feat(opensearch): update TLS policy and add domain_name output

- Changed the default TLS security policy for the OpenSearch domain to
  "Policy-Min-TLS-1-2-PFS-2023-10" for improved security.
- Added a new output "domain_name" to expose the OpenSearch domain name.

Author: RoseSecurity

main.tf

@@ -179,7 +179,7 @@ resource "aws_opensearch_domain" "this" {
       custom_endpoint_certificate_arn = try(domain_endpoint_options.value.custom_endpoint_certificate_arn, null)
       custom_endpoint_enabled         = try(domain_endpoint_options.value.custom_endpoint_enabled, null)
       enforce_https                   = try(domain_endpoint_options.value.enforce_https, true)
-      tls_security_policy             = try(domain_endpoint_options.value.tls_security_policy, "Policy-Min-TLS-1-2-2019-07")
+      tls_security_policy             = try(domain_endpoint_options.value.tls_security_policy, "Policy-Min-TLS-1-2-PFS-2023-10")
     }
   }
 

outputs.tf

@@ -12,6 +12,11 @@ output "domain_id" {
   value       = try(aws_opensearch_domain.this[0].domain_id, null)
 }
 
+output "domain_name" {
+  description = "The name of the domain"
+  value       = try(aws_opensearch_domain.this[0].domain_name, null)
+}
+
 output "domain_endpoint" {
   description = "Domain-specific endpoint used to submit index, search, and data upload requests"
   value       = try(aws_opensearch_domain.this[0].endpoint, null)