You must be logged in to view saved presets
OpenSearch Domain with Custom Access Policy
Configures an OpenSearch domain with a custom access policy using IAM policy documents.
Terraform Template
variable "domain" {
default = "tf-test"
}
data "aws_caller_identity" "current" {
}
data "aws_iam_policy_document" "example" {
statement {
actions = ["es:*"]
condition {
test = "IpAddress"
values = ["66.193.100.22/32"]
variable = "aws:SourceIp"
}
effect = "Allow"
principals {
identifiers = [*]
type = *
}
resources = ["arn:aws:es:${data.aws_region.current.name}:${data.aws_caller_identity.current.account_id}:domain/${var.domain}/*"]
}
}
data "aws_region" "current" {
}
resource "aws_opensearch_domain" "example" {
access_policies = data.aws_iam_policy_document.example.json
domain_name = "var.domain"
}
© 2024 asecurecloud. All rights reserved.