aws_elasticsearch_domain

access_policies

Type: STRING
Provider name: AccessPolicies
Description: IAM access policy as a JSON-formatted string.

account_id

Type: STRING

advanced_options

Type: MAP_STRING_STRING
Provider name: AdvancedOptions
Description: Specifies the status of the AdvancedOptions

advanced_security_options

Type: STRUCT
Provider name: AdvancedSecurityOptions
Description: The current status of the Elasticsearch domain’s advanced security options.

  • anonymous_auth_disable_date
    Type: TIMESTAMP
    Provider name: AnonymousAuthDisableDate
    Description: Specifies the Anonymous Auth Disable Date when Anonymous Auth is enabled.
  • anonymous_auth_enabled
    Type: BOOLEAN
    Provider name: AnonymousAuthEnabled
    Description: True if Anonymous auth is enabled. Anonymous auth can be enabled only when AdvancedSecurity is enabled on existing domains.
  • enabled
    Type: BOOLEAN
    Provider name: Enabled
    Description: True if advanced security is enabled.
  • internal_user_database_enabled
    Type: BOOLEAN
    Provider name: InternalUserDatabaseEnabled
    Description: True if the internal user database is enabled.
  • saml_options
    Type: STRUCT
    Provider name: SAMLOptions
    Description: Describes the SAML application configured for a domain.
    • enabled
      Type: BOOLEAN
      Provider name: Enabled
      Description: True if SAML is enabled.
    • idp
      Type: STRUCT
      Provider name: Idp
      Description: Describes the SAML Identity Provider’s information.
      • entity_id
        Type: STRING
        Provider name: EntityId
        Description: The unique Entity ID of the application in SAML Identity Provider.
      • metadata_content
        Type: STRING
        Provider name: MetadataContent
        Description: The Metadata of the SAML application in xml format.
    • roles_key
      Type: STRING
      Provider name: RolesKey
      Description: The key used for matching the SAML Roles attribute.
    • session_timeout_minutes
      Type: INT32
      Provider name: SessionTimeoutMinutes
      Description: The duration, in minutes, after which a user session becomes inactive.
    • subject_key
      Type: STRING
      Provider name: SubjectKey
      Description: The key used for matching the SAML Subject attribute.

arn

Type: STRING
Provider name: ARN
Description: The Amazon resource name (ARN) of an Elasticsearch domain. See Identifiers for IAM Entities in Using AWS Identity and Access Management for more information.

auto_tune_options

Type: STRUCT
Provider name: AutoTuneOptions
Description: The current status of the Elasticsearch domain’s Auto-Tune options.

  • error_message
    Type: STRING
    Provider name: ErrorMessage
    Description: Specifies the error message while enabling or disabling the Auto-Tune.
  • state
    Type: STRING
    Provider name: State
    Description: Specifies the AutoTuneState for the Elasticsearch domain.

change_progress_details

Type: STRUCT
Provider name: ChangeProgressDetails
Description: Specifies change details of the domain configuration change.

  • change_id
    Type: STRING
    Provider name: ChangeId
    Description: The unique change identifier associated with a specific domain configuration change.
  • config_change_status
    Type: STRING
    Provider name: ConfigChangeStatus
    Description: The current status of the configuration change.
  • initiated_by
    Type: STRING
    Provider name: InitiatedBy
    Description: The IAM principal who initiated the configuration change.
  • last_updated_time
    Type: TIMESTAMP
    Provider name: LastUpdatedTime
    Description: The last time that the configuration change was updated.
  • message
    Type: STRING
    Provider name: Message
    Description: Contains an optional message associated with the domain configuration change.
  • start_time
    Type: TIMESTAMP
    Provider name: StartTime
    Description: The time that the configuration change was initiated, in Universal Coordinated Time (UTC).

cognito_options

Type: STRUCT
Provider name: CognitoOptions
Description: The CognitoOptions for the specified domain. For more information, see Amazon Cognito Authentication for Kibana.

