AWS::OpenSearchService::Domain CognitoOptions
Configures OpenSearch Service to use Amazon Cognito authentication for OpenSearch Dashboards.
Syntax
To declare this entity in your Amazon CloudFormation template, use the following syntax:
JSON
{ "Enabled" :
Boolean
, "IdentityPoolId" :String
, "RoleArn" :String
, "UserPoolId" :String
}
YAML
Enabled:
Boolean
IdentityPoolId:String
RoleArn:String
UserPoolId:String
Properties
Enabled
-
Whether to enable or disable Amazon Cognito authentication for OpenSearch Dashboards. See Amazon Cognito authentication for OpenSearch Dashboards.
Required: No
Type: Boolean
Update requires: No interruption
IdentityPoolId
-
The Amazon Cognito identity pool ID that you want OpenSearch Service to use for OpenSearch Dashboards authentication.
Required if you enabled Cognito Authentication for OpenSearch Dashboards.
Required: Conditional
Type: String
Pattern:
[\w-]+:[0-9a-f-]+
Minimum:
1
Maximum:
55
Update requires: No interruption
RoleArn
-
The
AmazonOpenSearchServiceCognitoAccess
role that allows OpenSearch Service to configure your user pool and identity pool.Required if you enabled Cognito Authentication for OpenSearch Dashboards.
Required: Conditional
Type: String
Pattern:
arn:(aws|aws\-cn|aws\-us\-gov|aws\-iso|aws\-iso\-b):iam::[0-9]+:role\/.*
Minimum:
20
Maximum:
2048
Update requires: No interruption
UserPoolId
-
The Amazon Cognito user pool ID that you want OpenSearch Service to use for OpenSearch Dashboards authentication.
Required if you enabled Cognito Authentication for OpenSearch Dashboards.
Required: Conditional
Type: String
Pattern:
[\w-]+_[0-9a-zA-Z]+
Minimum:
1
Maximum:
55
Update requires: No interruption