stevewritescode / terraform-provider-elastic-stack Goto Github PK
View Code? Open in Web Editor NEWTerraform provider for the Elastic Stack
Terraform provider for the Elastic Stack
The elasticstack_auth_*
defines the following:
https://www.elastic.co/guide/en/elasticsearch/reference/current/security-api-put-user.html
resource 'elasticstack_auth_user' '<name>' {
metadata {
# variable key/value pair
}
email string
full_name string
password string
password_hash string
roles []string
}
Rules
password
, password_hash
. See description under password_hash
in see https://www.elastic.co/guide/en/elasticsearch/reference/current/security-api-put-user.html for more informationhttps://www.elastic.co/guide/en/elasticsearch/reference/current/security-api-put-role.html
resource 'elasticstack_auth_role' '<name>' {
metadata {
# variable key/pair
}
cluster_privileges []string
run_as_privileges []string
index_privileges []{
indices []string
privileges []string
field_privileges {
granted_fields []string
denied_fields []string
}
granted_documents_query {
# variable key/value pair
}
}
kibana_privileges []{
grant_all {
spaces []string
}
grant_read {
spaces []string
}
grant_custom {
spaces []string
custom_feature_privileges []{
features []enum
grant enum
sub_feature_privileges {
short_url boolean
store_search_session boolean
}
}
}
}
}
Rules
kibana_privileges
, exactly one of the following must be defined: grant_all
, grant_read
, grant_custom
kibana_privileges.grant_custom.custom_feature_privileges.features
value enum's list: discover
, dashboard
, canvas
, maps
, machine-learning
, graph
, visualize-library
, logs
, metrics
, apm-and-users-experience
, uptime
, security
, dev-tools
, advanced-settings
, index-pattern-managegement
, saved-objects-management
, fleet
, actions-and-connectors
, stack-alerts
, stack-monitoring
kibana_privileges.grant_custom.custom_feature_privileges.grant
value enum's list: all
, read
, none
(discuss: should we explicitly add a none
or the absence implies none?)kibana_privileges.grant_custom.custom_feature_privileges.short_url
is only supported when the feature is one of: discover
, dashboard
, visualize-library
kibana_privileges.grant_custom.custom_feature_privileges.store_search_session
is only supported when the feature is one of: discover
, dashboard
resource 'elasticstack_auth_role_mapping' '<name>' {
roles []string
rules []string {
user_field enum
type enum
text_value string
number_value number
boolean_value boolean
}
}
Rules:
rules.user_field
value enum's list: username
, dn
, groups
, realm.name
rules.type
value enum's list: text
, number
, is-null
, boolean
rules
, at most one of: text_value
, number_value
or boolean_value
depending if type
is text
, number
or boolean
. In case type
is is-null
then no *_value
field can be definedhttps://www.elastic.co/guide/en/elasticsearch/reference/current/security-api-create-api-key.html
resource 'elasticstack_auth_apikey' '<name>' {
expiration string
role_descriptors {
# key/value pair "role_name" -> "role_def" see definition of `Role`
}
}
A few important aspects of data management are buried down in index settings. I propose we review those settings and pull it to the root of the resource definition for better UX.
This is not an exhaustive and there should be more to define:
lifecycle_policy
: index.lifecycle.name
ingest_pipeline { default, final }
: index.default_pipeline
, index.final_pipeline
resource 'elasticstack_fleet_agent_policy' '<name>' {
description string
namespace string
agent_monitoring {
collect_logs boolean
collect_metrics boolean
}
}
resource 'elasticstack_fleet_enrollment_key' '<name>' {
policy_id string
}
resource elasticstack_fleet_integration_<type>' '<name>' {
policy_id string
description string
namespace string
}
system
, 'endpoint_security`resource 'elasticstack_fleet_integration_system` '<name>' {
logs {
auth {
paths []string
}
syslog {
paths []string
}
windows {
application boolean
security boolean
system boolean
}
}
metrics {
cpu {
period string
metrics []string
}
diskio {
period string
include_devices []string
}
filesystem {
period string
processors []{
# variable key/value pair - This is the processors chain definition as in a regular Beat, so we should be able to represent this is a JSON then serialize it as YAML string.
