md b/examples/complete/README.md
new file mode 100644
index 0000000..6602738
--- /dev/null
+++ b/examples/complete/README.md
@@ -0,0 +1,31 @@
+
+## Requirements
+
+No requirements.
+
+## Providers
+
+No providers.
+
+## Modules
+
+| Name | Source | Version |
+|------|--------|---------|
+| [vpc](#module\_vpc) | git@github.com:oozou/terraform-aws-vpc.git | v1.1.6 |
+| [vpn](#module\_vpn) | ../../ | n/a |
+
+## Resources
+
+No resources.
+
+## Inputs
+
+No inputs.
+
+## Outputs
+
+| Name | Description |
+|------|-------------|
+| [dns](#output\_dns) | n/a |
+| [efs\_id](#output\_efs\_id) | n/a |
+
diff --git a/examples/complete/acm.tf b/examples/complete/acm.tf
new file mode 100644
index 0000000..0f33eb2
--- /dev/null
+++ b/examples/complete/acm.tf
@@ -0,0 +1,12 @@
+module "acm" {
+ source = "oozou/acm/aws"
+ version = "1.0.4"
+
+ acms_domain_name = {
+ opensearch = {
+ domain_name = "opensearch.example.com"
+ }
+ }
+ route53_zone_name = "example.com"
+ is_automatic_verify_acms = true
+}
diff --git a/examples/complete/main.tf b/examples/complete/main.tf
new file mode 100644
index 0000000..5bcf328
--- /dev/null
+++ b/examples/complete/main.tf
@@ -0,0 +1,27 @@
+module "opensearch" {
+ source = "../../"
+ cluster_name = "opensearch"
+ is_custom_endpoint_enabled = true
+ cluster_domain = "example.com" # route53 hostzone domain
+ cluster_version = "OpenSearch_1.1"
+ subnets_ids = module.vpc.private_subnet_ids
+ vpc_id = module.vpc.vpc_id
+ prefix = "oozou"
+ environment = "dev"
+ hot_instance_count = 3
+ availability_zones = 3
+ is_master_instance_enabled = false
+ is_warm_instance_enabled = false
+ master_user_name = "admin"
+ master_user_password = "AdminOpenSearchExample1@" #must be sensitive value
+ acm_arn = module.acm.certificate_arns.opensearch
+ bootstrap_config = {
+ vpc_id = module.vpc.vpc_id
+ subnet_id = module.vpc.private_subnet_ids[0]
+ }
+ additional_iam_roles = []
+ tags = var.tags
+ depends_on = [
+ module.acm
+ ]
+}
diff --git a/examples/complete/outputs.tf b/examples/complete/outputs.tf
new file mode 100644
index 0000000..b2147c6
--- /dev/null
+++ b/examples/complete/outputs.tf
@@ -0,0 +1,9 @@
+output "custom_domain_endpoint" {
+ description = "custom domain for opensearch"
+ value = module.opensearch.custom_domain_endpoint
+}
+
+output "endpoint" {
+ description = "endpoint for opensearch"
+ value = module.opensearch.endpoint
+}
diff --git a/examples/complete/variables.tf b/examples/complete/variables.tf
new file mode 100644
index 0000000..e605b4f
--- /dev/null
+++ b/examples/complete/variables.tf
@@ -0,0 +1,15 @@
+variable "prefix" {
+ description = "The prefix name of customer to be displayed in AWS console and resource"
+ type = string
+}
+
+variable "environment" {
+ description = "Environment Variable used as a prefix"
+ type = string
+}
+
+variable "tags" {
+ description = "Tags to add more; default tags contian {terraform=true, environment=var.environment}"
+ type = map(string)
+ default = {}
+}
diff --git a/examples/complete/versions.tf b/examples/complete/versions.tf
new file mode 100644
index 0000000..dbc484a
--- /dev/null
+++ b/examples/complete/versions.tf
@@ -0,0 +1,10 @@
+terraform {
+ required_version = ">= 1.0"
+
+ required_providers {
+ aws = {
+ source = "hashicorp/aws"
+ version = ">= 4.9"
