--- title: Getting Started with Datadog description: Datadog, the leading service for cloud-scale monitoring. breadcrumbs: Docs > Infrastructure > Datadog Resource Catalog --- # aws_elasticsearch_domain{% #aws_elasticsearch_domain %} ## `access_policies`{% #access_policies %} **Type**: `STRING`**Provider name**: `AccessPolicies`**Description**: IAM access policy as a JSON-formatted string. ## `account_id`{% #account_id %} **Type**: `STRING` ## `advanced_options`{% #advanced_options %} **Type**: `MAP_STRING_STRING`**Provider name**: `AdvancedOptions`**Description**: Specifies the status of the `AdvancedOptions` ## `advanced_security_options`{% #advanced_security_options %} **Type**: `STRUCT`**Provider name**: `AdvancedSecurityOptions`**Description**: The current status of the Elasticsearch domain's advanced security options. - `anonymous_auth_disable_date`**Type**: `TIMESTAMP`**Provider name**: `AnonymousAuthDisableDate`**Description**: Specifies the Anonymous Auth Disable Date when Anonymous Auth is enabled. - `anonymous_auth_enabled`**Type**: `BOOLEAN`**Provider name**: `AnonymousAuthEnabled`**Description**: True if Anonymous auth is enabled. Anonymous auth can be enabled only when AdvancedSecurity is enabled on existing domains. - `enabled`**Type**: `BOOLEAN`**Provider name**: `Enabled`**Description**: True if advanced security is enabled. - `internal_user_database_enabled`**Type**: `BOOLEAN`**Provider name**: `InternalUserDatabaseEnabled`**Description**: True if the internal user database is enabled. - `saml_options`**Type**: `STRUCT`**Provider name**: `SAMLOptions`**Description**: Describes the SAML application configured for a domain. - `enabled`**Type**: `BOOLEAN`**Provider name**: `Enabled`**Description**: True if SAML is enabled. - `idp`**Type**: `STRUCT`**Provider name**: `Idp`**Description**: Describes the SAML Identity Provider's information. - `entity_id`**Type**: `STRING`**Provider name**: `EntityId`**Description**: The unique Entity ID of the application in SAML Identity Provider. - `metadata_content`**Type**: `STRING`**Provider name**: `MetadataContent`**Description**: The Metadata of the SAML application in xml format. - `roles_key`**Type**: `STRING`**Provider name**: `RolesKey`**Description**: The key used for matching the SAML Roles attribute. - `session_timeout_minutes`**Type**: `INT32`**Provider name**: `SessionTimeoutMinutes`**Description**: The duration, in minutes, after which a user session becomes inactive. - `subject_key`**Type**: `STRING`**Provider name**: `SubjectKey`**Description**: The key used for matching the SAML Subject attribute. ## `arn`{% #arn %} **Type**: `STRING`**Provider name**: `ARN`**Description**: The Amazon resource name (ARN) of an Elasticsearch domain. See Identifiers for IAM Entities in Using AWS Identity and Access Management for more information. ## `auto_tune_options`{% #auto_tune_options %} **Type**: `STRUCT`**Provider name**: `AutoTuneOptions`**Description**: The current status of the Elasticsearch domain's Auto-Tune options. - `error_message`**Type**: `STRING`**Provider name**: `ErrorMessage`**Description**: Specifies the error message while enabling or disabling the Auto-Tune. - `state`**Type**: `STRING`**Provider name**: `State`**Description**: Specifies the `AutoTuneState` for the Elasticsearch domain. ## `change_progress_details`{% #change_progress_details %} **Type**: `STRUCT`**Provider name**: `ChangeProgressDetails`**Description**: Specifies change details of the domain configuration change. - `change_id`**Type**: `STRING`**Provider name**: `ChangeId`**Description**: The unique change identifier associated with a specific domain configuration change. - `config_change_status`**Type**: `STRING`**Provider name**: `ConfigChangeStatus`**Description**: The current