Upgrade the TF module minimal to Terraform 0.12+

Author: timoa

minimal/README.md

@@ -0,0 +1,31 @@
+# Terraform Elasticsearch Single Node on AWS
+
+Example of the creation of an AWS Elasticsearch single node with Terraform
+
+## Includes
+
+- Create an AWS Elasticsearch Service instance (managed by AWS)
+- Deploy the Elasticsearch instance under your default VPC
+- Encryption with a KMS custom key (let you manage the usage of the KMS key)
+- Accessible only from your office/home public IP
+
+## Improvements
+
+This project is just a minimal example of how to deploy an AWS Elasticsearch service instance with a single node with the minimum of security.
+
+This Terraform module can also be improved by adding this changes:
+
+- Support for multiple environments (distinct name and tags between environment)
+- Support for Route 53 (by adding an alias to an existing Route 53 zone)
+
+```bash
+module "es-single-node" {
+  source = "git::https://github.com/timoa/terraform-elastic-single-node/minimal"
+
+  name                      = "es-single-node-example"
+
+  # Need to be greater than t2 since it doesn't support encryption
+  instance_type             = "m4.large.elasticsearch"
+
+}
+```

minimal/main.tf

@@ -17,25 +17,25 @@ module "security" {
   source = "./modules/security"
 
   # Tags
-  tags = "${var.tags}"
+  tags = var.tags
 }
 
 module "elasticsearch" {
   source = "./modules/elasticsearch"
 
   # Global
-  aws_region = "${var.aws_region}"
+  aws_region = var.aws_region
 
   # Security
-  my_public_ip          = "${var.my_public_ip}"
-  encryption_kms_key_id = "${module.security.elasticsearch_kms_key_id}"
+  my_public_ip          = var.my_public_ip
+  encryption_kms_key_id = module.security.elasticsearch_kms_key_id
 
   # Elasticsearch
-  domain_name           = "${var.domain_name}"
-  elasticsearch_version = "${var.elasticsearch_version}"
-  instance_type         = "${var.instance_type}"
-  volume_size           = "${var.volume_size}"
+  domain_name           = var.domain_name
+  elasticsearch_version = var.elasticsearch_version
+  instance_type         = var.instance_type
+  volume_size           = var.volume_size
 
   # Tags
-  tags = "${var.tags}"
+  tags = var.tags
 }

minimal/modules/elasticsearch/main.tf

@@ -5,20 +5,20 @@ data "aws_caller_identity" "current" {}
 
 resource "aws_elasticsearch_domain" "elasticsearch" {
   # Name of the Elasticsearch cluster (domain)
-  domain_name = "${var.domain_name}"
+  domain_name = var.domain_name
 
   # Elasticsearch version (last supported by AWS is 6.3)
-  elasticsearch_version = "${var.elasticsearch_version}"
+  elasticsearch_version = var.elasticsearch_version
 
   # Encryption of the Elasticsearch instance volume with a KMS CMK
   encrypt_at_rest {
     enabled    = "true"
-    kms_key_id = "${var.encryption_kms_key_id}"
+    kms_key_id = var.encryption_kms_key_id
   }
 
   cluster_config {
     # Instance type of the data node in the cluster
-    instance_type = "${var.instance_type}"
+    instance_type = var.instance_type
 
     # Number of instances in the cluster (single node = 1)
     instance_count = "1"
@@ -53,15 +53,15 @@ resource "aws_elasticsearch_domain" "elasticsearch" {
   }
   POLICY
 
-  advanced_options {
+  advanced_options = {
     "rest.action.multi.allow_explicit_index" = "true"
     "indices.query.bool.max_clause_count"    = "1024"
   }
 
   ebs_options {
     ebs_enabled = true
     volume_type = "gp2"
-    volume_size = "${var.volume_size}"
+    volume_size = var.volume_size
   }
 
   snapshot_options {
@@ -70,8 +70,8 @@ resource "aws_elasticsearch_domain" "elasticsearch" {
   }
 
   # Tags
-  tags = "${merge(var.tags, map(
+  tags = merge(var.tags, map(
     "Name", "elasticsearch-es",
-    "Domain", "${var.domain_name}"
-  ))}"
+    "Domain", var.domain_name
+  ))
 }

minimal/modules/elasticsearch/outputs.tf

@@ -1,19 +1,19 @@
 output "elasticsearch_endpoint" {
   description = "Domain-specific endpoint used to submit index, search, and data upload requests"
-  value       = "${aws_elasticsearch_domain.elasticsearch.endpoint}"
+  value       = aws_elasticsearch_domain.elasticsearch.endpoint
 }
 
 output "elasticsearch_arn" {
   description = "Amazon Resource Name (ARN) of the domain"
-  value       = "${aws_elasticsearch_domain.elasticsearch.arn}"
+  value       = aws_elasticsearch_domain.elasticsearch.arn
 }
 
 output "elasticsearch_domain_id" {
   description = "Unique identifier for the domain"
-  value       = "${aws_elasticsearch_domain.elasticsearch.domain_id}"
+  value       = aws_elasticsearch_domain.elasticsearch.domain_id
 }
 
 output "elasticsearch_kibana_endpoint" {
   description = "Domain-specific endpoint for kibana without https scheme"
-  value       = "${aws_elasticsearch_domain.elasticsearch.kibana_endpoint}"
+  value       = aws_elasticsearch_domain.elasticsearch.kibana_endpoint
 }

minimal/modules/security/main.tf

@@ -2,12 +2,12 @@ resource "aws_kms_key" "elasticsearch_kms_key" {
   description = "KMS key used to encrypt the Elasticsearch volume"
 
   # Tags
-  tags = "${merge(var.tags, map(
+  tags = merge(var.tags, map(
     "Name", "elasticsearch-kms"
-  ))}"
+  ))
 }
 
 resource "aws_kms_alias" "key" {
   name          = "alias/elasticsearch-kms"
-  target_key_id = "${aws_kms_key.elasticsearch_kms_key.key_id}"
+  target_key_id = aws_kms_key.elasticsearch_kms_key.key_id
 }

minimal/modules/security/outputs.tf

@@ -1,4 +1,4 @@
 output "elasticsearch_kms_key_id" {
   description = "Elasticsearch KMS Key ID"
-  value       = "${aws_kms_key.elasticsearch_kms_key.key_id}"
+  value       = aws_kms_key.elasticsearch_kms_key.key_id
 }

minimal/outputs.tf

@@ -1,9 +1,9 @@
 output "elasticsearch_endpoint" {
   description = "Elasticsearch public endpoint"
-  value       = "${module.elasticsearch.elasticsearch_endpoint}"
+  value       = module.elasticsearch.elasticsearch_endpoint
 }
 
 output "elasticsearch_kibana_endpoint" {
   description = "Elasticsearch Kibana public endpoint"
-  value       = "${module.elasticsearch.elasticsearch_kibana_endpoint}"
+  value       = module.elasticsearch.elasticsearch_kibana_endpoint
 }

minimal/provider.tf

@@ -1,4 +1,12 @@
 provider "aws" {
-  region  = "${var.aws_region}"
-  version = "~> 1.55"
+  region  = var.aws_region
+  version = "~> 2.7"
+}
+
+provider "template" {
+  version = "~> 2.1"
+}
+
+provider "null" {
+  version = "~> 2.1"
 }

minimal/variables.tf

@@ -22,7 +22,7 @@ variable "domain_name" {
 }
 
 variable "elasticsearch_version" {
-  default     = "6.3"
+  default     = "6.8"
   description = "Elastic Search Service cluster version number."
   type        = "string"
 }