Class CfnDomainProps
Properties for defining a CfnDomain
.
Inheritance
Implements
Namespace: Amazon.CDK.AWS.OpenSearchService
Assembly: Amazon.CDK.AWS.OpenSearchService.dll
Syntax (csharp)
public class CfnDomainProps : Object, ICfnDomainProps
Syntax (vb)
Public Class CfnDomainProps
Inherits Object
Implements ICfnDomainProps
Remarks
ExampleMetadata: fixture=_generated
Examples
// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
using Amazon.CDK.AWS.OpenSearchService;
var accessPolicies;
var cfnDomainProps = new CfnDomainProps {
AccessPolicies = accessPolicies,
AdvancedOptions = new Dictionary<string, string> {
{ "advancedOptionsKey", "advancedOptions" }
},
AdvancedSecurityOptions = new AdvancedSecurityOptionsInputProperty {
AnonymousAuthDisableDate = "anonymousAuthDisableDate",
AnonymousAuthEnabled = false,
Enabled = false,
InternalUserDatabaseEnabled = false,
MasterUserOptions = new MasterUserOptionsProperty {
MasterUserArn = "masterUserArn",
MasterUserName = "masterUserName",
MasterUserPassword = "masterUserPassword"
},
SamlOptions = new SAMLOptionsProperty {
Enabled = false,
Idp = new IdpProperty {
EntityId = "entityId",
MetadataContent = "metadataContent"
},
MasterBackendRole = "masterBackendRole",
MasterUserName = "masterUserName",
RolesKey = "rolesKey",
SessionTimeoutMinutes = 123,
SubjectKey = "subjectKey"
}
},
ClusterConfig = new ClusterConfigProperty {
DedicatedMasterCount = 123,
DedicatedMasterEnabled = false,
DedicatedMasterType = "dedicatedMasterType",
InstanceCount = 123,
InstanceType = "instanceType",
MultiAzWithStandbyEnabled = false,
WarmCount = 123,
WarmEnabled = false,
WarmType = "warmType",
ZoneAwarenessConfig = new ZoneAwarenessConfigProperty {
AvailabilityZoneCount = 123
},
ZoneAwarenessEnabled = false
},
CognitoOptions = new CognitoOptionsProperty {
Enabled = false,
IdentityPoolId = "identityPoolId",
RoleArn = "roleArn",
UserPoolId = "userPoolId"
},
DomainEndpointOptions = new DomainEndpointOptionsProperty {
CustomEndpoint = "customEndpoint",
CustomEndpointCertificateArn = "customEndpointCertificateArn",
CustomEndpointEnabled = false,
EnforceHttps = false,
TlsSecurityPolicy = "tlsSecurityPolicy"
},
DomainName = "domainName",
EbsOptions = new EBSOptionsProperty {
EbsEnabled = false,
Iops = 123,
Throughput = 123,
VolumeSize = 123,
VolumeType = "volumeType"
},
EncryptionAtRestOptions = new EncryptionAtRestOptionsProperty {
Enabled = false,
KmsKeyId = "kmsKeyId"
},
EngineVersion = "engineVersion",
LogPublishingOptions = new Dictionary<string, object> {
{ "logPublishingOptionsKey", new LogPublishingOptionProperty {
CloudWatchLogsLogGroupArn = "cloudWatchLogsLogGroupArn",
Enabled = false
} }
},
NodeToNodeEncryptionOptions = new NodeToNodeEncryptionOptionsProperty {
Enabled = false
},
OffPeakWindowOptions = new OffPeakWindowOptionsProperty {
Enabled = false,
OffPeakWindow = new OffPeakWindowProperty {
WindowStartTime = new WindowStartTimeProperty {
Hours = 123,
Minutes = 123
}
}
},
SnapshotOptions = new SnapshotOptionsProperty {
AutomatedSnapshotStartHour = 123
},
SoftwareUpdateOptions = new SoftwareUpdateOptionsProperty {
AutoSoftwareUpdateEnabled = false
},
Tags = new [] { new CfnTag {
Key = "key",
Value = "value"
} },
VpcOptions = new VPCOptionsProperty {
SecurityGroupIds = new [] { "securityGroupIds" },
SubnetIds = new [] { "subnetIds" }
}
};
Synopsis
Constructors
CfnDomainProps() |
Properties
AccessPolicies | An AWS Identity and Access Management ( IAM ) policy document that specifies who can access the OpenSearch Service domain and their permissions. |
AdvancedOptions | Additional options to specify for the OpenSearch Service domain. |
AdvancedSecurityOptions | Specifies options for fine-grained access control and SAML authentication. |
ClusterConfig | Container for the cluster configuration of a domain. |
CognitoOptions | Configures OpenSearch Service to use Amazon Cognito authentication for OpenSearch Dashboards. |
DomainEndpointOptions | Specifies additional options for the domain endpoint, such as whether to require HTTPS for all traffic or whether to use a custom endpoint rather than the default endpoint. |
DomainName | A name for the OpenSearch Service domain. |
EbsOptions | The configurations of Amazon Elastic Block Store (Amazon EBS) volumes that are attached to data nodes in the OpenSearch Service domain. |
EncryptionAtRestOptions | Whether the domain should encrypt data at rest, and if so, the AWS KMS key to use. |
EngineVersion | The version of OpenSearch to use. |
LogPublishingOptions | An object with one or more of the following keys: |
NodeToNodeEncryptionOptions | Specifies whether node-to-node encryption is enabled. |
OffPeakWindowOptions | Options for a domain's off-peak window, during which OpenSearch Service can perform mandatory configuration changes on the domain. |
SnapshotOptions | DEPRECATED . |
SoftwareUpdateOptions | Options for configuring service software updates for a domain. |
Tags | An arbitrary set of tags (key–value pairs) to associate with the OpenSearch Service domain. |
VpcOptions | The virtual private cloud (VPC) configuration for the OpenSearch Service domain. |
Constructors
CfnDomainProps()
public CfnDomainProps()
Properties
AccessPolicies
An AWS Identity and Access Management ( IAM ) policy document that specifies who can access the OpenSearch Service domain and their permissions.
