yandex_mdb_opensearch_cluster (Resource)
Written by
Updated at October 30, 2025
- Example Usage
- Schema
- Required
- Optional
- Read-Only
- Nested Schema for auth_settings
- Nested Schema for auth_settings.saml
- Nested Schema for config
- Nested Schema for config.access
- Nested Schema for config.dashboards
- Nested Schema for config.dashboards.node_groups
- Nested Schema for config.dashboards.node_groups.resources
- Nested Schema for config.opensearch
- Nested Schema for config.opensearch.node_groups
- Nested Schema for config.opensearch.node_groups.disk_size_autoscaling
- Nested Schema for config.opensearch.node_groups.resources
- Nested Schema for maintenance_window
- Nested Schema for timeouts
- Nested Schema for hosts
- Import
Manages a OpenSearch cluster within the Yandex Cloud. For more information, see the official documentation.
Example Usage
//
// Create a new MDB OpenSearch Cluster.
//
resource "yandex_mdb_opensearch_cluster" "my_cluster" {
name = "test"
environment = "PRESTABLE"
network_id = yandex_vpc_network.foo.id
config {
admin_password = "super-password"
opensearch {
node_groups {
name = "group0"
assign_public_ip = true
hosts_count = 1
subnet_ids = ["${yandex_vpc_subnet.foo.id}"]
zone_ids = ["ru-central1-d"]
roles = ["data", "manager"]
resources {
resource_preset_id = "s2.micro"
disk_size = 10737418240
disk_type_id = "network-ssd"
}
}
}
}
maintenance_window {
type = "ANYTIME"
}
}
// Auxiliary resources
resource "yandex_vpc_network" "foo" {}
resource "yandex_vpc_subnet" "foo" {
zone = "ru-central1-d"
network_id = yandex_vpc_network.foo.id
v4_cidr_blocks = ["10.5.0.0/24"]
}
Example of creating a high available OpenSearch Cluster.
//
// Create a new MDB OpenSearch Cluster.
//
locals {
zones = ["ru-central1-a", "ru-central1-b", "ru-central1-d"]
}
resource "yandex_mdb_opensearch_cluster" "my_cluster" {
name = "my-cluster"
environment = "PRODUCTION"
network_id = yandex_vpc_network.es-net.id
config {
admin_password = "super-password"
opensearch {
node_groups {
name = "hot_group0"
assign_public_ip = true
hosts_count = 2
zone_ids = local.zones
roles = ["data"]
resources {
resource_preset_id = "s2.small"
disk_size = 10737418240
disk_type_id = "network-ssd"
}
}
node_groups {
name = "cold_group0"
assign_public_ip = true
hosts_count = 2
zone_ids = local.zones
roles = ["data"]
resources {
resource_preset_id = "s2.micro"
disk_size = 10737418240
disk_type_id = "network-hdd"
}
}
node_groups {
name = "managers_group"
assign_public_ip = true
hosts_count = 3
zone_ids = local.zones
roles = ["manager"]
resources {
resource_preset_id = "s2.micro"
disk_size = 10737418240
disk_type_id = "network-ssd"
}
}
plugins = ["analysis-icu"]
}
dashboards {
node_groups {
name = "dashboards"
assign_public_ip = true
hosts_count = 1
zone_ids = local.zones
resources {
resource_preset_id = "s2.micro"
disk_size = 10737418240
disk_type_id = "network-ssd"
}
}
}
}
auth_settings = {
saml = {
idp_entity_id = "urn:dev.auth0.example.com"
idp_metadata_file_content = "<EntityDescriptor entityID=\"https://test_identity_provider.example.com\"></EntityDescriptor>"
sp_entity_id = "https://test.example.com",
dashboards_url = "https://dashboards.example.com"
}
}
depends_on = [
yandex_vpc_subnet.es-subnet-a,
yandex_vpc_subnet.es-subnet-b,
yandex_vpc_subnet.es-subnet-d,
]
}
// Auxiliary resources
resource "yandex_vpc_network" "es-net" {}
resource "yandex_vpc_subnet" "es-subnet-a" {
zone = "ru-central1-a"
network_id = yandex_vpc_network.es-net.id
v4_cidr_blocks = ["10.1.0.0/24"]
}
resource "yandex_vpc_subnet" "es-subnet-b" {
zone = "ru-central1-b"
network_id = yandex_vpc_network.es-net.id
v4_cidr_blocks = ["10.2.0.0/24"]
}
resource "yandex_vpc_subnet" "es-subnet-d" {
zone = "ru-central1-d"
network_id = yandex_vpc_network.es-net.id
v4_cidr_blocks = ["10.3.0.0/24"]
}
Schema
Required
name(String) Name of the OpenSearch cluster. The name must be unique within the folder.network_id(String) TheVPC Network IDof subnets which resource attached to.
