AWS::OpenSearchService::Domain DomainEndpointOptions

Specifies additional options for the domain endpoint, such as whether to require HTTPS for all traffic or whether to use a custom endpoint rather than the default endpoint.

Syntax

To declare this entity in your AWS CloudFormation template, use the following syntax:

JSON


{
  "CustomEndpoint" : String,
  "CustomEndpointCertificateArn" : String,
  "CustomEndpointEnabled" : Boolean,
  "EnforceHTTPS" : Boolean,
  "TLSSecurityPolicy" : String
}

YAML


  CustomEndpoint: String
  CustomEndpointCertificateArn: String
  CustomEndpointEnabled: Boolean
  EnforceHTTPS: Boolean
  TLSSecurityPolicy: String

Properties

CustomEndpoint

The fully qualified URL for your custom endpoint. Required if you enabled a custom endpoint for the domain.

Required: Conditional

Type: String

Pattern: ^(((?!-)[A-Za-z0-9-]{0,62}[A-Za-z0-9])\.)+((?!-)[A-Za-z0-9-]{1,62}[A-Za-z0-9])$

Minimum: 1

Maximum: 255

Update requires: No interruption

CustomEndpointCertificateArn

The AWS Certificate Manager ARN for your domain's SSL/TLS certificate. Required if you enabled a custom endpoint for the domain.

Required: Conditional

Type: String

Update requires: No interruption

CustomEndpointEnabled

True to enable a custom endpoint for the domain. If enabled, you must also provide values for CustomEndpoint and CustomEndpointCertificateArn.

Required: No

Type: Boolean

Update requires: No interruption

EnforceHTTPS

True to require that all traffic to the domain arrive over HTTPS. Required if you enable fine-grained access control in AdvancedSecurityOptions.

Required: Conditional

Type: Boolean

Update requires: Some interruptions

TLSSecurityPolicy

The minimum TLS version required for traffic to the domain. The policy can be one of the following values:

Policy-Min-TLS-1-0-2019-07: TLS security policy that supports TLS version 1.0 to TLS version 1.2
Policy-Min-TLS-1-2-2019-07: TLS security policy that supports only TLS version 1.2
Policy-Min-TLS-1-2-PFS-2023-10: TLS security policy that supports TLS version 1.2 to TLS version 1.3 with perfect forward secrecy cipher suites

Required: No

Type: String

Allowed values: Policy-Min-TLS-1-0-2019-07 | Policy-Min-TLS-1-2-2019-07 | Policy-Min-TLS-1-2-PFS-2023-10

Update requires: No interruption

Warning Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Document Conventions

ColdStorageOptions

EBSOptions