AWS::OpenSearchService::Domain CognitoOptions - Amazon CloudFormation
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).

AWS::OpenSearchService::Domain CognitoOptions

Configures OpenSearch Service to use Amazon Cognito authentication for OpenSearch Dashboards.

Syntax

To declare this entity in your Amazon CloudFormation template, use the following syntax:

JSON

{ "Enabled" : Boolean, "IdentityPoolId" : String, "RoleArn" : String, "UserPoolId" : String }

YAML

Enabled: Boolean IdentityPoolId: String RoleArn: String UserPoolId: String

Properties

Enabled

Whether to enable or disable Amazon Cognito authentication for OpenSearch Dashboards. See Amazon Cognito authentication for OpenSearch Dashboards.

Required: No

Type: Boolean

Update requires: No interruption

IdentityPoolId

The Amazon Cognito identity pool ID that you want OpenSearch Service to use for OpenSearch Dashboards authentication.

Required if you enabled Cognito Authentication for OpenSearch Dashboards.

Required: Conditional

Type: String

Pattern: [\w-]+:[0-9a-f-]+

Minimum: 1

Maximum: 55

Update requires: No interruption

RoleArn

The AmazonOpenSearchServiceCognitoAccess role that allows OpenSearch Service to configure your user pool and identity pool.

Required if you enabled Cognito Authentication for OpenSearch Dashboards.

Required: Conditional

Type: String

Pattern: arn:(aws|aws\-cn|aws\-us\-gov|aws\-iso|aws\-iso\-b):iam::[0-9]+:role\/.*

Minimum: 20

Maximum: 2048

Update requires: No interruption

UserPoolId

The Amazon Cognito user pool ID that you want OpenSearch Service to use for OpenSearch Dashboards authentication.

Required if you enabled Cognito Authentication for OpenSearch Dashboards.

Required: Conditional

Type: String

Pattern: [\w-]+_[0-9a-zA-Z]+

Minimum: 1

Maximum: 55

Update requires: No interruption