Added AutoTune support

README.md

@@ -214,6 +214,7 @@ Available targets:
 | <a name="input_advanced_security_options_master_user_password"></a> [advanced\_security\_options\_master\_user\_password](#input\_advanced\_security\_options\_master\_user\_password) | Master user password (applicable if advanced\_security\_options\_internal\_user\_database\_enabled set to true) | `string` | `""` | no |
 | <a name="input_allowed_cidr_blocks"></a> [allowed\_cidr\_blocks](#input\_allowed\_cidr\_blocks) | List of CIDR blocks to be allowed to connect to the cluster | `list(string)` | `[]` | no |
 | <a name="input_attributes"></a> [attributes](#input\_attributes) | ID element. Additional attributes (e.g. `workers` or `cluster`) to add to `id`,<br>in the order they appear in the list. New attributes are appended to the<br>end of the list. The elements of the list are joined by the `delimiter`<br>and treated as a single ID element. | `list(string)` | `[]` | no |
+| <a name="input_auto_tune"></a> [auto\_tune](#input\_auto\_tune) | This object represents the auto\_tune configuration. It contains the following filed:<br>- enabled - Whether to enable autotune.<br>- rollback\_on\_disable - Whether to roll back to default Auto-Tune settings when disabling Auto-Tune.<br>- starting\_time - Date and time at which to start the Auto-Tune maintenance schedule in RFC3339 format. Time should be in the future.<br>- cron\_schedule - A cron expression specifying the recurrence pattern for an Auto-Tune maintenance schedule.<br>- duration - Autotune maintanance window duration time in hours. | <pre>object({<br>    enabled             = bool<br>    rollback_on_disable = string<br>    starting_time       = string<br>    cron_schedule       = string<br>    duration            = number<br>  })</pre> | <pre>{<br>  "cron_schedule": null,<br>  "duration": null,<br>  "enabled": false,<br>  "rollback_on_disable": "NO_ROLLBACK",<br>  "starting_time": null<br>}</pre> | no |
 | <a name="input_automated_snapshot_start_hour"></a> [automated\_snapshot\_start\_hour](#input\_automated\_snapshot\_start\_hour) | Hour at which automated snapshots are taken, in UTC | `number` | `0` | no |
 | <a name="input_availability_zone_count"></a> [availability\_zone\_count](#input\_availability\_zone\_count) | Number of Availability Zones for the domain to use. | `number` | `2` | no |
 | <a name="input_aws_ec2_service_name"></a> [aws\_ec2\_service\_name](#input\_aws\_ec2\_service\_name) | AWS EC2 Service Name | `list(string)` | <pre>[<br>  "ec2.amazonaws.com"<br>]</pre> | no |

docs/terraform.md

@@ -51,6 +51,7 @@
 | <a name="input_advanced_security_options_master_user_password"></a> [advanced\_security\_options\_master\_user\_password](#input\_advanced\_security\_options\_master\_user\_password) | Master user password (applicable if advanced\_security\_options\_internal\_user\_database\_enabled set to true) | `string` | `""` | no |
 | <a name="input_allowed_cidr_blocks"></a> [allowed\_cidr\_blocks](#input\_allowed\_cidr\_blocks) | List of CIDR blocks to be allowed to connect to the cluster | `list(string)` | `[]` | no |
 | <a name="input_attributes"></a> [attributes](#input\_attributes) | ID element. Additional attributes (e.g. `workers` or `cluster`) to add to `id`,<br>in the order they appear in the list. New attributes are appended to the<br>end of the list. The elements of the list are joined by the `delimiter`<br>and treated as a single ID element. | `list(string)` | `[]` | no |
+| <a name="input_auto_tune"></a> [auto\_tune](#input\_auto\_tune) | This object represents the auto\_tune configuration. It contains the following filed:<br>- enabled - Whether to enable autotune.<br>- rollback\_on\_disable - Whether to roll back to default Auto-Tune settings when disabling Auto-Tune.<br>- starting\_time - Date and time at which to start the Auto-Tune maintenance schedule in RFC3339 format. Time should be in the future.<br>- cron\_schedule - A cron expression specifying the recurrence pattern for an Auto-Tune maintenance schedule.<br>- duration - Autotune maintanance window duration time in hours. | <pre>object({<br>    enabled             = bool<br>    rollback_on_disable = string<br>    starting_time       = string<br>    cron_schedule       = string<br>    duration            = number<br>  })</pre> | <pre>{<br>  "cron_schedule": null,<br>  "duration": null,<br>  "enabled": false,<br>  "rollback_on_disable": "NO_ROLLBACK",<br>  "starting_time": null<br>}</pre> | no |
 | <a name="input_automated_snapshot_start_hour"></a> [automated\_snapshot\_start\_hour](#input\_automated\_snapshot\_start\_hour) | Hour at which automated snapshots are taken, in UTC | `number` | `0` | no |
 | <a name="input_availability_zone_count"></a> [availability\_zone\_count](#input\_availability\_zone\_count) | Number of Availability Zones for the domain to use. | `number` | `2` | no |
 | <a name="input_aws_ec2_service_name"></a> [aws\_ec2\_service\_name](#input\_aws\_ec2\_service\_name) | AWS EC2 Service Name | `list(string)` | <pre>[<br>  "ec2.amazonaws.com"<br>]</pre> | no |

