From 6471f49b10b2bc97dba547dc4522929c593d1502 Mon Sep 17 00:00:00 2001
From: Zain Hasib <zainhasib@gmail.com>
Date: Mon, 8 Apr 2024 10:00:26 +0530
Subject: [PATCH] Add Cognito Options into Opensearch

---
 main.tf      |  7 +++++++
 variables.tf | 24 ++++++++++++++++++++++++
 2 files changed, 31 insertions(+)

diff --git a/main.tf b/main.tf
index d507824..cba3482 100644
--- a/main.tf
+++ b/main.tf
@@ -38,6 +38,13 @@ resource "aws_opensearch_domain" "this" {
     }
   }
 
+  cognito_options {
+    enabled          = var.enable_cognito
+    identity_pool_id = var.cognito_identity_pool_id
+    role_arn         = var.cognito_role_arn
+    user_pool_id     = var.cognito_user_id_pool
+  }
+
   vpc_options {
     subnet_ids         = var.subnet_ids
     security_group_ids = var.security_group_ids
diff --git a/variables.tf b/variables.tf
index 3c4fa75..8325f90 100644
--- a/variables.tf
+++ b/variables.tf
@@ -57,6 +57,30 @@ variable "master_user_password" {
   default     = ""
 }
 
+variable "enable_cognito" {
+  description = "Whether Amazon Cognito authentication with Dashboard is enabled or not."
+  type        = bool
+  default     = false
+}
+
+variable "cognito_identity_pool_id" {
+  description = "ID of the Cognito Identity Pool to use."
+  type        = string
+  default     = ""
+}
+
+variable "cognito_role_arn" {
+  description = "ARN of the IAM role that has the AmazonOpenSearchServiceCognitoAccess policy attached."
+  type        = string
+  default     = ""
+}
+
+variable "cognito_user_id_pool" {
+  description = "ID of the Cognito User Pool to use."
+  type        = string
+  default     = ""
+}
+
 variable "master_instance_enabled" {
   description = "Indicates whether dedicated master nodes are enabled for the cluster."
   type        = bool