  • enabled
    Type: BOOLEAN
    Provider name: Enabled
    Description: Specifies the option to enable Cognito for Kibana authentication.
  • identity_pool_id
    Type: STRING
    Provider name: IdentityPoolId
    Description: Specifies the Cognito identity pool ID for Kibana authentication.
  • role_arn
    Type: STRING
    Provider name: RoleArn
    Description: Specifies the role ARN that provides Elasticsearch permissions for accessing Cognito resources.
  • user_pool_id
    Type: STRING
    Provider name: UserPoolId
    Description: Specifies the Cognito user pool ID for Kibana authentication.

created

Type: BOOLEAN
Provider name: Created
Description: The domain creation status. True if the creation of an Elasticsearch domain is complete. False if domain creation is still in progress.

deleted

Type: BOOLEAN
Provider name: Deleted
Description: The domain deletion status. True if a delete request has been received for the domain but resource cleanup is still in progress. False if the domain has not been deleted. Once domain deletion is complete, the status of the domain is no longer returned.

domain_endpoint_options

Type: STRUCT
Provider name: DomainEndpointOptions
Description: The current status of the Elasticsearch domain’s endpoint options.

  • custom_endpoint
    Type: STRING
    Provider name: CustomEndpoint
    Description: Specify the fully qualified domain for your custom endpoint.
  • custom_endpoint_certificate_arn
    Type: STRING
    Provider name: CustomEndpointCertificateArn
    Description: Specify ACM certificate ARN for your custom endpoint.
  • custom_endpoint_enabled
    Type: BOOLEAN
    Provider name: CustomEndpointEnabled
    Description: Specify if custom endpoint should be enabled for the Elasticsearch domain.
  • enforce_https
    Type: BOOLEAN
    Provider name: EnforceHTTPS
    Description: Specify if only HTTPS endpoint should be enabled for the Elasticsearch domain.
  • tls_security_policy
    Type: STRING
    Provider name: TLSSecurityPolicy
    Description: Specify the TLS security policy that needs to be applied to the HTTPS endpoint of Elasticsearch domain.
    It can be one of the following values:
    • Policy-Min-TLS-1-0-2019-07: TLS security policy that supports TLS version 1.0 to TLS version 1.2
    • Policy-Min-TLS-1-2-2019-07: TLS security policy that supports only TLS version 1.2
    • Policy-Min-TLS-1-2-PFS-2023-10: TLS security policy that supports TLS version 1.2 to TLS version 1.3 with perfect forward secrecy cipher suites

domain_id

Type: STRING
Provider name: DomainId
Description: The unique identifier for the specified Elasticsearch domain.

domain_name

Type: STRING
Provider name: DomainName
Description: The name of an Elasticsearch domain. Domain names are unique across the domains owned by an account within an AWS region. Domain names start with a letter or number and can contain the following characters: a-z (lowercase), 0-9, and - (hyphen).

domain_processing_status

Type: STRING
Provider name: DomainProcessingStatus
Description: The status of any changes that are currently in progress for the domain.

ebs_options

Type: STRUCT
Provider name: EBSOptions
Description: The EBSOptions for the specified domain. See Configuring EBS-based Storage for more information.

  • ebs_enabled
    Type: BOOLEAN
    Provider name: EBSEnabled
    Description: Specifies whether EBS-based storage is enabled.
  • iops
    Type: INT32
    Provider name: Iops
    Description: Specifies the IOPS for Provisioned IOPS And GP3 EBS volume (SSD).
  • throughput
    Type: INT32
    Provider name: Throughput
    Description: Specifies the Throughput for GP3 EBS volume (SSD).
  • volume_size
    Type: INT32
    Provider name: VolumeSize
    Description: Integer to specify the size of an EBS volume.
  • volume_type
    Type: STRING
    Provider name: VolumeType
    Description: Specifies the volume type for EBS-based storage.

elasticsearch_cluster_config

Type: STRUCT
Provider name: ElasticsearchClusterConfig
Description: The type and number of instances in the domain cluster.

