AWS::Elasticsearch::Domain DomainEndpointOptions - AWS CloudFormation

AWS::Elasticsearch::Domain DomainEndpointOptions

Specifies additional options for the domain endpoint, such as whether to require HTTPS for all traffic or whether to use a custom endpoint rather than the default endpoint.

Important

The AWS::Elasticsearch::Domain resource is being replaced by the AWS::OpenSearchService::Domain resource. While the legacy Elasticsearch resource and options are still supported, we recommend modifying your existing Cloudformation templates to use the new OpenSearch Service resource, which supports both OpenSearch and Elasticsearch. For more information about the service rename, see New resource types in the Amazon OpenSearch Service Developer Guide.

Syntax

To declare this entity in your AWS CloudFormation template, use the following syntax:

JSON

{ "CustomEndpoint" : String, "CustomEndpointCertificateArn" : String, "CustomEndpointEnabled" : Boolean, "EnforceHTTPS" : Boolean, "TLSSecurityPolicy" : String }

Properties

CustomEndpoint

The fully qualified URL for your custom endpoint.

Required: No

Type: String

Update requires: No interruption

CustomEndpointCertificateArn

The AWS Certificate Manager ARN for your domain's SSL/TLS certificate.

Required: No

Type: String

Update requires: No interruption

CustomEndpointEnabled

True to enable a custom endpoint for the domain. If enabled, you must also provide values for CustomEndpoint and CustomEndpointCertificateArn.

Required: No

Type: Boolean

Update requires: No interruption

EnforceHTTPS

True to require that all traffic to the domain arrive over HTTPS.

Required: No

Type: Boolean

Update requires: No interruption

TLSSecurityPolicy

The minimum TLS version required for traffic to the domain. Valid values are TLS 1.0 (default) or 1.2:

  • Policy-Min-TLS-1-0-2019-07

  • Policy-Min-TLS-1-2-2019-07

Required: No

Type: String

Update requires: No interruption