}
}
fsstat {
period string
processors []{
# see filesystem.processors above
}
}
load {
period string
}
memory {
period string
}
network {
period string
}
process {
period string
include_top_n {
by_cpu integer
by_memory integer
}
cmdline_cache boolean
cgroup_reporting boolean
env_whitelist string
include_cpu_ticks boolean
processes []string
}
process_summary {
period string
}
socket_summary {
period string
}
uptime {
period string
}
}
}
resource 'elasticstack_fleet_integration_elastic_endpoint_security' '<name>' {
protections {
malware {
level string
notify_user boolean
custom_user_notification_message string
}
ransomware {
level string
notify_user boolean
custom_user_notification_message string
}
}
settings {
register_as_windows_antivirus boolean
event_collection []{
target_operating_systems []string
events []string
}
extended []{
key string
value string
}
}
}
Rules:
(malware|ransomware).level
, the following values are supported: detect
, prevent
settings.event_collection.target_operating_systems
, the following values are supported: mac
, linux
, windows
settings.event_collectio.events
, the following values are supported on a per target OS basis:
mac
, linux
and windows
:
file
process
network
windows
:
dll_and_driver_load
dns
registry
security
The elasticstack_data_*
defines the following:
https://www.elastic.co/guide/en/elasticsearch/reference/current/indices-put-template.html
resource 'elasticstack_data_index_template' '<name>' {
index_patterns []string
priority integer
version integer
metadata {
# variable key/value pair
}
composed_of []string
data_stream {
hidden boolean
}
template {
settings {
# variable key/value pair - Should we force the usage of flat settings?
}
aliases {
# key/value pair "alias_name" -> "alias_def" see https://www.elastic.co/guide/en/elasticsearch/reference/current/indices-aliases.html
}
mappings {
# see https://www.elastic.co/guide/en/elasticsearch/reference/current/indices-put-mapping.html
}
}
}
resource 'elasticstack_data_component_template' '<name>' {
# defines only "template" field from Index Template
}
https://www.elastic.co/guide/en/elasticsearch/reference/current/ilm-put-lifecycle.html
resource 'elasticstack_data_index_lifecycle_policy' '<name>' {
hot_phase {
keep_data_forever boolean
set_read_only boolean
index_priority integer
force_merge {
number_of_segments integer
}
shrink {
number_of_primary_shards integer
}
rollover {
max_index_size string
max_documents integer
max_age string
}
searchable_snapshot {
repository_name string
}
}
warm_phase {
move_data_into_phase_when string
keep_data_forever boolean
set_read_only boolean
index_priority integer
replicas {
number_of_replicas integer
}
force_merge {
number_of_segments integer
}
shrink {
number_of_primary_shards integer
}
data_allocation {
custom {
# variable key/value pair
}
}
}
cold_phase {
move_data_into_phase_when string
keep_data_forever boolean
set_read_only boolean
index_priority integer
freeze_index boolean
replicas {
number_of_replicas integer
}
force_merge {
number_of_segments integer
}
data_allocation {
custom {
# variable key/value pair
}
}
searchable_snapshot {
repository_name string
}
}
}
https://www.elastic.co/guide/en/elasticsearch/reference/current/snapshots-register-repository.html
resource 'elasticstack_data_snapshot_repository' '<name>' {
type string
settings {
# variable key/value pair
}
}
The following defines the elasticstack
provider schema:
provider 'elasticstack' {
cloud_id string
auth {
basic {
username string
password string
}
apikey string
}
endpoint {
elasticsearch string
kibana string
}
}
Rules:
cloud_id
, endpoint
.auth
, exactly one of the following must be defined: basic
, apikey
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.