A Kendra index
The following example creates a Kendra index with the required permissions as per AWS documentation here.
resource "awscc_kendra_index" "example" {
edition = "ENTERPRISE_EDITION"
name = "example-index"
role_arn = awscc_iam_role.example.arn
description = "Example Kendra index"
tags = [{
key = "Modified By"
value = "AWSCC"
}]
}
resource "awscc_iam_role" "example" {
role_name = "kendra_index_role"
description = "Role assigned to the Kendra index"
assume_role_policy_document = jsonencode({
Version = "2012-10-17"
Statement = [
{
Action = "sts:AssumeRole"
Effect = "Allow"
Principal = {
Service = "kendra.amazonaws.com"
}
}
]
})
max_session_duration = 7200
tags = [
{
key = "Name"
value = "Kendra index role"
},
{
key = "Modified By"
value = "AWSCC"
}
]
}
resource "awscc_iam_role_policy" "example" {
policy_name = "kendra_role_policy"
role_name = awscc_iam_role.example.id
policy_document = jsonencode({
Version = "2012-10-17"
Statement = [
{
Effect = "Allow"
Action = "cloudwatch:PutMetricData"
Resource = "*"
Condition = {
"StringEquals" : {
"cloudwatch:namespace" : "AWS/Kendra"
}
}
},
{
Effect = "Allow"
Action = "logs:DescribeLogGroups"
Resource = "*"
},
{
Effect = "Allow"
Action = "logs:CreateLogGroup",
Resource = "arn:aws:logs:us-east-1:${data.aws_caller_identity.current.account_id}:log-group:/aws/kendra/*"
},
{
Effect = "Allow"
Action = [
"logs:DescribeLogStreams",
"logs:CreateLogStream",
"logs:PutLogEvents"
],
Resource = "arn:aws:logs:us-east-1:${data.aws_caller_identity.current.account_id}:log-group:/aws/kendra/*:log-stream:*"
}
]
})
}
data "aws_caller_identity" "current" {}
edition
(String) Edition of indexname
(String) Name of indexrole_arn
(String) Role Arncapacity_units
(Attributes) Capacity units (see below for nested schema)description
(String) A description for the indexdocument_metadata_configurations
(Attributes List) Document metadata configurations (see below for nested schema)server_side_encryption_configuration
(Attributes) Server side encryption configuration (see below for nested schema)tags
(Attributes List) Tags for labeling the index (see below for nested schema)user_context_policy
(String)user_token_configurations
(Attributes List) (see below for nested schema)arn
(String)id
(String) Uniquely identifies the resource.index_id
(String) Unique ID of indexcapacity_units
Required:
query_capacity_units
(Number)storage_capacity_units
(Number)document_metadata_configurations
Required:
name
(String)type
(String)Optional:
relevance
(Attributes) (see below for nested schema)search
(Attributes) (see below for nested schema)document_metadata_configurations.relevance
Optional:
duration
(String)freshness
(Boolean)importance
(Number)rank_order
(String)value_importance_items
(Attributes List) (see below for nested schema)document_metadata_configurations.relevance.value_importance_items
Optional:
key
(String)value
(Number)document_metadata_configurations.search
Optional:
displayable
(Boolean)facetable
(Boolean)searchable
(Boolean)sortable
(Boolean)server_side_encryption_configuration
Optional:
kms_key_id
(String)tags
Required:
key
(String) A string used to identify this tagvalue
(String) A string containing the value for the taguser_token_configurations
Optional:
json_token_type_configuration
(Attributes) (see below for nested schema)jwt_token_type_configuration
(Attributes) (see below for nested schema)user_token_configurations.json_token_type_configuration
Required:
group_attribute_field
(String)user_name_attribute_field
(String)user_token_configurations.jwt_token_type_configuration
Required:
key_location
(String)Optional:
claim_regex
(String)group_attribute_field
(String)issuer
(String)secret_manager_arn
(String) Role Arnurl
(String)user_name_attribute_field
(String)Import is supported using the following syntax:
$ terraform import awscc_kendra_index.example <resource ID>