Add anonymous_auth_enabled option to OpenSearch advanced security options (#201)

tarik-arslanagic-gpp · oycyc · goruha · web-flow · commit 67d18dfb406d · 2025-07-28T19:38:10.000+03:00
Co-authored-by: yangci &lt;yangciouou@gmail.com&gt;
Co-authored-by: Igor Rodionov &lt;goruha@gmail.com&gt;
diff --git a/opensearch_domain.tf b/opensearch_domain.tf
@@ -18,6 +18,7 @@ resource "aws_opensearch_domain" "default" {
   advanced_security_options {
     enabled                        = var.advanced_security_options_enabled
     internal_user_database_enabled = var.advanced_security_options_internal_user_database_enabled
+    anonymous_auth_enabled         = var.advanced_security_options_anonymous_auth_enabled
     master_user_options {
       master_user_arn      = var.advanced_security_options_master_user_arn
       master_user_name     = var.advanced_security_options_master_user_name
diff --git a/variables.tf b/variables.tf
@@ -463,3 +463,9 @@ variable "auto_tune" {
     error_message = "Variable auto_tune.rollback_on_disable valid values: DEFAULT_ROLLBACK or NO_ROLLBACK."
   }
 }
+
+variable "advanced_security_options_anonymous_auth_enabled" {
+  type        = bool
+  default     = false
+  description = "Whether Anonymous auth is enabled. Enables fine-grained access control on an existing domain"
+}

Original file line number	Diff line number	Diff line change
`@@ -463,3 +463,9 @@ variable "auto_tune" {`
`463`	`463`	`error_message = "Variable auto_tune.rollback_on_disable valid values: DEFAULT_ROLLBACK or NO_ROLLBACK."`
`464`	`464`	`}`
`465`	`465`	`}`
	`466`	`+`
	`467`	`+variable "advanced_security_options_anonymous_auth_enabled" {`
	`468`	`+ type = bool`
	`469`	`+ default = false`
	`470`	`+ description = "Whether Anonymous auth is enabled. Enables fine-grained access control on an existing domain"`
	`471`	`+}`