Terraform Level-1 , Task 23: Open Search Setup Using Terraform

suryaeshwaran · June 14, 2025, 9:10am

Hi Team,

Mentioned task has been completed.

Validation Failed with the exception: Resources have not been created using ‘terraform’.

Find the creation outputs:

aws opensearch describe-domain --domain-name xfusion-es

{
“DomainStatus”: {
“DomainId”: “000000000000/xfusion-es”,
“DomainName”: “xfusion-es”,
“ARN”: “arn:aws:es:us-east-1:000000000000:domain/xfusion-es”,
“Created”: true,
“Deleted”: false,
“Endpoint”: “xfusion-es.us-east-1.opensearch.localhost.localstack.cloud:4566”,
“Processing”: false,
“UpgradeProcessing”: false,
“EngineVersion”: “OpenSearch_1.3”,
“ClusterConfig”: {
“InstanceType”: “m3.medium.search”,
“InstanceCount”: 1,
“DedicatedMasterEnabled”: true,
“ZoneAwarenessEnabled”: false,
“DedicatedMasterType”: “m3.medium.search”,
“DedicatedMasterCount”: 1,
“WarmEnabled”: false,
“ColdStorageOptions”: {
“Enabled”: false
}
},
“EBSOptions”: {
“EBSEnabled”: true,
“VolumeType”: “gp2”,
“VolumeSize”: 10,
“Iops”: 0
},
“AccessPolicies”: “”,
“SnapshotOptions”: {
“AutomatedSnapshotStartHour”: 0
},
“CognitoOptions”: {
“Enabled”: false
},
“EncryptionAtRestOptions”: {
“Enabled”: false
},
“NodeToNodeEncryptionOptions”: {
“Enabled”: false
},
“AdvancedOptions”: {
“override_main_response_version”: “false”,
“rest.action.multi.allow_explicit_index”: “true”
},
“ServiceSoftwareOptions”: {
“CurrentVersion”: “”,
“NewVersion”: “”,
“UpdateAvailable”: false,
“Cancellable”: false,
“UpdateStatus”: “COMPLETED”,
“Description”: “There is no software update available for this domain.”,
“AutomatedUpdateDate”: 0.0,
“OptionalDeployment”: true
},
“DomainEndpointOptions”: {
“EnforceHTTPS”: false,
“TLSSecurityPolicy”: “Policy-Min-TLS-1-0-2019-07”,
“CustomEndpointEnabled”: false
},
“AdvancedSecurityOptions”: {
“Enabled”: false,
“InternalUserDatabaseEnabled”: false
},
“AutoTuneOptions”: {
“State”: “ENABLE_IN_PROGRESS”
}
}
}

raymond.baoly · June 16, 2025, 9:28am

Hi @suryaeshwaran,

It is a valid issue, I’ve forwareded to the team and will keep you update.

suryaeshwaran · June 26, 2025, 4:41am

Hi Team,

Please update.

Tej-Singh-Rana · June 26, 2025, 7:48am

Hi @suryaeshwaran ,

The team updated this. Can you please try again and share feedback? Make sure there are no pending changes in terraform plan before submitting the task.

Regards,

suryaeshwaran · July 3, 2025, 6:14am

Hi @Tej-Singh-Rana

Find the terraform manifest used to create the resource.

resource “aws_opensearch_domain” “xfusion_es” {
domain_name = “xfusion-es”

#engine_version = “OpenSearch_1.3” # You can update this to a newer supported version
engine_version = “Elasticsearch_7.10”

cluster_config {
instance_type = “t3.small.search”
instance_count = 1
zone_awareness_enabled = false
}

ebs_options {
ebs_enabled = true
volume_size = 10
volume_type = “gp2”
}

access_policies = jsonencode({
Version = “2012-10-17”
Statement = [
{
Effect = “Allow”
Principal = “"
Action = "es:”
Resource = “arn:aws:es:us-east-1:000000000000:domain/xfusion-es/*”
}
]
})

advanced_options = {
“rest.action.multi.allow_explicit_index” = “true”
}

tags = {
Name = “xfusion-es”
Environment = “dev”
}
}

The resource is created after 10 minutes.
After that I simply waiting for nearly 40 minutes before submit for validation, find the status before submit.

