Interface CfnDomain.AdvancedSecurityOptionsInputProperty
- All Superinterfaces:
software.amazon.jsii.JsiiSerializable
- All Known Implementing Classes:
CfnDomain.AdvancedSecurityOptionsInputProperty.Jsii$Proxy
- Enclosing class:
CfnDomain
@Stability(Stable)
public static interface CfnDomain.AdvancedSecurityOptionsInputProperty
extends software.amazon.jsii.JsiiSerializable
Specifies options for fine-grained access control.
If you specify advanced security options, you must also enable node-to-node encryption ( NodeToNodeEncryptionOptions ) and encryption at rest ( EncryptionAtRestOptions ). You must also enable EnforceHTTPS within DomainEndpointOptions , which requires HTTPS for all traffic to the domain.
Example:
// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import software.amazon.awscdk.services.opensearchservice.*;
AdvancedSecurityOptionsInputProperty advancedSecurityOptionsInputProperty = AdvancedSecurityOptionsInputProperty.builder()
.anonymousAuthDisableDate("anonymousAuthDisableDate")
.anonymousAuthEnabled(false)
.enabled(false)
.internalUserDatabaseEnabled(false)
.masterUserOptions(MasterUserOptionsProperty.builder()
.masterUserArn("masterUserArn")
.masterUserName("masterUserName")
.masterUserPassword("masterUserPassword")
.build())
.samlOptions(SAMLOptionsProperty.builder()
.enabled(false)
.idp(IdpProperty.builder()
.entityId("entityId")
.metadataContent("metadataContent")
.build())
.masterBackendRole("masterBackendRole")
.masterUserName("masterUserName")
.rolesKey("rolesKey")
.sessionTimeoutMinutes(123)
.subjectKey("subjectKey")
.build())
.build();
-
Nested Class Summary
Nested ClassesModifier and TypeInterfaceDescriptionstatic final classA builder forCfnDomain.AdvancedSecurityOptionsInputPropertystatic final classAn implementation forCfnDomain.AdvancedSecurityOptionsInputProperty -
Method Summary
Modifier and TypeMethodDescriptionbuilder()default StringDate and time when the migration period will be disabled.default ObjectTrue to enable a 30-day migration period during which administrators can create role mappings.default ObjectTrue to enable fine-grained access control.default ObjectTrue to enable the internal user database.default ObjectSpecifies information about the master user.default ObjectContainer for information about the SAML configuration for OpenSearch Dashboards.Methods inherited from interface software.amazon.jsii.JsiiSerializable
$jsii$toJson
-
Method Details
-
getAnonymousAuthDisableDate
Date and time when the migration period will be disabled.Only necessary when enabling fine-grained access control on an existing domain .
-
getAnonymousAuthEnabled
True to enable a 30-day migration period during which administrators can create role mappings.Only necessary when enabling fine-grained access control on an existing domain .
-
getEnabled
True to enable fine-grained access control.You must also enable encryption of data at rest and node-to-node encryption. See Fine-grained access control in Amazon OpenSearch Service .
-
getInternalUserDatabaseEnabled
True to enable the internal user database. -
getMasterUserOptions
Specifies information about the master user. -
getSamlOptions
Container for information about the SAML configuration for OpenSearch Dashboards. -
builder
-