Class SAMLOptionsProperty
Container for information about the SAML configuration for OpenSearch Dashboards.
Inheritance
Implements
Namespace: Amazon.CDK.AWS.OpenSearchService
Assembly: Amazon.CDK.Lib.dll
Syntax (csharp)
public class SAMLOptionsProperty : Object, ISAMLOptionsProperty
Syntax (vb)
Public Class SAMLOptionsProperty
Inherits Object
Implements ISAMLOptionsProperty
Remarks
ExampleMetadata: infused
Examples
var domain = new Domain(this, "Domain", new DomainProps {
Version = EngineVersion.OPENSEARCH_1_0,
EnforceHttps = true,
NodeToNodeEncryption = true,
EncryptionAtRest = new EncryptionAtRestOptions {
Enabled = true
},
FineGrainedAccessControl = new AdvancedSecurityOptions {
MasterUserName = "master-user",
SamlAuthenticationEnabled = true,
SamlAuthenticationOptions = new SAMLOptionsProperty {
IdpEntityId = "entity-id",
IdpMetadataContent = "metadata-content-with-quotes-escaped"
}
}
});
Synopsis
Constructors
SAMLOptionsProperty() |
Properties
IdpEntityId | The unique entity ID of the application in the SAML identity provider. |
IdpMetadataContent | The metadata of the SAML application, in XML format. |
MasterBackendRole | The backend role that the SAML master user is mapped to. |
MasterUserName | The SAML master username, which is stored in the domain's internal user database. |
RolesKey | Element of the SAML assertion to use for backend roles. |
SessionTimeoutMinutes | The duration, in minutes, after which a user session becomes inactive. |
SubjectKey | Element of the SAML assertion to use for the user name. |
Constructors
SAMLOptionsProperty()
public SAMLOptionsProperty()
Properties
IdpEntityId
The unique entity ID of the application in the SAML identity provider.
public string IdpEntityId { get; set; }
Property Value
System.String
IdpMetadataContent
The metadata of the SAML application, in XML format.
public string IdpMetadataContent { get; set; }
Property Value
System.String
MasterBackendRole
The backend role that the SAML master user is mapped to.
public string MasterBackendRole { get; set; }
Property Value
System.String
Remarks
Any users with this backend role receives full permission in OpenSearch Dashboards/Kibana.
To use a SAML master backend role, configure the rolesKey
property.
Default: - The master user is not mapped to a backend role
MasterUserName
The SAML master username, which is stored in the domain's internal user database.
public string MasterUserName { get; set; }
Property Value
System.String
Remarks
This SAML user receives full permission in OpenSearch Dashboards/Kibana. Creating a new master username does not delete any existing master usernames.
Default: - No master user name is configured
RolesKey
Element of the SAML assertion to use for backend roles.
public string RolesKey { get; set; }
Property Value
System.String
Remarks
Default: - roles
SessionTimeoutMinutes
The duration, in minutes, after which a user session becomes inactive.
public Nullable<double> SessionTimeoutMinutes { get; set; }
Property Value
System.Nullable<System.Double>
Remarks
Default: - 60
SubjectKey
Element of the SAML assertion to use for the user name.
public string SubjectKey { get; set; }
Property Value
System.String
Remarks
Default: - NameID element of the SAML assertion fot the user name