W3cubDocs

/Terraform

aws_elasticsearch_domain_policy

Allows setting policy to an ElasticSearch domain while referencing domain attributes (e.g. ARN)

Example Usage

resource "aws_elasticsearch_domain" "example" {
  domain_name           = "tf-test"
  elasticsearch_version = "2.3"
}

resource "aws_elasticsearch_domain_policy" "main" {
  domain_name = "${aws_elasticsearch_domain.example.domain_name}"

  access_policies = <<POLICIES
{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Action": "es:*",
            "Principal": "*",
            "Effect": "Allow",
            "Condition": {
                "IpAddress": {"aws:SourceIp": "127.0.0.1/32"}
            },
            "Resource": "${aws_elasticsearch_domain.example.arn}/*"
        }
    ]
}
POLICIES
}

Argument Reference

The following arguments are supported:

  • domain_name - (Required) Name of the domain.
  • access_policies - (Optional) IAM policy document specifying the access policies for the domain

© 2018 HashiCorpLicensed under the MPL 2.0 License.
https://www.terraform.io/docs/providers/aws/r/elasticsearch_domain_policy.html