+ }
+ }
+}
diff --git a/examples/complete/vpc.tf b/examples/complete/vpc.tf
new file mode 100644
index 0000000..1b3f2e1
--- /dev/null
+++ b/examples/complete/vpc.tf
@@ -0,0 +1,17 @@
+module "vpc" {
+ source = "oozou/vpc/aws"
+ version = "1.1.7"
+ prefix = var.prefix
+ environment = var.environment
+ cidr = "10.105.0.0/16"
+ private_subnets = ["10.105.60.0/22", "10.105.64.0/22", "10.105.68.0/22"]
+ public_subnets = ["10.105.0.0/24", "10.105.1.0/24", "10.105.2.0/24"]
+ database_subnets = ["10.105.20.0/23", "10.105.22.0/23", "10.105.24.0/23"]
+ availability_zone = ["ap-southeast-1a", "ap-southeast-1b", "ap-southeast-1c"]
+ is_enable_dns_hostnames = true
+ is_enable_dns_support = true
+ is_create_nat_gateway = true
+ is_enable_single_nat_gateway = true
+ account_mode = "hub"
+ tags = var.tags
+}
diff --git a/main.tf b/main.tf
index 56e63eb..3726262 100644
--- a/main.tf
+++ b/main.tf
@@ -53,7 +53,7 @@ resource "aws_opensearch_domain" "this" {
tls_security_policy = "Policy-Min-TLS-1-2-2019-07"
custom_endpoint_enabled = var.is_custom_endpoint_enabled
- custom_endpoint = format("%s.%s", var.cluster_name, data.aws_route53_zone.opensearch.name)
+ custom_endpoint = format("%s.%s", var.cluster_name, var.cluster_domain)
custom_endpoint_certificate_arn = var.acm_arn
}
@@ -77,7 +77,8 @@ resource "aws_opensearch_domain" "this" {
}
resource "aws_route53_record" "this" {
- zone_id = data.aws_route53_zone.opensearch.id
+ count = var.is_custom_endpoint_enabled ? 1 : 0
+ zone_id = data.aws_route53_zone.opensearch[0].id
name = var.cluster_name
type = "CNAME"
ttl = "60"
diff --git a/outputs.tf b/outputs.tf
index 08494d8..7220844 100644
--- a/outputs.tf
+++ b/outputs.tf
@@ -1,4 +1,9 @@
-output "domain" {
+output "custom_domain_endpoint" {
description = "custom domain for opensearch"
- value = format("%s.%s", var.cluster_name, data.aws_route53_zone.opensearch.name)
+ value = format("%s.%s", var.cluster_name, var.cluster_domain)
+}
+
+output "endpoint" {
+ description = "endpoint for opensearch"
+ value = aws_opensearch_domain.this.endpoint
}
diff --git a/sg.tf b/sg.tf
index 006b012..d324525 100644
--- a/sg.tf
+++ b/sg.tf
@@ -1,5 +1,5 @@
resource "aws_security_group" "this" {
- count = var.vpc_id == null ? 0 : 1
+ count = var.is_create_security_group ? 1 : 0
name = format("%s-%s-opensearch-sg", local.prefix, var.cluster_name)
description = "Security group for allow internal VPC interact with OpenSearch"
vpc_id = data.aws_vpc.this[0].id
diff --git a/variables.tf b/variables.tf
index 548d5db..9bd979d 100644
--- a/variables.tf
+++ b/variables.tf
@@ -147,7 +147,7 @@ variable "master_user_password" {
variable "is_custom_endpoint_enabled" {
description = "Whether to enable custom endpoint for the OpenSearch domain."
type = bool
- default = true
+ default = false
}
variable "acm_arn" {
@@ -177,3 +177,9 @@ variable "additional_iam_roles" {
type = list(string)
default = []
}
+
+variable "is_create_security_group" {
+ description = "if true will create security group for opensearch"
+ type = bool
+ default = true
+}
diff --git a/versions.tf b/versions.tf
index 97f0cf5..cc73ffd 100644
--- a/versions.tf
+++ b/versions.tf
@@ -4,7 +4,7 @@ terraform {
required_providers {
aws = {
source = "hashicorp/aws"
- version = ">= 4.0.0"
+ version = ">= 4.9.0"
}
}
}