AWS::Elasticsearch::Domain DomainEndpointOptions - Amazon CloudFormation
SyntaxProperties
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).

This is the new Amazon CloudFormation Template Reference Guide. Please update your bookmarks and links. For help getting started with CloudFormation, see the Amazon CloudFormation User Guide.

AWS::Elasticsearch::Domain DomainEndpointOptions

Specifies additional options for the domain endpoint, such as whether to require HTTPS for all traffic or whether to use a custom endpoint rather than the default endpoint.

Important

The AWS::Elasticsearch::Domain resource is being replaced by the AWS::OpenSearchService::Domain resource. While the legacy Elasticsearch resource and options are still supported, we recommend modifying your existing Cloudformation templates to use the new OpenSearch Service resource, which supports both OpenSearch and Elasticsearch. For more information about the service rename, see New resource types in the Amazon OpenSearch Service Developer Guide.

Syntax

To declare this entity in your Amazon CloudFormation template, use the following syntax:

JSON

{
  "CustomEndpoint" : String,
  "CustomEndpointCertificateArn" : String,
  "CustomEndpointEnabled" : Boolean,
  "EnforceHTTPS" : Boolean,
  "TLSSecurityPolicy" : String
}

Properties

CustomEndpoint

The fully qualified URL for your custom endpoint. Required if you enabled a custom endpoint for the domain.

Required: Conditional

Type: String

Update requires: No interruption

CustomEndpointCertificateArn

The Amazon Certificate Manager ARN for your domain's SSL/TLS certificate. Required if you enabled a custom endpoint for the domain.

Required: Conditional

Type: String

Update requires: No interruption

CustomEndpointEnabled

True to enable a custom endpoint for the domain. If enabled, you must also provide values for CustomEndpoint and CustomEndpointCertificateArn.

Required: No

Type: Boolean

Update requires: No interruption

EnforceHTTPS

True to require that all traffic to the domain arrive over HTTPS.

Required: No

Type: Boolean

Update requires: No interruption

TLSSecurityPolicy

The minimum TLS version required for traffic to the domain. Valid values are TLS 1.3 (recommended) or 1.2:

  • Policy-Min-TLS-1-0-2019-07

  • Policy-Min-TLS-1-2-2019-07

Required: No

Type: String

Update requires: No interruption