AWS::OpenSearchService::Domain IdentityCenterOptions - AWS CloudFormation

AWS::OpenSearchService::Domain IdentityCenterOptions

Container for IAM Identity Center Options settings.

Syntax

To declare this entity in your AWS CloudFormation template, use the following syntax:

JSON

{ "EnabledAPIAccess" : Boolean, "IdentityCenterApplicationARN" : String, "IdentityCenterInstanceARN" : String, "IdentityStoreId" : String, "RolesKey" : String, "SubjectKey" : String }

Properties

EnabledAPIAccess

True to enable IAM Identity Center for API access in Amazon OpenSearch Service.

Required: No

Type: Boolean

Update requires: No interruption

IdentityCenterApplicationARN

The ARN for IAM Identity Center Application which will integrate with Amazon OpenSearch Service.

Required: No

Type: String

Pattern: ^arn:aws[a-z\\-]*:[a-z]+:[a-z0-9\\-]*:[0-9]*:[a-z0-9\\-]+\/[a-z0-9\\-]+\/[a-z0-9\\-]+

Minimum: 20

Maximum: 2048

Update requires: No interruption

IdentityCenterInstanceARN

The ARN for IAM Identity Center Instance.

Required: No

Type: String

Pattern: ^arn:aws[a-z\\-]*:[a-z]+:[a-z0-9\\-]*:[0-9]*:[a-z0-9\\-]+\/[a-z0-9\\-]+

Minimum: 20

Maximum: 2048

Update requires: No interruption

IdentityStoreId

The ID of IAM Identity Store.

Required: No

Type: String

Pattern: ^d-[0-9a-f]{10}$|^[0-9a-f]{8}\\b-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-\\b[0-9a-f]{12}$

Minimum: 1

Maximum: 64

Update requires: No interruption

RolesKey

Specify the attribute that contains the backend role (groupName, groupID) of IAM Identity Center

Required: No

Type: String

Allowed values: GroupName | GroupId

Update requires: No interruption

SubjectKey

Specify the attribute that contains the subject (username, userID, email) of IAM Identity Center.

Required: No

Type: String

Allowed values: UserName | UserId | Email

Update requires: No interruption