Optional
auth_settings(Attributes) Authentication settings for Dashboards. (see below for nested schema)cluster_id(String) The ID of the OpenSearch cluster that the resource belongs to.config(Block, Optional) Configuration of the OpenSearch cluster. (see below for nested schema)deletion_protection(Boolean) Thetruevalue means that resource is protected from accidental deletion.description(String) The resource description.disk_encryption_key_id(String) ID of the KMS key for cluster disk encryption.environment(String) Deployment environment of the OpenSearch cluster. Can be eitherPRESTABLEorPRODUCTION. Default:PRODUCTION. It is not possible to change this value after cluster creation.folder_id(String) The folder identifier that resource belongs to. If it is not provided, the default providerfolder-idis used.labels(Map of String) A set of key/value label pairs which assigned to resource.maintenance_window(Block, Optional) (see below for nested schema)security_group_ids(Set of String) The list of security groups applied to resource or their components.service_account_id(String) ID of the service account authorized for this cluster.timeouts(Block, Optional) (see below for nested schema)
Read-Only
created_at(String) The creation timestamp of the resource.health(String) Aggregated health of the cluster. Can be eitherALIVE,DEGRADED,DEADorHEALTH_UNKNOWN. For more information seehealthfield of JSON representation in the official documentation.hosts(Attributes List) A hosts of the OpenSearch cluster. (see below for nested schema)id(String) The resource identifier.status(String) Status of the cluster. Can be eitherCREATING,STARTING,RUNNING,UPDATING,STOPPING,STOPPED,ERRORorSTATUS_UNKNOWN. For more information seestatusfield of JSON representation in the official documentation.
Nested Schema for auth_settings
Optional:
saml(Attributes) SAML authentication options. (see below for nested schema)
Nested Schema for auth_settings.saml
Required:
dashboards_url(String) Dashboards URL.enabled(Boolean) Enables SAML authentication.idp_entity_id(String) ID of the SAML Identity Provider.idp_metadata_file_content(String) Metadata file content of the SAML Identity Provider. You can either put file content manually or usefilefunctionsp_entity_id(String) Service provider entity ID.
Optional:
roles_key(String) Roles key.subject_key(String) Subject key.
Nested Schema for config
Required:
admin_password(String, Sensitive) Password for admin user of OpenSearch.
Optional:
access(Block, Optional) Enable access to the Yandex Cloud services. (see below for nested schema)dashboards(Block, Optional) Configuration for Dashboards node groups. (see below for nested schema)opensearch(Block, Optional) Configuration for OpenSearch node groups. (see below for nested schema)version(String) Version of OpenSearch.
Nested Schema for config.access
Optional:
data_transfer(Boolean) Enable access to the Data Transfer service.serverless(Boolean) Enable access to the Cloud Functions service.
Nested Schema for config.dashboards
Optional:
node_groups(Block List) (see below for nested schema)
Nested Schema for config.dashboards.node_groups
Required:
hosts_count(Number) Number of hosts in this node group.name(String) Name of OpenSearch node group.zone_ids(Set of String) A set of availability zones where hosts of node group may be allocated.
