Merge pull request #21 from egarbi/Improves_testing_case

egarbi · web-flow · commit 2328d90c6aca · 2019-11-04T14:46:37.000+01:00
Improves/Update testing case
diff --git a/README.md b/README.md
@@ -4,12 +4,16 @@ AWS Elasticsearch Service Terraform Module
 Usage:
 
 ```hcl
+data "aws_region" "current" {}
+
+data "aws_caller_identity" "current" {}
+
 module "es-cluster" {
   source = "git::https://github.com/egarbi/terraform-aws-es-cluster"
 
   name                      = "example"
   vpc_id                    = "vpc-xxxxx"
-  subnet_ids                = [ "subnet-one","subnet-two"]
+  subnet_ids                = [ "subnet-one" ]
   zone_id                   = "ZA863HSKDDD9"
   itype                     = "m4.large.elasticsearch"
   ingress_allow_cidr_blocks = [ "10.20.0.0/16", "10.22.0.0/16" ]
@@ -21,9 +25,7 @@ module "es-cluster" {
             "Action": "es:*",
             "Principal": "*",
             "Effect": "Allow",
-            "Condition": {
-                "IpAddress": {"aws:SourceIp": ["66.193.100.22/32"]}
-            }
+            "Resource": "arn:aws:es:${data.aws_region.current.name}:${data.aws_caller_identity.current.account_id}:domain/example/*"
         }
     ]
 }
diff --git a/example/main.tf b/example/main.tf
@@ -21,15 +21,21 @@ data "aws_route53_zone" "selected" {
   name         = "qndesign.studio"
 }
 
+data "aws_region" "current" {}
+
+data "aws_caller_identity" "current" {}
+
 module "es-cluster" {
   source = "../"
 
   name                      = "example"
   vpc_id                    = "${data.aws_vpc.default.id}"
-  subnet_ids                = "${tolist(data.aws_subnet_ids.default.ids)}" 
+  subnet_ids                = [ "${data.aws_subnet.default.0.id}", "${data.aws_subnet.default.1.id}" ]
   zone_id                   = "${data.aws_route53_zone.selected.zone_id}"
   itype                     = "m4.large.elasticsearch"
-  ingress_allow_cidr_blocks = "${tolist(data.aws_subnet.default.*.cidr_block)}"
+  icount                    = 2
+  zone_awareness            = true
+  ingress_allow_cidr_blocks = [ "${data.aws_vpc.default.cidr_block}" ]
   access_policies           = <<CONFIG
 {   
     "Version": "2012-10-17",
@@ -38,9 +44,7 @@ module "es-cluster" {
             "Action": "es:*",
             "Principal": "*",
             "Effect": "Allow",
-            "Condition": {
-                "IpAddress": {"aws:SourceIp": ["156.114.160.31/32"]}
-            }
+            "Resource": "arn:aws:es:${data.aws_region.current.name}:${data.aws_caller_identity.current.account_id}:domain/example/*"
         }
     ]
 }