status of the configuration change. - `initiated_by`**Type**: `STRING`**Provider name**: `InitiatedBy`**Description**: The IAM principal who initiated the configuration change. - `last_updated_time`**Type**: `TIMESTAMP`**Provider name**: `LastUpdatedTime`**Description**: The last time that the configuration change was updated. - `message`**Type**: `STRING`**Provider name**: `Message`**Description**: Contains an optional message associated with the domain configuration change. - `start_time`**Type**: `TIMESTAMP`**Provider name**: `StartTime`**Description**: The time that the configuration change was initiated, in Universal Coordinated Time (UTC). ## `cognito_options`{% #cognito_options %} **Type**: `STRUCT`**Provider name**: `CognitoOptions`**Description**: The `CognitoOptions` for the specified domain. For more information, see Amazon Cognito Authentication for Kibana. - `enabled`**Type**: `BOOLEAN`**Provider name**: `Enabled`**Description**: Specifies the option to enable Cognito for Kibana authentication. - `identity_pool_id`**Type**: `STRING`**Provider name**: `IdentityPoolId`**Description**: Specifies the Cognito identity pool ID for Kibana authentication. - `role_arn`**Type**: `STRING`**Provider name**: `RoleArn`**Description**: Specifies the role ARN that provides Elasticsearch permissions for accessing Cognito resources. - `user_pool_id`**Type**: `STRING`**Provider name**: `UserPoolId`**Description**: Specifies the Cognito user pool ID for Kibana authentication. ## `created`{% #created %} **Type**: `BOOLEAN`**Provider name**: `Created`**Description**: The domain creation status. `True` if the creation of an Elasticsearch domain is complete. `False` if domain creation is still in progress. ## `deleted`{% #deleted %} **Type**: `BOOLEAN`**Provider name**: `Deleted`**Description**: The domain deletion status. `True` if a delete request has been received for the domain but resource cleanup is still in progress. `False` if the domain has not been deleted. Once domain deletion is complete, the status of the domain is no longer returned. ## `domain_endpoint_options`{% #domain_endpoint_options %} **Type**: `STRUCT`**Provider name**: `DomainEndpointOptions`**Description**: The current status of the Elasticsearch domain's endpoint options. - `custom_endpoint`**Type**: `STRING`**Provider name**: `CustomEndpoint`**Description**: Specify the fully qualified domain for your custom endpoint. - `custom_endpoint_certificate_arn`**Type**: `STRING`**Provider name**: `CustomEndpointCertificateArn`**Description**: Specify ACM certificate ARN for your custom endpoint. - `custom_endpoint_enabled`**Type**: `BOOLEAN`**Provider name**: `CustomEndpointEnabled`**Description**: Specify if custom endpoint should be enabled for the Elasticsearch domain. - `enforce_https`**Type**: `BOOLEAN`**Provider name**: `EnforceHTTPS`**Description**: Specify if only HTTPS endpoint should be enabled for the Elasticsearch domain. - `tls_security_policy`**Type**: `STRING`**Provider name**: `TLSSecurityPolicy`**Description**: Specify the TLS security policy that needs to be applied to the HTTPS endpoint of Elasticsearch domain.It can be one of the following values: - Policy-Min-TLS-1-0-2019-07: TLS security policy that supports TLS version 1.0 to TLS version 1.2 - Policy-Min-TLS-1-2-2019-07: TLS security policy that supports only TLS version 1.2 - Policy-Min-TLS-1-2-PFS-2023-10: TLS security policy that supports TLS version 1.2 to TLS version 1.3 with perfect forward secrecy cipher suites ## `domain_id`{% #domain_id %} **Type**: `STRING`**Provider name**: `DomainId`**Description**: The unique identifier for the specified Elasticsearch domain. ## `domain_name`{% #domain_name %} **Type**: `STRING`**Provider name**: `DomainName`**Description**: The name of an