From 447a73176ef7ac502a2053e816d70b6ee645dacc Mon Sep 17 00:00:00 2001
From: marcusnogueira <marcus.nogueira@dnx.solutions>
Date: Thu, 10 Aug 2023 20:47:23 +1000
Subject: [PATCH 1/3] Adding option to multiple logs

---
 _variables.tf | 16 ++++++++++++++++
 main.tf       | 13 +++++++++----
 2 files changed, 25 insertions(+), 4 deletions(-)

diff --git a/_variables.tf b/_variables.tf
index 5eb6763..1c05c8e 100644
--- a/_variables.tf
+++ b/_variables.tf
@@ -116,6 +116,12 @@ variable "saml_roles_key" {
   default     = ""
 }
 
+variable "enable_saml_options" {
+  description = "Enable or not saml options"
+  type        = string
+  default     = true
+}
+
 variable "saml_entity_id" {
   description = "The unique Entity ID of the application in SAML Identity Provider."
   type        = string
@@ -209,4 +215,14 @@ variable "allow_cidrs" {
   }))
   description = "List of CIDR to allow connection to this Cluster"
   default     = []
+}
+
+variable "log_publishing_options" {
+  description = "A list of maps containing log publishing options."
+  type = list(object({
+    enable                  = bool
+    cloudwatch_log_group_arn = string
+    log_type                = string
+  }))
+  default = []
 }
\ No newline at end of file
diff --git a/main.tf b/main.tf
index f5a6482..9e1a3bd 100644
--- a/main.tf
+++ b/main.tf
@@ -77,11 +77,15 @@ resource "aws_elasticsearch_domain" "opensearch" {
     iops        = var.ebs_iops
   }
 
-  log_publishing_options {
-    enabled                   = var.log_publishing_options_enable
-    cloudwatch_log_group_arn  = var.log_publishing_options_cloudwatch_log_group_arn
-    log_type                  = var.log_publishing_options_log_type
+dynamic "log_publishing_options" {
+  for_each = var.log_publishing_options
+
+  content {
+    enabled                   = log_publishing_options.value.enable
+    cloudwatch_log_group_arn  = log_publishing_options.value.cloudwatch_log_group_arn
+    log_type                  = log_publishing_options.value.log_type
   }
+}
 
   tags = var.tags
 
@@ -89,6 +93,7 @@ resource "aws_elasticsearch_domain" "opensearch" {
 }
 
 resource "aws_elasticsearch_domain_saml_options" "opensearch" {
+  count            = var.enable_saml_options ? 1 : 0
   domain_name = aws_elasticsearch_domain.opensearch.domain_name
 
   saml_options {

From 38dacc5bc7b1c7ea9cd86989f5ef59c628d4abea Mon Sep 17 00:00:00 2001
From: marcusnogueira <marcus.nogueira@dnx.solutions>
Date: Thu, 10 Aug 2023 20:47:40 +1000
Subject: [PATCH 2/3] Adding option to multiple logs

---
 _variables.tf | 16 ++++++++--------
 main.tf       | 16 ++++++++--------
 2 files changed, 16 insertions(+), 16 deletions(-)

diff --git a/_variables.tf b/_variables.tf
index 1c05c8e..e22f982 100644
--- a/_variables.tf
+++ b/_variables.tf
@@ -206,12 +206,12 @@ variable "allow_security_group_ids" {
 
 variable "allow_cidrs" {
   type = list(object({
-    name              = string
-    description       = string
-    cidr              = list(string)
-    from_port         = number
-    to_port           = number
-    protocol          = string
+    name        = string
+    description = string
+    cidr        = list(string)
+    from_port   = number
+    to_port     = number
+    protocol    = string
   }))
   description = "List of CIDR to allow connection to this Cluster"
   default     = []
@@ -220,9 +220,9 @@ variable "allow_cidrs" {
 variable "log_publishing_options" {
   description = "A list of maps containing log publishing options."
   type = list(object({
-    enable                  = bool
+    enable                   = bool
     cloudwatch_log_group_arn = string
-    log_type                = string
+    log_type                 = string
   }))
   default = []
 }
\ No newline at end of file
diff --git a/main.tf b/main.tf
index 9e1a3bd..48d1e9d 100644
--- a/main.tf
+++ b/main.tf
@@ -77,15 +77,15 @@ resource "aws_elasticsearch_domain" "opensearch" {
     iops        = var.ebs_iops
   }
 
