Link Search Menu Expand Document



The Provose elasticsearch_clusters creates Elasticsearch clusters on the Amazon Elasticsearch Service.


Running a single node of Elasticsearch 7.1

module "myproject" {
  source = ""
  provose_config = {
    authentication = {
      aws = {
        region = "us-east-1"
    name                 = "myproject"
    internal_root_domain = ""
    internal_subdomain   = "production"
  elasticsearch_clusters = {
    # This creates one Elasticsearch cluster named `ecsluster`
    escluster = {
      engine_version = "7.1"
      instances = {
        instance_type           = "t2.small.elasticsearch"
        instance_count          = 1
        storage_per_instance_gb = 20


  • engine_versionRequired. The version of Elasticsearch to deploy, like "7.4". You can find the currently-available versions of Elasticsearch on the AWS website here.

  • instancesRequired. Settings for the instances running Elasticsearch.

    • instance_typeRequired. The Elasticsearch-specific instance type, such as "t2.small.elasticsearch". You can find a list of supported instance types on the AWS Elasticsearch service pricing page.

    • instance_countRequired. The number of instances to deploy for the Elasticsearch cluster.

    • storage_per_instance_gbRequired. The amount of storage to provision–in gigabytes–for each instance in the cluster.


  • elasticsearch_clusters.aws_security_group.elasticsearch – The AWS security group used to govern access to the Elasticsearch cluster.

  • elasticsearch_clusters.aws_elasticsearch_domain.elasticsearch – The aws_elasticsearch_domain object that defines the Elasticsearch cluster.

  • elasticsearch_clusters.aws_lb_listener_rule.elasticsearch – The listener rule for the AWS Application Load Balancer (ALB) that redirects DNS names to the cluster. This is for the VPC-only ALB that Provose provisions.

  • elasticsearch_clusters.aws_route53_record.elasticsearch – The Route 53 DNS record that gives a friendly DNS name to the Elasticsearch cluster.

  • elasticsearch_clusters.aws_route53_record.es_kibana – The Route 53 DNS record that gives a friendly DNS name to the Kibana endpoint.

Implementation details

How DNS works for Provose Elasticsearch clusters

The Amazon Elasticsearch service creates long and hard-to-remember names for clusters and their associated Kibana dashboards.

Provose sets up an internal Application Load Balancer to map an easy-to-remember DNS name name to the cluster. This DNS name, load balancer, Elasticsearch cluster, and Kibana dashboard is not available on the public Internet. For security reasons, they are all only available within the VPC that Provose creates for Elasticsearch cluster.

The internal Application Load Balance redirects requests to the Elasticsearch cluster or Kibana dashboard via an HTTP 301 redirect. Some Elasticsearch clients–such as the one Logstash uses–will treat the HTTP 301 code as an error as opposed to following the redirect. For these clients, you will need to use the DNS name for the Elasticsearch cluster or the Kibana dashboard set by AWS.

The differences between Amazon Elasticsearch Service and’s Elasticsearch

Elasticsearch is an open-source search engine and database that is primarily maintained by the company Elastic NV.

Elastic has created various proprietary add-ons for Elasticsearch. These are generally not available on the AWS Elasticsearch Service. However, Amazon has developed many equivalent features and released them under the Apache 2.0 license as the Open Distro for Elasticsearch.

If the Open Distro does not fit your needs and you want to use Elastic’s proprietary features, Provose’s elasticsearch_clusters module will not be able to fulfill your needs.