Class CfnDomain.AdvancedSecurityOptionsInputProperty
Specifies options for fine-grained access control.
Inheritance
Namespace: Amazon.CDK.AWS.OpenSearchService
Assembly: Amazon.CDK.Lib.dll
Syntax (csharp)
public class AdvancedSecurityOptionsInputProperty : Object, CfnDomain.IAdvancedSecurityOptionsInputProperty
Syntax (vb)
Public Class AdvancedSecurityOptionsInputProperty
Inherits Object
Implements CfnDomain.IAdvancedSecurityOptionsInputProperty
Remarks
If you specify advanced security options, you must also enable node-to-node encryption ( NodeToNodeEncryptionOptions ) and encryption at rest ( EncryptionAtRestOptions ). You must also enable EnforceHTTPS
within DomainEndpointOptions , which requires HTTPS for all traffic to the domain.
ExampleMetadata: fixture=_generated
Examples
// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
using Amazon.CDK.AWS.OpenSearchService;
var advancedSecurityOptionsInputProperty = new AdvancedSecurityOptionsInputProperty {
AnonymousAuthDisableDate = "anonymousAuthDisableDate",
AnonymousAuthEnabled = false,
Enabled = false,
InternalUserDatabaseEnabled = false,
MasterUserOptions = new MasterUserOptionsProperty {
MasterUserArn = "masterUserArn",
MasterUserName = "masterUserName",
MasterUserPassword = "masterUserPassword"
},
SamlOptions = new SAMLOptionsProperty {
Enabled = false,
Idp = new IdpProperty {
EntityId = "entityId",
MetadataContent = "metadataContent"
},
MasterBackendRole = "masterBackendRole",
MasterUserName = "masterUserName",
RolesKey = "rolesKey",
SessionTimeoutMinutes = 123,
SubjectKey = "subjectKey"
}
};
Synopsis
Constructors
AdvancedSecurityOptionsInputProperty() |
Properties
AnonymousAuthDisableDate | Date and time when the migration period will be disabled. |
AnonymousAuthEnabled | True to enable a 30-day migration period during which administrators can create role mappings. |
Enabled | True to enable fine-grained access control. |
InternalUserDatabaseEnabled | True to enable the internal user database. |
MasterUserOptions | Specifies information about the master user. |
SamlOptions | Container for information about the SAML configuration for OpenSearch Dashboards. |
Constructors
AdvancedSecurityOptionsInputProperty()
public AdvancedSecurityOptionsInputProperty()
Properties
AnonymousAuthDisableDate
Date and time when the migration period will be disabled.
public string AnonymousAuthDisableDate { get; set; }
Property Value
System.String
Remarks
Only necessary when enabling fine-grained access control on an existing domain .
AnonymousAuthEnabled
True to enable a 30-day migration period during which administrators can create role mappings.
public object AnonymousAuthEnabled { get; set; }
Property Value
System.Object
Remarks
Only necessary when enabling fine-grained access control on an existing domain .
Enabled
True to enable fine-grained access control.
public object Enabled { get; set; }
Property Value
System.Object
Remarks
You must also enable encryption of data at rest and node-to-node encryption. See Fine-grained access control in Amazon OpenSearch Service .
InternalUserDatabaseEnabled
True to enable the internal user database.
public object InternalUserDatabaseEnabled { get; set; }
Property Value
System.Object
Remarks
MasterUserOptions
Specifies information about the master user.
public object MasterUserOptions { get; set; }
Property Value
System.Object
Remarks
SamlOptions
Container for information about the SAML configuration for OpenSearch Dashboards.
public object SamlOptions { get; set; }
Property Value
System.Object