AWS::OpenSearchService::Domain DomainEndpointOptions
Specifies additional options for the domain endpoint, such as whether to require HTTPS for all traffic or whether to use a custom endpoint rather than the default endpoint.
Syntax
To declare this entity in your Amazon CloudFormation template, use the following syntax:
JSON
{ "CustomEndpoint" :
String
, "CustomEndpointCertificateArn" :String
, "CustomEndpointEnabled" :Boolean
, "EnforceHTTPS" :Boolean
, "TLSSecurityPolicy" :String
}
YAML
CustomEndpoint:
String
CustomEndpointCertificateArn:String
CustomEndpointEnabled:Boolean
EnforceHTTPS:Boolean
TLSSecurityPolicy:String
Properties
CustomEndpoint
The fully qualified URL for your custom endpoint. Required if you enabled a custom endpoint for the domain.
Required: Conditional
Type: String
Pattern:
^(((?!-)[A-Za-z0-9-]{0,62}[A-Za-z0-9])\.)+((?!-)[A-Za-z0-9-]{1,62}[A-Za-z0-9])$
Minimum:
1
Maximum:
255
Update requires: No interruption
CustomEndpointCertificateArn
The Amazon Certificate Manager ARN for your domain's SSL/TLS certificate. Required if you enabled a custom endpoint for the domain.
Required: Conditional
Type: String
Update requires: No interruption
CustomEndpointEnabled
True to enable a custom endpoint for the domain. If enabled, you must also provide values for
CustomEndpoint
andCustomEndpointCertificateArn
.Required: No
Type: Boolean
Update requires: No interruption
EnforceHTTPS
True to require that all traffic to the domain arrive over HTTPS. Required if you enable fine-grained access control in AdvancedSecurityOptions.
Required: Conditional
Type: Boolean
Update requires: Some interruptions
TLSSecurityPolicy
The minimum TLS version required for traffic to the domain. Valid values are TLS 1.3 (recommended) or 1.2:
Policy-Min-TLS-1-0-2019-07
Policy-Min-TLS-1-2-2019-07
Required: No
Type: String
Allowed values:
Policy-Min-TLS-1-0-2019-07 | Policy-Min-TLS-1-2-2019-07
Update requires: No interruption