Modifier and Type | Method and Description |
---|---|
Domain.Builder |
accessPolicies(java.util.List<? extends PolicyStatement> accessPolicies)
Domain access policies.
|
Domain.Builder |
advancedOptions(java.util.Map<java.lang.String,java.lang.String> advancedOptions)
Additional options to specify for the Amazon OpenSearch Service domain.
|
Domain.Builder |
automatedSnapshotStartHour(java.lang.Number automatedSnapshotStartHour)
The hour in UTC during which the service takes an automated daily snapshot of the indices in the Amazon OpenSearch Service domain.
|
Domain |
build() |
Domain.Builder |
capacity(CapacityConfig capacity)
The cluster capacity configuration for the Amazon OpenSearch Service domain.
|
Domain.Builder |
cognitoDashboardsAuth(CognitoOptions cognitoDashboardsAuth)
Configures Amazon OpenSearch Service to use Amazon Cognito authentication for OpenSearch Dashboards.
|
static Domain.Builder |
create(software.constructs.Construct scope,
java.lang.String id) |
Domain.Builder |
customEndpoint(CustomEndpointOptions customEndpoint)
To configure a custom domain configure these options.
|
Domain.Builder |
domainName(java.lang.String domainName)
Enforces a particular physical domain name.
|
Domain.Builder |
ebs(EbsOptions ebs)
The configurations of Amazon Elastic Block Store (Amazon EBS) volumes that are attached to data nodes in the Amazon OpenSearch Service domain.
|
Domain.Builder |
enableVersionUpgrade(java.lang.Boolean enableVersionUpgrade)
To upgrade an Amazon OpenSearch Service domain to a new version, rather than replacing the entire domain resource, use the EnableVersionUpgrade update policy.
|
Domain.Builder |
encryptionAtRest(EncryptionAtRestOptions encryptionAtRest)
Encryption at rest options for the cluster.
|
Domain.Builder |
enforceHttps(java.lang.Boolean enforceHttps)
True to require that all traffic to the domain arrive over HTTPS.
|
Domain.Builder |
fineGrainedAccessControl(AdvancedSecurityOptions fineGrainedAccessControl)
Specifies options for fine-grained access control.
|
Domain.Builder |
logging(LoggingOptions logging)
Configuration log publishing configuration options.
|
Domain.Builder |
nodeToNodeEncryption(java.lang.Boolean nodeToNodeEncryption)
Specify true to enable node to node encryption.
|
Domain.Builder |
removalPolicy(RemovalPolicy removalPolicy)
Policy to apply when the domain is removed from the stack.
|
Domain.Builder |
securityGroups(java.util.List<? extends ISecurityGroup> securityGroups)
The list of security groups that are associated with the VPC endpoints for the domain.
|
Domain.Builder |
tlsSecurityPolicy(TLSSecurityPolicy tlsSecurityPolicy)
The minimum TLS version required for traffic to the domain.
|
Domain.Builder |
useUnsignedBasicAuth(java.lang.Boolean useUnsignedBasicAuth)
Configures the domain so that unsigned basic auth is enabled.
|
Domain.Builder |
version(EngineVersion version)
The Elasticsearch/OpenSearch version that your domain will leverage.
|
Domain.Builder |
vpc(IVpc vpc)
Place the domain inside this VPC.
|
Domain.Builder |
vpcSubnets(java.util.List<? extends SubnetSelection> vpcSubnets)
The specific vpc subnets the domain will be placed in.
|
Domain.Builder |
zoneAwareness(ZoneAwarenessConfig zoneAwareness)
The cluster zone awareness configuration for the Amazon OpenSearch Service domain.
|
public static Domain.Builder create(software.constructs.Construct scope, java.lang.String id)
scope
- This parameter is required.id
- This parameter is required.Domain.Builder
.public Domain.Builder version(EngineVersion version)
version
- The Elasticsearch/OpenSearch version that your domain will leverage. This parameter is required.this
public Domain.Builder accessPolicies(java.util.List<? extends PolicyStatement> accessPolicies)
Default: - No access policies.
accessPolicies
- Domain access policies. This parameter is required.this
public Domain.Builder advancedOptions(java.util.Map<java.lang.String,java.lang.String> advancedOptions)
Default: - no advanced options are specified
advancedOptions
- Additional options to specify for the Amazon OpenSearch Service domain. This parameter is required.this
public Domain.Builder automatedSnapshotStartHour(java.lang.Number automatedSnapshotStartHour)
Only applies for Elasticsearch versions below 5.3.