  • cold_storage_options
    Type: STRUCT
    Provider name: ColdStorageOptions
    Description: Specifies the ColdStorageOptions config for Elasticsearch Domain
    • enabled
      Type: BOOLEAN
      Provider name: Enabled
      Description: Enable cold storage option. Accepted values true or false
  • dedicated_master_count
    Type: INT32
    Provider name: DedicatedMasterCount
    Description: Total number of dedicated master nodes, active and on standby, for the cluster.
  • dedicated_master_enabled
    Type: BOOLEAN
    Provider name: DedicatedMasterEnabled
    Description: A boolean value to indicate whether a dedicated master node is enabled. See About Dedicated Master Nodes for more information.
  • dedicated_master_type
    Type: STRING
    Provider name: DedicatedMasterType
    Description: The instance type for a dedicated master node.
  • instance_count
    Type: INT32
    Provider name: InstanceCount
    Description: The number of instances in the specified domain cluster.
  • instance_type
    Type: STRING
    Provider name: InstanceType
    Description: The instance type for an Elasticsearch cluster. UltraWarm instance types are not supported for data instances.
  • warm_count
    Type: INT32
    Provider name: WarmCount
    Description: The number of warm nodes in the cluster.
  • warm_enabled
    Type: BOOLEAN
    Provider name: WarmEnabled
    Description: True to enable warm storage.
  • warm_type
    Type: STRING
    Provider name: WarmType
    Description: The instance type for the Elasticsearch cluster’s warm nodes.
  • zone_awareness_config
    Type: STRUCT
    Provider name: ZoneAwarenessConfig
    Description: Specifies the zone awareness configuration for a domain when zone awareness is enabled.
    • availability_zone_count
      Type: INT32
      Provider name: AvailabilityZoneCount
      Description: An integer value to indicate the number of availability zones for a domain when zone awareness is enabled. This should be equal to number of subnets if VPC endpoints is enabled
  • zone_awareness_enabled
    Type: BOOLEAN
    Provider name: ZoneAwarenessEnabled
    Description: A boolean value to indicate whether zone awareness is enabled. See About Zone Awareness for more information.

elasticsearch_version

Type: STRING
Provider name: ElasticsearchVersion

encryption_at_rest_options

Type: STRUCT
Provider name: EncryptionAtRestOptions
Description: Specifies the status of the EncryptionAtRestOptions.

  • enabled
    Type: BOOLEAN
    Provider name: Enabled
    Description: Specifies the option to enable Encryption At Rest.
  • kms_key_id
    Type: STRING
    Provider name: KmsKeyId
    Description: Specifies the KMS Key ID for Encryption At Rest options.

endpoint

Type: STRING
Provider name: Endpoint
Description: The Elasticsearch domain endpoint that you use to submit index and search requests.

endpoints

Type: MAP_STRING_STRING
Provider name: Endpoints
Description: Map containing the Elasticsearch domain endpoints used to submit index and search requests. Example key, value: ‘vpc’,‘vpc-endpoint-h2dsd34efgyghrtguk5gt6j2foh4.us-east-1.es.amazonaws.com’.

log_publishing_options

Type: STRING
Provider name: LogPublishingOptions
a Description: Log publishing options for the given domain.

modifying_properties

Type: UNORDERED_LIST_STRUCT
Provider name: ModifyingProperties
Description: Information about the domain properties that are currently being modified.