Elasticsearch domain. Domain names are unique across the domains owned by an account within an AWS region. Domain names start with a letter or number and can contain the following characters: a-z (lowercase), 0-9, and - (hyphen). ## `domain_processing_status`{% #domain_processing_status %} **Type**: `STRING`**Provider name**: `DomainProcessingStatus`**Description**: The status of any changes that are currently in progress for the domain. ## `ebs_options`{% #ebs_options %} **Type**: `STRUCT`**Provider name**: `EBSOptions`**Description**: The `EBSOptions` for the specified domain. See Configuring EBS-based Storage for more information. - `ebs_enabled`**Type**: `BOOLEAN`**Provider name**: `EBSEnabled`**Description**: Specifies whether EBS-based storage is enabled. - `iops`**Type**: `INT32`**Provider name**: `Iops`**Description**: Specifies the IOPS for Provisioned IOPS And GP3 EBS volume (SSD). - `throughput`**Type**: `INT32`**Provider name**: `Throughput`**Description**: Specifies the Throughput for GP3 EBS volume (SSD). - `volume_size`**Type**: `INT32`**Provider name**: `VolumeSize`**Description**: Integer to specify the size of an EBS volume. - `volume_type`**Type**: `STRING`**Provider name**: `VolumeType`**Description**: Specifies the volume type for EBS-based storage. ## `elasticsearch_cluster_config`{% #elasticsearch_cluster_config %} **Type**: `STRUCT`**Provider name**: `ElasticsearchClusterConfig`**Description**: The type and number of instances in the domain cluster. - `cold_storage_options`**Type**: `STRUCT`**Provider name**: `ColdStorageOptions`**Description**: Specifies the `ColdStorageOptions` config for Elasticsearch Domain - `enabled`**Type**: `BOOLEAN`**Provider name**: `Enabled`**Description**: Enable cold storage option. Accepted values true or false - `dedicated_master_count`**Type**: `INT32`**Provider name**: `DedicatedMasterCount`**Description**: Total number of dedicated master nodes, active and on standby, for the cluster. - `dedicated_master_enabled`**Type**: `BOOLEAN`**Provider name**: `DedicatedMasterEnabled`**Description**: A boolean value to indicate whether a dedicated master node is enabled. See About Dedicated Master Nodes for more information. - `dedicated_master_type`**Type**: `STRING`**Provider name**: `DedicatedMasterType`**Description**: The instance type for a dedicated master node. - `instance_count`**Type**: `INT32`**Provider name**: `InstanceCount`**Description**: The number of instances in the specified domain cluster. - `instance_type`**Type**: `STRING`**Provider name**: `InstanceType`**Description**: The instance type for an Elasticsearch cluster. UltraWarm instance types are not supported for data instances. - `warm_count`**Type**: `INT32`**Provider name**: `WarmCount`**Description**: The number of warm nodes in the cluster. - `warm_enabled`**Type**: `BOOLEAN`**Provider name**: `WarmEnabled`**Description**: True to enable warm storage. - `warm_type`**Type**: `STRING`**Provider name**: `WarmType`**Description**: The instance type for the Elasticsearch cluster's warm nodes. - `zone_awareness_config`**Type**: `STRUCT`**Provider name**: `ZoneAwarenessConfig`**Description**: Specifies the zone awareness configuration for a domain when zone awareness is enabled. - `availability_zone_count`**Type**: `INT32`**Provider name**: `AvailabilityZoneCount`**Description**: An integer value to indicate the number of availability zones for a domain when zone awareness is enabled. This should be equal to number of subnets if VPC endpoints is enabled - `zone_awareness_enabled`**Type**: `BOOLEAN`**Provider name**: `ZoneAwarenessEnabled`**Description**: A boolean value to indicate whether zone awareness is enabled. See About Zone Awareness for more information. ## `elasticsearch_version`{% #elasticsearch_version %} **Type**: `STRING`**Provider name**: `ElasticsearchVersion` ## `encryption_at_rest_options`{% #encryption_at_rest_options %} **Type**: `STRUCT`**Provider name**: `EncryptionAtRestOptions`**Description**: Specifies the status of the `EncryptionAtRestOptions`. - `enabled`**Type**: `BOOLEAN`**Provider name**: `Enabled`**Description**: Specifies the option to enable Encryption At Rest. - `kms_key_id`**Type**: `STRING`**Provider name**: `KmsKeyId`**Description**: Specifies the KMS Key ID for Encryption At Rest options. ## `endpoint`{% #endpoint %} **Type**: `STRING`**Provider name**: `Endpoint`**Description**: The Elasticsearch domain endpoint that you use to submit index and search requests. ## `endpoints`{% #endpoints %} **Type**: `MAP_STRING_STRING`**Provider name**: `Endpoints`**Description**: Map containing the Elasticsearch domain endpoints used to submit index and search requests. Example `key, value`: `'vpc','vpc-endpoint-h2dsd34efgyghrtguk5gt6j2foh4.us-east-1.es.amazonaws.com'`. ## `log_publishing_options`{% #log_publishing_options %} **Type**: `STRING`**Provider name**: `LogPublishingOptions`**Description**: Log publishing options for the given domain. ## `modifying_properties`{% #modifying_properties %} **Type**: `UNORDERED_LIST_STRUCT`**Provider name**: `ModifyingProperties`**Description**: Information about the domain properties that are currently being modified. - `active_value`**Type**: `STRING`**Provider name**: `ActiveValue`**Description**: The current value of the domain property that is being modified. - `name`**Type**: `STRING`**Provider name**: `Name`**Description**: The name of the property that is currently being modified. - `pending_value`**Type**: `STRING`**Provider name**: `PendingValue`**Description**: The value that the property that is currently being modified will eventually have. - `value_type`**Type**: `STRING`**Provider name**: `ValueType`**Description**: The type of value that is currently being modified. Properties can have two types: - PLAIN_TEXT: Contain direct values such as "1", "True", or "c5.large.search". - STRINGIFIED_JSON: Contain content in JSON format, such as {"Enabled":"True"}". ## `node_to_node_encryption_options`{% #node_to_node_encryption_options %} **Type**: `STRUCT`**Provider name**: `NodeToNodeEncryptionOptions`**Description**: Specifies the status of the `NodeToNodeEncryptionOptions`. - `enabled`**Type**: `BOOLEAN`**Provider name**: `Enabled`**Description**: Specify true to enable node-to-node encryption. ## `policies`{% #policies %} **Type**: `UNORDERED_LIST_STRUCT` - `account_id`**Type**: `STRING` - `condition`**Type**: `MAP_STRING_STRING` - `policy_id`**Type**: `STRING` - `policy_not_principal`**Type**: `STRUCT` - `policy_id`**Type**: `STRING` - `principal`**Type**: `STRING` - `principal_aws`**Type**: `UNORDERED_LIST_STRING` - `principal_canonical_user`**Type**: `UNORDERED_LIST_STRING` - `principal_federated`**Type**: `UNORDERED_LIST_STRING` - `principal_service`**Type**: `UNORDERED_LIST_STRING` - `policy_principal`**Type**: `STRUCT` - `policy_id`**Type**: `STRING` - `principal`**Type**: `STRING` - `principal_aws`**Type**: `UNORDERED_LIST_STRING` - `principal_canonical_user`**Type**: `UNORDERED_LIST_STRING` - `principal_federated`**Type**: `UNORDERED_LIST_STRING` - `principal_service`**Type**: `UNORDERED_LIST_STRING` - `principal_aws`**Type**: `UNORDERED_LIST_STRING` - `statement_action`**Type**: `UNORDERED_LIST_STRING` - `statement_effect`**Type**: `STRING` - `statement_has_condition`**Type**: `BOOLEAN` - `statement_id`**Type**: `INT32` - `statement_not_action`**Type**: `UNORDERED_LIST_STRING` - `statement_not_resource`**Type**: `UNORDERED_LIST_STRING` - `statement_resource`**Type**: `UNORDERED_LIST_STRING` - `statement_sid`**Type**: `STRING` - `version_id`**Type**: `STRING` ## `processing`{% #processing %} **Type**: `BOOLEAN`**Provider name**: `Processing`**Description**: The status of the Elasticsearch domain configuration. `True` if Amazon Elasticsearch Service is processing configuration changes. `False` if the configuration is active. ## `service_software_options`{% #service_software_options %} **Type**: `STRUCT`**Provider name**: `ServiceSoftwareOptions`**Description**: The current status of the Elasticsearch domain's service software. - `automated_update_date`**Type**: `TIMESTAMP`**Provider name**: `AutomatedUpdateDate`**Description**: Timestamp, in Epoch time, until which you can manually request a service software update. After this date, we automatically update your service software. - `cancellable`**Type**: `BOOLEAN`**Provider name**: `Cancellable`**Description**: `True` if you are able to cancel your service software version update. `False` if you are not able to cancel your service software version. - `current_version`**Type**: `STRING`**Provider name**: `CurrentVersion`**Description**: The current service software version that is present on the domain. - `description`**Type**: `STRING`**Provider name**: `Description`**Description**: The description of the `UpdateStatus`. - `new_version`**Type**: `STRING`**Provider name**: `NewVersion`**Description**: The new service software version if one is available. - `optional_deployment`**Type**: `BOOLEAN`**Provider name**: `OptionalDeployment`**Description**: `True` if a service software is never automatically updated. `False` if a service software is automatically updated after `AutomatedUpdateDate`. - `update_available`**Type**: `BOOLEAN`**Provider name**: `UpdateAvailable`**Description**: `True` if you are able to update you service software version. `False` if you are not able to update your service software version. - `update_status`**Type**: `STRING`**Provider name**: `UpdateStatus`**Description**: The status of your service software update. This field can take the following values: `ELIGIBLE`, `PENDING_UPDATE`, `IN_PROGRESS`, `COMPLETED`, and `NOT_ELIGIBLE`. ## `snapshot_options`{% #snapshot_options %} **Type**: `STRUCT`**Provider name**: `SnapshotOptions`**Description**: Specifies the status of the `SnapshotOptions` - `automated_snapshot_start_hour`**Type**: `INT32`**Provider name**: `AutomatedSnapshotStartHour`**Description**: Specifies the time, in UTC format, when the service takes a daily automated snapshot of the specified Elasticsearch domain. Default value is `0` hours. ## `tags`{% #tags %} **Type**: `UNORDERED_LIST_STRING` ## `upgrade_processing`{% #upgrade_processing %} **Type**: `BOOLEAN`**Provider name**: `UpgradeProcessing`**Description**: The status of an Elasticsearch domain version upgrade. `True` if Amazon Elasticsearch Service is undergoing a version upgrade. `False` if the configuration is active. ## `vpc_options`{% #vpc_options %} **Type**: `STRUCT`**Provider name**: `VPCOptions`**Description**: The `VPCOptions` for the specified domain. For more information, see VPC Endpoints for Amazon Elasticsearch Service Domains. - `availability_zones`**Type**: `UNORDERED_LIST_STRING`**Provider name**: `AvailabilityZones`**Description**: The availability zones for the Elasticsearch domain. Exists only if the domain was created with VPCOptions. - `security_group_ids`**Type**: `UNORDERED_LIST_STRING`**Provider name**: `SecurityGroupIds`**Description**: Specifies the security groups for VPC endpoint. - `subnet_ids`**Type**: `UNORDERED_LIST_STRING`**Provider name**: `SubnetIds`**Description**: Specifies the subnets for VPC endpoint. - `vpc_id`**Type**: `STRING`**Provider name**: `VPCId`**Description**: The VPC Id for the Elasticsearch domain. Exists only if the domain was created with VPCOptions.