My Saved Presets
You must be logged in to view saved presets

Loading Library ...

Enabling Fine-Grained Access Control on OpenSearch

Demonstrates the configuration of an OpenSearch domain with and without fine-grained access control.

example

aws_opensearch_domain


advanced_security_options
master_user_options



auto_tune_options
maintenance_schedule

duration

cluster_config
cold_storage_options


zone_awareness_config
cognito_options



domain_endpoint_options



ebs_options


encrypt_at_rest

log_publishing_options

node_to_node_encryption
snapshot_options
software_update_options
vpc_options

security_group_ids

subnet_ids

off_peak_window_options
off_peak_window
window_start_time

depends_on


lifecycle

ignore_changes

replace_triggered_by

precondition


postcondition



Terraform Template

resource "aws_opensearch_domain" "example" {

  advanced_security_options {
    anonymous_auth_enabled = true
    enabled = false
    internal_user_database_enabled = true

    master_user_options {
      master_user_name = "example"
      master_user_password = "Barbarbarbar1!"
    }
  }

  cluster_config {
    instance_type = "r5.large.search"
  }

  domain_endpoint_options {
    enforce_https = true
    tls_security_policy = "Policy-Min-TLS-1-2-2019-07"
  }
  domain_name = "ggkitty"

  ebs_options {
    ebs_enabled = true
    volume_size = 10
  }

  encrypt_at_rest {
    enabled = true
  }
  engine_version = "Elasticsearch_7.1"

  node_to_node_encryption {
    enabled = true
  }
}

© 2024 asecurecloud. All rights reserved.