  • active_value
    Type: STRING
    Provider name: ActiveValue
    Description: The current value of the domain property that is being modified.
  • name
    Type: STRING
    Provider name: Name
    Description: The name of the property that is currently being modified.
  • pending_value
    Type: STRING
    Provider name: PendingValue
    Description: The value that the property that is currently being modified will eventually have.
  • value_type
    Type: STRING
    Provider name: ValueType
    Description: The type of value that is currently being modified. Properties can have two types:
    • PLAIN_TEXT: Contain direct values such as “1”, “True”, or “c5.large.search”.
    • STRINGIFIED_JSON: Contain content in JSON format, such as {“Enabled”:“True”}".

node_to_node_encryption_options

Type: STRUCT
Provider name: NodeToNodeEncryptionOptions
Description: Specifies the status of the NodeToNodeEncryptionOptions.

  • enabled
    Type: BOOLEAN
    Provider name: Enabled
    Description: Specify true to enable node-to-node encryption.

processing

Type: BOOLEAN
Provider name: Processing
Description: The status of the Elasticsearch domain configuration. True if Amazon Elasticsearch Service is processing configuration changes. False if the configuration is active.

service_software_options

Type: STRUCT
Provider name: ServiceSoftwareOptions
Description: The current status of the Elasticsearch domain’s service software.

  • automated_update_date
    Type: TIMESTAMP
    Provider name: AutomatedUpdateDate
    Description: Timestamp, in Epoch time, until which you can manually request a service software update. After this date, we automatically update your service software.
  • cancellable
    Type: BOOLEAN
    Provider name: Cancellable
    Description: True if you are able to cancel your service software version update. False if you are not able to cancel your service software version.
  • current_version
    Type: STRING
    Provider name: CurrentVersion
    Description: The current service software version that is present on the domain.
  • description
    Type: STRING
    Provider name: Description
    Description: The description of the UpdateStatus.
  • new_version
    Type: STRING
    Provider name: NewVersion
    Description: The new service software version if one is available.
  • optional_deployment
    Type: BOOLEAN
    Provider name: OptionalDeployment
    Description: True if a service software is never automatically updated. False if a service software is automatically updated after AutomatedUpdateDate.
  • update_available
    Type: BOOLEAN
    Provider name: UpdateAvailable
    Description: True if you are able to update you service software version. False if you are not able to update your service software version.
  • update_status
    Type: STRING
    Provider name: UpdateStatus
    Description: The status of your service software update. This field can take the following values: ELIGIBLE, PENDING_UPDATE, IN_PROGRESS, COMPLETED, and NOT_ELIGIBLE.

snapshot_options

Type: STRUCT
Provider name: SnapshotOptions
Description: Specifies the status of the SnapshotOptions

  • automated_snapshot_start_hour
    Type: INT32
    Provider name: AutomatedSnapshotStartHour
    Description: Specifies the time, in UTC format, when the service takes a daily automated snapshot of the specified Elasticsearch domain. Default value is 0 hours.

tags

Type: UNORDERED_LIST_STRING

upgrade_processing

Type: BOOLEAN
Provider name: UpgradeProcessing
Description: The status of an Elasticsearch domain version upgrade. True if Amazon Elasticsearch Service is undergoing a version upgrade. False if the configuration is active.

vpc_options

Type: STRUCT
Provider name: VPCOptions
Description: The VPCOptions for the specified domain. For more information, see VPC Endpoints for Amazon Elasticsearch Service Domains.

  • availability_zones
    Type: UNORDERED_LIST_STRING
    Provider name: AvailabilityZones
    Description: The availability zones for the Elasticsearch domain. Exists only if the domain was created with VPCOptions.
  • security_group_ids
    Type: UNORDERED_LIST_STRING
    Provider name: SecurityGroupIds
    Description: Specifies the security groups for VPC endpoint.
  • subnet_ids
    Type: UNORDERED_LIST_STRING
    Provider name: SubnetIds
    Description: Specifies the subnets for VPC endpoint.
  • vpc_id
    Type: STRING
    Provider name: VPCId
    Description: The VPC Id for the Elasticsearch domain. Exists only if the domain was created with VPCOptions.