-dynamic "log_publishing_options" {
-  for_each = var.log_publishing_options
+  dynamic "log_publishing_options" {
+    for_each = var.log_publishing_options
 
-  content {
-    enabled                   = log_publishing_options.value.enable
-    cloudwatch_log_group_arn  = log_publishing_options.value.cloudwatch_log_group_arn
-    log_type                  = log_publishing_options.value.log_type
+    content {
+      enabled                  = log_publishing_options.value.enable
+      cloudwatch_log_group_arn = log_publishing_options.value.cloudwatch_log_group_arn
+      log_type                 = log_publishing_options.value.log_type
+    }
   }
-}
 
   tags = var.tags
 
@@ -93,7 +93,7 @@ dynamic "log_publishing_options" {
 }
 
 resource "aws_elasticsearch_domain_saml_options" "opensearch" {
-  count            = var.enable_saml_options ? 1 : 0
+  count       = var.enable_saml_options ? 1 : 0
   domain_name = aws_elasticsearch_domain.opensearch.domain_name
 
   saml_options {

From e5a90d2335da69f909e639a7c167f39a4a6a439a Mon Sep 17 00:00:00 2001
From: mvsnogueira-dnx <mvsnogueira-dnx@users.noreply.github.com>
Date: Thu, 10 Aug 2023 10:51:43 +0000
Subject: [PATCH 3/3] terraform-docs: automated update action

---
 README.md | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/README.md b/README.md
index 07a2d24..56a8cc1 100644
--- a/README.md
+++ b/README.md
@@ -92,6 +92,8 @@ Here is a working example of using this Terraform module:
 
 | Name | Description | Type | Default | Required |
 |------|-------------|------|---------|:--------:|
+| allow\_cidrs | List of CIDR to allow connection to this Cluster | <pre>list(object({<br>    name        = string<br>    description = string<br>    cidr        = list(string)<br>    from_port   = number<br>    to_port     = number<br>    protocol    = string<br>  }))</pre> | `[]` | no |
+| allow\_security\_group\_ids | List of Security Group IDs to allow connection to this Cluster | <pre>list(object({<br>    name              = string<br>    description       = string<br>    security_group_id = string<br>    from_port         = number<br>    to_port           = number<br>    protocol          = string<br>  }))</pre> | `[]` | no |
 | availability\_zones | The number of availability zones for the OpenSearch cluster. Valid values: 1, 2 or 3. | `number` | `1` | no |
 | cluster\_domain | The hosted zone name of the OpenSearch cluster. | `string` | n/a | yes |
 | cluster\_hostname | The hostname name of the OpenSearch cluster. | `string` | n/a | yes |
@@ -102,9 +104,11 @@ Here is a working example of using this Terraform module:
 | ebs\_iops | n/a | `number` | `null` | no |
 | ebs\_volume\_size | n/a | `number` | `10` | no |
 | ebs\_volume\_type | n/a | `string` | `null` | no |
+| enable\_saml\_options | Enable or not saml options | `string` | `true` | no |
 | encrypt\_kms\_key\_id | The KMS key ID to encrypt the OpenSearch cluster with. If not specified, then it defaults to using the AWS OpenSearch Service KMS key. | `string` | `""` | no |
 | hot\_instance\_count | The number of dedicated hot nodes in the cluster. | `number` | `1` | no |
 | hot\_instance\_type | The type of EC2 instances to run for each hot node. A list of available instance types can you find at https://aws.amazon.com/en/opensearch-service/pricing/#On-Demand_instance_pricing | `string` | `"r6gd.large.elasticsearch"` | no |
+| log\_publishing\_options | A list of maps containing log publishing options. | <pre>list(object({<br>    enable                   = bool<br>    cloudwatch_log_group_arn = string<br>    log_type                 = string<br>  }))</pre> | `[]` | no |
 | log\_publishing\_options\_cloudwatch\_log\_group\_arn | n/a | `string` | `null` | no |
 | log\_publishing\_options\_enable | n/a | `bool` | `null` | no |
 | log\_publishing\_options\_log\_type | n/a | `string` | `null` | no |