| DescribeDomain |
±------------------------------------------------------------------------------------+
|| DomainStatus ||
|±-------------------±-------------------------------------------------------------+|
|| ARN | arn:aws:es:us-east-1:000000000000:domain/xfusion-es ||
|| AccessPolicies | ||
|| Created | True ||
|| Deleted | False ||
|| DomainId | 000000000000/xfusion-es ||
|| DomainName | xfusion-es ||
|| Endpoint | xfusion-es.us-east-1.es.localhost.localstack.cloud:4566 ||
|| EngineVersion | Elasticsearch_7.10 ||
|| Processing | False ||
|| UpgradeProcessing | False ||
|±-------------------±-------------------------------------------------------------+|
||| AdvancedOptions |||
||±-----------------------------------------------------------------±-------------+||
||| override_main_response_version | false |||
||| rest.action.multi.allow_explicit_index | true |||
||±-----------------------------------------------------------------±-------------+||
||| AdvancedSecurityOptions |||
||±-------------------------------------------------------------±-----------------+||
||| Enabled | False |||
||| InternalUserDatabaseEnabled | False |||
||±-------------------------------------------------------------±-----------------+||
||| AutoTuneOptions |||
||±---------------------±---------------------------------------------------------+||
||| State | ENABLE_IN_PROGRESS |||
||±---------------------±---------------------------------------------------------+||
||| ClusterConfig |||
||±--------------------------------------------±----------------------------------+||
||| DedicatedMasterCount | 1 |||
||| DedicatedMasterEnabled | True |||
||| DedicatedMasterType | m3.medium.search |||
||| InstanceCount | 1 |||
||| InstanceType | m3.medium.search |||
||| WarmEnabled | False |||
||| ZoneAwarenessEnabled | False |||
||±--------------------------------------------±----------------------------------+||
|||| ColdStorageOptions ||||
|||±------------------------------------------±----------------------------------+|||
|||| Enabled | False ||||
|||±------------------------------------------±----------------------------------+|||
||| CognitoOptions |||
||±-------------------------------------------±-----------------------------------+||
||| Enabled | False |||
||±-------------------------------------------±-----------------------------------+||
||| DomainEndpointOptions |||
||±-----------------------------------±-------------------------------------------+||
||| CustomEndpointEnabled | False |||
||| EnforceHTTPS | False |||
||| TLSSecurityPolicy | Policy-Min-TLS-1-0-2019-07 |||
||±-----------------------------------±-------------------------------------------+||
||| EBSOptions |||
||±--------------------------------------------------±----------------------------+||
||| EBSEnabled | True |||
||| Iops | 0 |||
||| VolumeSize | 10 |||
||| VolumeType | gp2 |||
||±--------------------------------------------------±----------------------------+||
||| EncryptionAtRestOptions |||
||±-------------------------------------------±-----------------------------------+||
||| Enabled | False |||
||±-------------------------------------------±-----------------------------------+||
||| NodeToNodeEncryptionOptions |||
||±-------------------------------------------±-----------------------------------+||
||| Enabled | False |||
||±-------------------------------------------±-----------------------------------+||
||| ServiceSoftwareOptions |||
||±---------------------±---------------------------------------------------------+||
||| AutomatedUpdateDate | 0.0 |||
||| Cancellable | False |||
||| CurrentVersion | |||
||| Description | There is no software update available for this domain. |||
||| NewVersion | |||
||| OptionalDeployment | True |||
||| UpdateAvailable | False |||
||| UpdateStatus | COMPLETED |||
||±---------------------±---------------------------------------------------------+||
||| SnapshotOptions |||
||±--------------------------------------------------------------------±----------+||
||| AutomatedSnapshotStartHour | 0 |||
||±--------------------------------------------------------------------±----------+||

Still it show the message : Terraform plan is still showing pending changes, some of the resources may not have been created as expected.

Tej-Singh-Rana · July 3, 2025, 6:24am

HI @suryaeshwaran ,

Could you please use backticks to format the code and output clearly? It’s a bit hard to read as it is. Thank you!!!

Example:

provider "aws" {
  region = "us-east-1"
}

resource "aws_instance" "example" {
  ami           = "ami-0c94855ba95c71c99" # Amazon Linux 2 (check for your region)
  instance_type = "t2.micro"

  tags = {
    Name = "MyExampleInstance"
  }
}

suryaeshwaran · July 3, 2025, 7:14am

Ok

main.tf

resource "aws_opensearch_domain" "xfusion_es" {
  domain_name = "xfusion-es"

  engine_version = "Elasticsearch_7.10"

  cluster_config {
    instance_type = "t3.small.search"
    instance_count = 1
    zone_awareness_enabled = false
  }

  ebs_options {
    ebs_enabled = true
    volume_size = 10
    volume_type = "gp2"
  }

  access_policies = jsonencode({
    Version = "2012-10-17"
    Statement = [
      {
        Effect    = "Allow"
        Principal = "*"
        Action    = "es:*"
        Resource  = "arn:aws:es:us-east-1:000000000000:domain/xfusion-es/*"
      }
    ]
  })

