OpenSearch Domain
This example shows a basic open search domain configuration.
OpenSearch resource
- Fully managed OpenSearch (Elastic) cluster.
Basic example
resources:myOpenSearchDomain:type: open-search-domainproperties:# OpenSearch version## - Explicitly specify open-search-domain version to lock it and prevent potential problems when default version changes.# - Currently, default version is `2.17` but this can change with later Stacktape releases.## - Type: enum: [1.0, 1.1, 1.2, 1.3, 2.11, 2.13, 2.15, 2.17, 2.3, 2.5, 2.7, 2.9]# - Required: false# - Allowed values: [1.0, 1.1, 1.2, 1.3, 2.11, 2.13, 2.15, 2.17, 2.3, 2.5, 2.7, 2.9]version: 1.0.0# Configuration of cluster instances## - Cluster config determines size, number and type of instances used in your OpenSearch domain cluster.# - If you do not specify `clusterConfig`, cluster will only contain single `m4.large.search` node.## - Type: object# - Required: falseclusterConfig:# Data node instance type## - Specify `instanceCount` together with `instanceType` to configure data nodes in your cluster.# - Data nodes handle data storage, indexing, and query processing in the cluster.# - For production setups, it's best to pair data nodes with dedicated master nodes to improve cluster stability.# - Check [AWS Docs](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/supported-instance-types.html) for the list of# supported instance types.## - Type: string# - Required: trueinstanceType: example-value# Number of data nodes in your cluster.## - Specify `instanceCount` together with `instanceType` to configure data nodes in your cluster.# - Data nodes handle data storage, indexing, and query processing in the cluster.# - For production setups, it's best to pair data nodes with dedicated master nodes to improve cluster stability.## - Type: number# - Required: trueinstanceCount: 100# Dedicated master node type## - Specify `dedicatedMasterCount` together with `dedicatedMasterType` if you wish to use dedicated master nodes in your cluster.# - Dedicated master nodes manage cluster state and coordinate node activities but do not store data or serve queries.# - Dedicated masters are recommended for clusters with 3+ nodes to improve stability and prevent split-brain scenarios.# - Master instance type must be appropriately sized based on the number of nodes and shards in the cluster ([see AWS guidelines](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/managedomains-dedicatedmasternodes.html#dedicatedmasternodes-instance)).# - Number of masters should always be odd (3, 5, or 7) for quorum-based fault tolerance.# - Adds to cluster cost but improves reliability for larger or mission-critical setups.# - To check recommendations and best practices for dedicated master nodes, see [AWS Docs](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/managedomains-dedicatedmasternodes.html).## - Type: string# - Required: falsededicatedMasterType: example-value# Dedicated master node count## - Specify `dedicatedMasterCount` together with `dedicatedMasterType` if you wish to use dedicated master nodes in your cluster.# - Dedicated master nodes manage cluster state and coordinate node activities but do not store data or serve queries.# - Dedicated masters are recommended for clusters with 3+ nodes to improve stability and prevent split-brain scenarios.# - Master instance type must be appropriately sized based on the number of nodes and shards in the cluster ([see AWS guidelines](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/managedomains-dedicatedmasternodes.html#dedicatedmasternodes-instance)).# - Number of masters should always be odd (3, 5, or 7) for quorum-based fault tolerance.# - Adds to cluster cost but improves reliability for larger or mission-critical setups.# - To check recommendations and best practices for dedicated master nodes, see [AWS Docs](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/managedomains-dedicatedmasternodes.html).## - Type: number# - Required: falsededicatedMasterCount: 100# Warm node type## - Specify `warmType` and `warmCount` properties if you wish to use UltraWarm storage instances for your cluster.# - Warm nodes store infrequently accessed or older data, optimizing costs for time-series or log data.# - Data on warm nodes remains searchable but with higher query latency compared to hot nodes.# - Use Case: Ideal for retaining historical data without impacting the performance of frequently accessed data.