Optional:
assign_public_ip(Boolean) Sets whether the hosts should get a public IP address.resources(Block, Optional) Resources allocated to hosts of this OpenSearch node group. (see below for nested schema)subnet_ids(List of String) A set of the subnets, to which the hosts belongs. The subnets must be a part of the network to which the cluster belongs.
Nested Schema for config.dashboards.node_groups.resources
Required:
disk_size(Number) Volume of the storage available to a host, in bytes.disk_type_id(String) Type of the storage of OpenSearch hosts.resource_preset_id(String) The ID of the preset for computational resources available to a host (CPU, memory etc.). For more information, see the official documentation.
Nested Schema for config.opensearch
Optional:
node_groups(Block List) A set of named OpenSearch node group configurations. (see below for nested schema)plugins(Set of String) A set of requested OpenSearch plugins.
Nested Schema for config.opensearch.node_groups
Required:
hosts_count(Number) Number of hosts in this node group.name(String) Name of OpenSearch node group.roles(Set of String) A set of OpenSearch roles assigned to hosts. Available roles are:DATA,MANAGER. Default: [DATA,MANAGER].zone_ids(Set of String) A set of availability zones where hosts of node group may be allocated.
Optional:
assign_public_ip(Boolean) Sets whether the hosts should get a public IP address.disk_size_autoscaling(Attributes) Node group disk size autoscaling settings. (see below for nested schema)resources(Block, Optional) Resources allocated to hosts of this OpenSearch node group. (see below for nested schema)subnet_ids(List of String) A set of the subnets, to which the hosts belongs. The subnets must be a part of the network to which the cluster belongs.
Nested Schema for config.opensearch.node_groups.disk_size_autoscaling
Required:
disk_size_limit(Number) The overall maximum for disk size that limit all autoscaling iterations. See the documentation for details.
Optional:
emergency_usage_threshold(Number) Threshold of storage usage (in percent) that triggers immediate automatic scaling of the storage. Zero value means disabled threshold.planned_usage_threshold(Number) Threshold of storage usage (in percent) that triggers automatic scaling of the storage during the maintenance window. Zero value means disabled threshold.
Nested Schema for config.opensearch.node_groups.resources
Required:
disk_size(Number) Volume of the storage available to a host, in bytes.disk_type_id(String) Type of the storage of OpenSearch hosts.resource_preset_id(String) The ID of the preset for computational resources available to a host (CPU, memory etc.). For more information, see the official documentation.
Nested Schema for maintenance_window
Required:
type(String)
Optional:
day(String)hour(Number)
Nested Schema for timeouts
Optional:
create(String) A string that can be parsed as a duration consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours). A string that can be parsed as a duration consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours).delete(String) A string that can be parsed as a duration consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours). Setting a timeout for a Delete operation is only applicable if changes are saved into state before the destroy operation occurs.update(String) A string that can be parsed as a duration consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours).
Nested Schema for hosts
Optional:
assign_public_ip(Boolean) Sets whether the host should get a public IP address. Can be eithertrueorfalse.subnet_id(String) The ID of the subnet, to which the host belongs. The subnet must be a part of the network to which the cluster belongs.
Read-Only:
fqdn(String) The fully qualified domain name of the host.node_group(String) Name of the node group.roles(Set of String) The roles of the deployed host. Can containDATAand/orMANAGERroles. Will be empty forDASHBOARDStype.type(String) The type of the deployed host. Can be eitherOPENSEARCHorDASHBOARDS.zone(String) The availability zone where the OpenSearch host will be created. For more information see the official documentation.
Import
The resource can be imported by using their resource ID. For getting the resource ID you can use Yandex Cloud Web Console or YC CLI.
# terraform import yandex_mdb_opensearch_cluster.<resource Name> <resource Id>
terraform import yandex_mdb_opensearch_cluster.my_cluster ...