  advanced_options = {
    "rest.action.multi.allow_explicit_index" = "true"
  }

  tags = {
    Name = "xfusion-es"
    Environment = "dev"
  }
}

Output: aws opensearch describe-domain --domain-name xfusion-es --output table

---------------------------------------------------------------------------------------
|                                   DescribeDomain                                    |
+-------------------------------------------------------------------------------------+
||                                   DomainStatus                                    ||
|+--------------------+--------------------------------------------------------------+|
||  ARN               |  arn:aws:es:us-east-1:000000000000:domain/xfusion-es         ||
||  AccessPolicies    |                                                              ||
||  Created           |  True                                                        ||
||  Deleted           |  False                                                       ||
||  DomainId          |  000000000000/xfusion-es                                     ||
||  DomainName        |  xfusion-es                                                  ||
||  Endpoint          |  xfusion-es.us-east-1.es.localhost.localstack.cloud:4566     ||
||  EngineVersion     |  Elasticsearch_7.10                                          ||
||  Processing        |  False                                                       ||
||  UpgradeProcessing |  False                                                       ||
|+--------------------+--------------------------------------------------------------+|
|||                                 AdvancedOptions                                 |||
||+------------------------------------------------------------------+--------------+||
|||  override_main_response_version                                  |  false       |||
|||  rest.action.multi.allow_explicit_index                          |  true        |||
||+------------------------------------------------------------------+--------------+||
|||                             AdvancedSecurityOptions                             |||
||+--------------------------------------------------------------+------------------+||
|||  Enabled                                                     |  False           |||
|||  InternalUserDatabaseEnabled                                 |  False           |||
||+--------------------------------------------------------------+------------------+||
|||                                 AutoTuneOptions                                 |||
||+----------------------+----------------------------------------------------------+||
|||  State               |  ENABLE_IN_PROGRESS                                      |||
||+----------------------+----------------------------------------------------------+||
|||                                  ClusterConfig                                  |||
||+---------------------------------------------+-----------------------------------+||
|||  DedicatedMasterCount                       |  1                                |||
|||  DedicatedMasterEnabled                     |  True                             |||
|||  DedicatedMasterType                        |  m3.medium.search                 |||
|||  InstanceCount                              |  1                                |||
|||  InstanceType                               |  m3.medium.search                 |||
|||  WarmEnabled                                |  False                            |||
|||  ZoneAwarenessEnabled                       |  False                            |||
||+---------------------------------------------+-----------------------------------+||
||||                              ColdStorageOptions                               ||||
|||+-------------------------------------------+-----------------------------------+|||
||||  Enabled                                  |  False                            ||||
|||+-------------------------------------------+-----------------------------------+|||
|||                                 CognitoOptions                                  |||
||+--------------------------------------------+------------------------------------+||
|||  Enabled                                   |  False                             |||
||+--------------------------------------------+------------------------------------+||
|||                              DomainEndpointOptions                              |||
||+------------------------------------+--------------------------------------------+||
|||  CustomEndpointEnabled             |  False                                     |||
|||  EnforceHTTPS                      |  False                                     |||
|||  TLSSecurityPolicy                 |  Policy-Min-TLS-1-0-2019-07                |||
||+------------------------------------+--------------------------------------------+||
|||                                   EBSOptions                                    |||
||+---------------------------------------------------+-----------------------------+||
|||  EBSEnabled                                       |  True                       |||
|||  Iops                                             |  0                          |||
|||  VolumeSize                                       |  10                         |||
|||  VolumeType                                       |  gp2                        |||
||+---------------------------------------------------+-----------------------------+||
|||                             EncryptionAtRestOptions                             |||
||+--------------------------------------------+------------------------------------+||
|||  Enabled                                   |  False                             |||
||+--------------------------------------------+------------------------------------+||
|||                           NodeToNodeEncryptionOptions                           |||
||+--------------------------------------------+------------------------------------+||
|||  Enabled                                   |  False                             |||
||+--------------------------------------------+------------------------------------+||
|||                             ServiceSoftwareOptions                              |||
||+----------------------+----------------------------------------------------------+||
|||  AutomatedUpdateDate |  0.0                                                     |||
|||  Cancellable         |  False                                                   |||
|||  CurrentVersion      |                                                          |||
|||  Description         |  There is no software update available for this domain.  |||
|||  NewVersion          |                                                          |||
|||  OptionalDeployment  |  True                                                    |||
|||  UpdateAvailable     |  False                                                   |||
|||  UpdateStatus        |  COMPLETED                                               |||
||+----------------------+----------------------------------------------------------+||
|||                                 SnapshotOptions                                 |||
||+---------------------------------------------------------------------+-----------+||
|||  AutomatedSnapshotStartHour                                         |  0        |||
||+---------------------------------------------------------------------+-----------+||

raymond.baoly · July 3, 2025, 3:35pm

Hi @suryaeshwaran,

I used your main.tf file and completed the task successfully. Please check note number 3 in the task or you can see it in the screenshot below.

suryaeshwaran · July 3, 2025, 4:12pm

Hi @raymond.baoly

Now i am able to complete the Task, Thanks.