Skip to main content

Elasticsearch


Resource Icon

Resource Overview

Amazon Elasticsearch Service (Amazon ES) is a distributed search and analytics engine designed for fast search and data analysis. Built on top of the Apache Lucene search engine, Elasticsearch is a fast, scalable open-source solution. It is widely used for data collection, log analysis, and monitoring. Amazon Elasticsearch Service can run within an Amazon VPC and integrates seamlessly with AWS services like Lambda and Kinesis. It also offers robust security and access control features provided by AWS, and integrates with Amazon CloudWatch for monitoring and logging capabilities.

Associated Resources

Parent Resources

Connected Resources

Resource Setting Values

  • elasticsearch_version: Elasticsearch Domain Version
  • availability_zone_count: The count of availability zone - 2, 3.
  • tls_security_policy: Name of the TLS security policy that needs to be applied to the HTTPS endpoint - Policy-Min-TLS-1-2-2019-07, Policy-Min-TLS-1-0-2019-07.
  • data_node
    • instance_type: Instance type of data nodes in the cluster
    • instance_count: Number of instances in the cluster - 1~80.
    • ebs_enabled: Whether EBS volumes are attached to data nodes in the domain - true, false.
    • ebs_volume_type: Type of EBS volumes attached to data nodes - standard, gp2, io1.
    • ebs_volume_size: Size of EBS volumes attached to data nodes (in GiB) - 1~16384.
  • master_node
    • master_node_enabled: Enable main nodes in the cluster - true, false.
    • master_instance_type: Instance type of the dedicated main nodes in the cluster - r5.large.search.
    • master_node_count: Number of dedicated main nodes in the cluster - 3, 5.
  • custom_endpoint
    • custom_endpoint_enabled: Enable user custom endpoint - true, false.
  • network
    • network_type: The type of network access - vpc_access, public_access.
    • included_subnet_names: List of VPC Subnet IDs for the Elasticsearch domain endpoints to be created in
    • security_group_names: List of VPC Security Group IDs to be applied to the Elasticsearch domain endpoints
  • fine_grained_access
    • fine_grained_access_enabled: Enable fine grained access - true, false.
    • master_user_type: The type of master user - iam_arn, master_user.
    • iam_arn: IAM ARN for the Master user
  • encryption
    • enforce_https: Whether or not to require HTTPS - true, false.
    • node_to_node_encryption_enabled: Whether to enable node-to-node encryption - true, false.
    • data_at_rest_encryption_enabled: Whether to enable encryption at rest - true, false.
  • kms_key_name: The name of KMS key for encryption at rest

Reference Materials