AWS::OpenSearchService::Domain SAMLOptions - Amazon CloudFormation
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).

AWS::OpenSearchService::Domain SAMLOptions

Container for information about the SAML configuration for OpenSearch Dashboards.

Syntax

To declare this entity in your Amazon CloudFormation template, use the following syntax:

JSON

{ "Enabled" : Boolean, "Idp" : Idp, "MasterBackendRole" : String, "MasterUserName" : String, "RolesKey" : String, "SessionTimeoutMinutes" : Integer, "SubjectKey" : String }

YAML

Enabled: Boolean Idp: Idp MasterBackendRole: String MasterUserName: String RolesKey: String SessionTimeoutMinutes: Integer SubjectKey: String

Properties

Enabled

True to enable SAML authentication for a domain.

Required: No

Type: Boolean

Update requires: No interruption

Idp

The SAML Identity Provider's information.

Required: No

Type: Idp

Update requires: No interruption

MasterBackendRole

The backend role that the SAML master user is mapped to.

Required: No

Type: String

Minimum: 1

Maximum: 256

Update requires: No interruption

MasterUserName

The SAML master user name, which is stored in the domain's internal user database.

Required: No

Type: String

Minimum: 1

Maximum: 64

Pattern: .*

Update requires: No interruption

RolesKey

Element of the SAML assertion to use for backend roles. Default is roles.

Required: No

Type: String

Update requires: No interruption

SessionTimeoutMinutes

The duration, in minutes, after which a user session becomes inactive. Acceptable values are between 1 and 1440, and the default value is 60.

Required: No

Type: Integer

Update requires: No interruption

SubjectKey

Element of the SAML assertion to use for the user name. Default is NameID.

Required: No

Type: String

Update requires: No interruption