AWS::OpenSearchService::Domain DomainEndpointOptions
Specifies additional options for the domain endpoint, such as whether to require HTTPS for all traffic or whether to use a custom endpoint rather than the default endpoint.
Syntax
To declare this entity in your Amazon CloudFormation template, use the following syntax:
JSON
{ "CustomEndpoint" :String, "CustomEndpointCertificateArn" :String, "CustomEndpointEnabled" :Boolean, "EnforceHTTPS" :Boolean, "TLSSecurityPolicy" :String}
YAML
CustomEndpoint:StringCustomEndpointCertificateArn:StringCustomEndpointEnabled:BooleanEnforceHTTPS:BooleanTLSSecurityPolicy:String
Properties
CustomEndpointThe fully qualified URL for your custom endpoint. Required if you enabled a custom endpoint for the domain.
Required: Conditional
Type: String
Pattern:
^(((?!-)[A-Za-z0-9-]{0,62}[A-Za-z0-9])\.)+((?!-)[A-Za-z0-9-]{1,62}[A-Za-z0-9])$Minimum:
1Maximum:
255Update requires: No interruption
CustomEndpointCertificateArnThe Amazon Certificate Manager ARN for your domain's SSL/TLS certificate. Required if you enabled a custom endpoint for the domain.
Required: Conditional
Type: String
Update requires: No interruption
CustomEndpointEnabledTrue to enable a custom endpoint for the domain. If enabled, you must also provide values for
CustomEndpointandCustomEndpointCertificateArn.Required: No
Type: Boolean
Update requires: No interruption
EnforceHTTPSTrue to require that all traffic to the domain arrive over HTTPS. Required if you enable fine-grained access control in AdvancedSecurityOptions.
Required: Conditional
Type: Boolean
Update requires: Some interruptions
TLSSecurityPolicyThe minimum TLS version required for traffic to the domain. Valid values are TLS 1.3 (recommended) or 1.2:
Policy-Min-TLS-1-0-2019-07Policy-Min-TLS-1-2-2019-07
Required: No
Type: String
Allowed values:
Policy-Min-TLS-1-0-2019-07 | Policy-Min-TLS-1-2-2019-07Update requires: No interruption