main.tf

@@ -159,6 +159,23 @@ resource "aws_elasticsearch_domain" "default" {
     }
   }
 
+  dynamic "auto_tune_options" {
+    for_each = var.auto_tune.enabled ? [true] : []
+    content {
+      desired_state       = "ENABLED"
+      rollback_on_disable = var.auto_tune.rollback_on_disable
+      maintenance_schedule {
+        # Required until https://github.com/hashicorp/terraform-provider-aws/issues/22239 would be resolved
+        start_at = var.auto_tune.starting_time == null ? timeadd(timestamp(), "1h") : var.auto_tune.starting_time
+        duration {
+          value = var.auto_tune.duration
+          unit  = "HOURS"
+        }
+        cron_expression_for_recurrence = var.auto_tune_cron_schedule
+      }
+    }
+  }
+
   node_to_node_encryption {
     enabled = var.node_to_node_encryption_enabled
   }
@@ -296,4 +313,4 @@ module "kibana_hostname" {
   records = [join("", aws_elasticsearch_domain.default.*.endpoint)]
 
   context = module.this.context
-}
+}

variables.tf

@@ -363,3 +363,45 @@ variable "custom_endpoint_certificate_arn" {
   description = "ACM certificate ARN for custom endpoint."
   default     = ""
 }
+
+variable "auto_tune" {
+  type = object({
+    enabled             = bool
+    rollback_on_disable = string
+    starting_time       = string
+    cron_schedule       = string
+    duration            = number
+  })
+
+  default = {
+    enabled             = false
+    rollback_on_disable = "NO_ROLLBACK"
+    starting_time       = null
+    cron_schedule       = null
+    duration            = null
+  }
+
+  description = <<-EOT
+    This object represents the auto_tune configuration. It contains the following filed:
+    - enabled - Whether to enable autotune.
+    - rollback_on_disable - Whether to roll back to default Auto-Tune settings when disabling Auto-Tune.
+    - starting_time - Date and time at which to start the Auto-Tune maintenance schedule in RFC3339 format. Time should be in the future.
+    - cron_schedule - A cron expression specifying the recurrence pattern for an Auto-Tune maintenance schedule.
+    - duration - Autotune maintanance window duration time in hours.
+  EOT
+
+  validation {
+    condition     = var.auto_tune.enabled == false || var.auto_tune.cron_schedule != null
+    error_message = "Variable auto_tune.cron_schedule should be set if var.auto_tune.enabled == true."
+  }
+
+  validation {
+    condition     = var.auto_tune.enabled == false || var.auto_tune.duration != null
+    error_message = "Variable auto_tune.duration should be set if var.auto_tune.enabled == true."
+  }
+
+  validation {
+    condition     = contains(["DEFAULT_ROLLBACK", "NO_ROLLBACK"], var.auto_tune.rollback_on_disable)
+    error_message = "Variable auto_tune.rollback_on_disable valid values: DEFAULT_ROLLBACK or NO_ROLLBACK."
+  }
+}