Resource: aws_cloudsearch_domain_service_access_policy

Provides an CloudSearch domain service access policy resource.

Terraform waits for the domain service access policy to become Active when applying a configuration.

Example Usage

resource "aws_cloudsearch_domain" "example" {
  name = "example-domain"
}

data "aws_iam_policy_document" "example" {
  statement {
    sid    = "search_only"
    effect = "Allow"

    principals {
      type        = "*"
      identifiers = ["*"]
    }

    actions = [
      "cloudsearch:search",
      "cloudsearch:document",
    ]

    condition {
      test     = "IpAddress"
      variable = "aws:SourceIp"
      values   = ["192.0.2.0/32"]
    }
  }
}



resource "aws_cloudsearch_domain_service_access_policy" "example" {
  domain_name   = aws_cloudsearch_domain.example.id
  access_policy = data.aws_iam_policy_document.example.json
}

Argument Reference

This resource supports the following arguments:

Attribute Reference

This resource exports no additional attributes.

Timeouts

Configuration options:

Import

In Terraform v1.5.0 and later, use an import block to import CloudSearch domain service access policies using the domain name. For example:

import {
  to = aws_cloudsearch_domain_service_access_policy.example
  id = "example-domain"
}

Using terraform import, import CloudSearch domain service access policies using the domain name. For example:

% terraform import aws_cloudsearch_domain_service_access_policy.example example-domain