public object AccessPolicies { get; set; }
Property Value
System.Object
Remarks
For more information, see Configuring access policies in the Amazon OpenSearch Service Developer Guide .
AdvancedOptions
Additional options to specify for the OpenSearch Service domain.
public object AdvancedOptions { get; set; }
Property Value
System.Object
Remarks
For more information, see AdvancedOptions in the OpenSearch Service API reference.
AdvancedSecurityOptions
Specifies options for fine-grained access control and SAML authentication.
public object AdvancedSecurityOptions { get; set; }
Property Value
System.Object
Remarks
If you specify advanced security options, you must also enable node-to-node encryption ( NodeToNodeEncryptionOptions ) and encryption at rest ( EncryptionAtRestOptions ). You must also enable EnforceHTTPS
within DomainEndpointOptions , which requires HTTPS for all traffic to the domain.
ClusterConfig
Container for the cluster configuration of a domain.
public object ClusterConfig { get; set; }
Property Value
System.Object
Remarks
CognitoOptions
Configures OpenSearch Service to use Amazon Cognito authentication for OpenSearch Dashboards.
public object CognitoOptions { get; set; }
Property Value
System.Object
Remarks
DomainEndpointOptions
Specifies additional options for the domain endpoint, such as whether to require HTTPS for all traffic or whether to use a custom endpoint rather than the default endpoint.
public object DomainEndpointOptions { get; set; }
Property Value
System.Object
Remarks
DomainName
A name for the OpenSearch Service domain.
public string DomainName { get; set; }
Property Value
System.String
Remarks
The name must have a minimum length of 3 and a maximum length of 28. If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the domain name. For more information, see Name Type .
Required when creating a new domain.
If you specify a name, you can't perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name.
EbsOptions
The configurations of Amazon Elastic Block Store (Amazon EBS) volumes that are attached to data nodes in the OpenSearch Service domain.
public object EbsOptions { get; set; }
Property Value
System.Object
Remarks
For more information, see EBS volume size limits in the Amazon OpenSearch Service Developer Guide .
EncryptionAtRestOptions
Whether the domain should encrypt data at rest, and if so, the AWS KMS key to use.
public object EncryptionAtRestOptions { get; set; }
Property Value
System.Object
Remarks
EngineVersion
The version of OpenSearch to use.
public string EngineVersion { get; set; }
Property Value
System.String
Remarks
The value must be in the format OpenSearch_X.Y
or Elasticsearch_X.Y
. If not specified, the latest version of OpenSearch is used. For information about the versions that OpenSearch Service supports, see Supported versions of OpenSearch and Elasticsearch in the Amazon OpenSearch Service Developer Guide .
If you set the EnableVersionUpgrade update policy to true
, you can update EngineVersion
without interruption. When EnableVersionUpgrade
is set to false
, or is not specified, updating EngineVersion
results in replacement .
LogPublishingOptions
An object with one or more of the following keys: SEARCH_SLOW_LOGS
, ES_APPLICATION_LOGS
, INDEX_SLOW_LOGS
, AUDIT_LOGS
, depending on the types of logs you want to publish.
public object LogPublishingOptions { get; set; }
Property Value
System.Object
Remarks
Each key needs a valid LogPublishingOption
value. For the full syntax, see the examples .
NodeToNodeEncryptionOptions
Specifies whether node-to-node encryption is enabled.
public object NodeToNodeEncryptionOptions { get; set; }
Property Value
System.Object
Remarks
OffPeakWindowOptions
Options for a domain's off-peak window, during which OpenSearch Service can perform mandatory configuration changes on the domain.
public object OffPeakWindowOptions { get; set; }
Property Value
System.Object
Remarks
SnapshotOptions
DEPRECATED .
public object SnapshotOptions { get; set; }
Property Value
System.Object
Remarks
The automated snapshot configuration for the OpenSearch Service domain indexes.
SoftwareUpdateOptions
Options for configuring service software updates for a domain.
public object SoftwareUpdateOptions { get; set; }
Property Value
System.Object
Remarks
Tags
An arbitrary set of tags (key–value pairs) to associate with the OpenSearch Service domain.
public ICfnTag[] Tags { get; set; }
Property Value
ICfnTag[]
Remarks
VpcOptions
The virtual private cloud (VPC) configuration for the OpenSearch Service domain.
public object VpcOptions { get; set; }
Property Value
System.Object
Remarks
For more information, see Launching your Amazon OpenSearch Service domains within a VPC in the Amazon OpenSearch Service Developer Guide .
If you remove this entity altogether, along with its associated properties, it causes a replacement. You might encounter this scenario if you're updating your security configuration from a VPC to a public endpoint.