# - To learn more about UltraWarm storage and check prerequisites and best practices for dedicated master nodes, see [AWS Docs](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/ultrawarm.html).## - Type: string# - Required: falsewarmType: example-value# Warm node count## - Specify `warmType` and `warmCount` properties if you wish to use UltraWarm storage instances for your cluster.# - Warm nodes store infrequently accessed or older data, optimizing costs for time-series or log data.# - Data on warm nodes remains searchable but with higher query latency compared to hot nodes.# - Use Case: Ideal for retaining historical data without impacting the performance of frequently accessed data.# - To learn more about UltraWarm storage and check prerequisites and best practices for dedicated master nodes, see [AWS Docs](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/ultrawarm.html).## - Type: number# - Required: falsewarmCount: 100# Disables Multi Availability Zone (AZ) cluster## - By default Multi AZ awareness is enabled for any cluster with more than one node.# This means that OpenSearch Service allocates the nodes and replica index shards# across multiple AZs to prevent data loss and minimize downtime in the event of node or data center failure.# - Multi AZ awareness only takes effect for clusters with more than one data node.# - Setting `multiAzDisabled` to `true` and disabling zone awareness for your cluster is **not recommended**.# - To learn more about multi AZ cluster, see [AWS Docs](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/managedomains-multiaz.html).## - Type: boolean# - Required: false# - Default: falsemultiAzDisabled: false# Enable Multi-AZ cluster with Standby## - When enabled, this option ensures high availability and consistent performance by enforcing several best practices such as:# - The nodes and data copies are distributed across three AZs with one of the AZs serving only as a backup.# This ensures that during failure, the standby AZ can jump in without causing re-balancing and availability issues.# - OpenSearch version 1.3 or above# - Auto-Tune enabled on the domain# - Three dedicated master nodes and data nodes# - Only GP3 or SSD-backed instances and a subset of instance types are currently supported.# - To learn more about Multi-AZ with Standby, see [AWS Docs](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/managedomains-multiaz.html).## - Type: boolean# - Required: false# - Default: falsestandbyEnabled: false# Storage configuration## - Storage configuration only supported for instances supporting EBS storage (not with dedicated storage).# - Setting `iops` and `throughput` is only allowed for instances with `gp3` storage type (most new generation instances are `gp3`).## - Type: object# - Required: falsestorage:# Storage size## - The size (in GiB) of the EBS volume for each data node. The minimum and maximum size of an EBS volume depends on the EBS volume# type and the instance type to which it is attached.# - For more information, see [EBS volume size limits](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/limits.html#ebsresource)# in the Amazon OpenSearch Service Developer Guide.## - Type: number# - Required: truesize: 100# Provisioned IOPS (per data node)## - The number of I/O operations per second (IOPS) that the volume supports.# - Applies only to instances with **GP3** volume type.## - Type: number# - Required: false# - Default: 3000iops: 3000# Provisioned throughput (per data node)## - The throughput (in MiB/s) of the EBS volumes attached to data nodes.# - Applies only to instances with **GP3** volume type.## - Type: number# - Required: false# - Default: 125throughput: 125# Specify a name of the cognito user pool resource that you want OpenSearch Service to use for OpenSearch Dashboards authentication.## - Type: string# - Required: falseuserPool: example-value# Log collection configuration## - Stacktape will automatically create required log groups and policies for you.# - You can set custom retention period for the individual log types or disable log collection completely.# - To learn more about log collection, see [AWS Docs](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/createdomain-configure-slow-logs.html).## - Type: object# - Required: falselogging:# Error logs## - Error logs can help with troubleshooting in many situations, including the following:# - Script compilation issues# - Invalid queries# - Indexing issues# - Snapshot failures# - Index State Management migration failures## - If you enable error logs, OpenSearch Service publishes log lines of `WARN`, `ERROR`, and `FATAL` to CloudWatch.# - OpenSearch Service also publishes several exceptions from the DEBUG level, see more [AWS docs](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/createdomain-configure-slow-logs.html).## - Type: object# - Required: falseerrorLogs:# Disable log collection (enabled by default)### - Type: boolean# - Required: false# - Default: falsedisabled: false# Amount of days the logs will be retained in the log group### - Type: enum: [1, 120, 14, 150, 180, 1827, 3, 30, 365, 3653, 400, 5, 545, 60, 7, 731, 90]# - Required: false# - Default: 14# - Allowed values: [1, 120, 14, 150, 180, 1827, 3, 30, 365, 3653, 400, 5, 545, 60, 7, 731, 90]retentionDays: 14# Search slow logs## - Search Slow logs rely on thresholds which define what qualifies as a “slow” search.# - For example, you might decide that a query is slow if it takes more than 15 seconds to complete.# - For more information about slow logs and how to configure thresholds see [OpenSearch docs](https://opensearch.org/docs/latest/monitoring-your-cluster/logs/#slow-logs).## - Type: object# - Required: falsesearchSlowLogs:# Disable log collection (enabled by default)### - Type: boolean# - Required: false# - Default: falsedisabled: false# Amount of days the logs will be retained in the log group### - Type: enum: [1, 120, 14, 150, 180, 1827, 3, 30, 365, 3653, 400, 5, 545, 60, 7, 731, 90]# - Required: false# - Default: 14# - Allowed values: [1, 120, 14, 150, 180, 1827, 3, 30, 365, 3653, 400, 5, 545, 60, 7, 731, 90]retentionDays: 14# Indexing slow logs## - These logs rely on thresholds to define what qualifies as a “slow” indexing operation.# - For example, you might decide that a indexing operation is slow if it takes more than 15 seconds to complete.# - For more information about slow logs and how to configure thresholds see [OpenSearch docs](https://opensearch.org/docs/latest/monitoring-your-cluster/logs/#slow-logs).## - Type: object# - Required: falseindexSlowLogs:# Disable log collection (enabled by default)### - Type: boolean# - Required: false# - Default: falsedisabled: false# Amount of days the logs will be retained in the log group### - Type: enum: [1, 120, 14, 150, 180, 1827, 3, 30, 365, 3653, 400, 5, 545, 60, 7, 731, 90]# - Required: false# - Default: 14# - Allowed values: [1, 120, 14, 150, 180, 1827, 3, 30, 365, 3653, 400, 5, 545, 60, 7, 731, 90]retentionDays: 14# Configures the level of accessibility of the domain## - Use `accessibility` and `accessibilityMode` properties if you wish to restrict access to the domain.# - By default, the domain is accessible from anywhere on the internet (but still protected using IAM).# - You can further restrict this access by making domain available only to resources in your stack's VPC.## - Type: object# - Required: falseaccessibility:# Configures the accessibility mode for this domain## > Note that If you launch a new domain with accessibility mode set to `vpc` or `scoping-workloads-in-vpc`, you can't later switch it to mode `internet`.# > The reverse is also true: If you create a domain with accessibility mode `internet`,# > you can't later place it within a VPC. Instead, you must create a new domain and migrate your data.## The following modes are supported:# - **internet** - Least restrictive mode. The domain can be accessed from anywhere on the internet.# - **vpc** - The domain can be accessed only from resources within your VPC. This# means any [function](https://docs.stacktape.com/compute-resources/lambda-functions) (provided it has `joinDefaultVpc` set to true),# [batch job](https://docs.stacktape.com/compute-resources/batch-jobs),# [container workload](https://docs.stacktape.com/compute-resources/multi-container-workloads) or container service# within your stack can access the cluster (if it also has required credentials).# - **scoping-workloads-in-vpc** - similar to **vpc** mode, but even more restrictive. In addition to being in the same VPC, the resources of your stack# accessing the cluster must also have sufficient security group permissions (for functions, batch jobs and container services, these permissions# can be granted together with IAM permissions using `connectTo` in their configuration).## To learn more about VPCs, refer to [VPC Docs](https://docs.stacktape.com/user-guides/vpcs/).## - Type: enum: [internet, scoping-workloads-in-vpc, vpc]# - Required: true# - Default: internet# - Allowed values: [internet, scoping-workloads-in-vpc, vpc]accessibilityMode: vpc