Default: - Hourly automated snapshots not used
automatedSnapshotStartHour
- The hour in UTC during which the service takes an automated daily snapshot of the indices in the Amazon OpenSearch Service domain. This parameter is required.this
public Domain.Builder capacity(CapacityConfig capacity)
Default: - 1 r5.large.search data node; no dedicated master nodes.
capacity
- The cluster capacity configuration for the Amazon OpenSearch Service domain. This parameter is required.this
public Domain.Builder cognitoDashboardsAuth(CognitoOptions cognitoDashboardsAuth)
Default: - Cognito not used for authentication to OpenSearch Dashboards.
cognitoDashboardsAuth
- Configures Amazon OpenSearch Service to use Amazon Cognito authentication for OpenSearch Dashboards. This parameter is required.this
public Domain.Builder customEndpoint(CustomEndpointOptions customEndpoint)
If you specify a Route53 hosted zone it will create a CNAME record and use DNS validation for the certificate
Default: - no custom domain endpoint will be configured
customEndpoint
- To configure a custom domain configure these options. This parameter is required.this
public Domain.Builder domainName(java.lang.String domainName)
Default: - A name will be auto-generated.
domainName
- Enforces a particular physical domain name. This parameter is required.this
public Domain.Builder ebs(EbsOptions ebs)
Default: - 10 GiB General Purpose (SSD) volumes per node.
ebs
- The configurations of Amazon Elastic Block Store (Amazon EBS) volumes that are attached to data nodes in the Amazon OpenSearch Service domain. This parameter is required.this
public Domain.Builder enableVersionUpgrade(java.lang.Boolean enableVersionUpgrade)
Default: - false
enableVersionUpgrade
- To upgrade an Amazon OpenSearch Service domain to a new version, rather than replacing the entire domain resource, use the EnableVersionUpgrade update policy. This parameter is required.this
public Domain.Builder encryptionAtRest(EncryptionAtRestOptions encryptionAtRest)
Default: - No encryption at rest
encryptionAtRest
- Encryption at rest options for the cluster. This parameter is required.this
public Domain.Builder enforceHttps(java.lang.Boolean enforceHttps)
Default: - false
enforceHttps
- True to require that all traffic to the domain arrive over HTTPS. This parameter is required.this
public Domain.Builder fineGrainedAccessControl(AdvancedSecurityOptions fineGrainedAccessControl)
Requires Elasticsearch version 6.7 or later or OpenSearch version 1.0 or later. Enabling fine-grained access control also requires encryption of data at rest and node-to-node encryption, along with enforced HTTPS.
Default: - fine-grained access control is disabled
fineGrainedAccessControl
- Specifies options for fine-grained access control. This parameter is required.this
public Domain.Builder logging(LoggingOptions logging)
Default: - No logs are published
logging
- Configuration log publishing configuration options. This parameter is required.this
public Domain.Builder nodeToNodeEncryption(java.lang.Boolean nodeToNodeEncryption)
Requires Elasticsearch version 6.0 or later or OpenSearch version 1.0 or later.
Default: - Node to node encryption is not enabled.
nodeToNodeEncryption
- Specify true to enable node to node encryption. This parameter is required.this
public Domain.Builder removalPolicy(RemovalPolicy removalPolicy)
Default: RemovalPolicy.RETAIN
removalPolicy
- Policy to apply when the domain is removed from the stack. This parameter is required.this
public Domain.Builder securityGroups(java.util.List<? extends ISecurityGroup> securityGroups)
Only used if vpc
is specified.
Default: - One new security group is created.
securityGroups
- The list of security groups that are associated with the VPC endpoints for the domain. This parameter is required.this
public Domain.Builder tlsSecurityPolicy(TLSSecurityPolicy tlsSecurityPolicy)
Default: - TLSSecurityPolicy.TLS_1_0
tlsSecurityPolicy
- The minimum TLS version required for traffic to the domain. This parameter is required.this
public Domain.Builder useUnsignedBasicAuth(java.lang.Boolean useUnsignedBasicAuth)
If no master user is provided a default master user
with username admin
and a dynamically generated password stored in KMS is created. The password can be retrieved
by getting masterUserPassword
from the domain instance.
Setting this to true will also add an access policy that allows unsigned access, enable node to node encryption, encryption at rest. If conflicting settings are encountered (like disabling encryption at rest) enabling this setting will cause a failure.
Default: - false
useUnsignedBasicAuth
- Configures the domain so that unsigned basic auth is enabled. This parameter is required.this
public Domain.Builder vpc(IVpc vpc)
Default: - Domain is not placed in a VPC.
vpc
- Place the domain inside this VPC. This parameter is required.this
public Domain.Builder vpcSubnets(java.util.List<? extends SubnetSelection> vpcSubnets)
You must provide one subnet for each Availability Zone that your domain uses. For example, you must specify three subnet IDs for a three Availability Zone domain.
Only used if vpc
is specified.
Default: - All private subnets.
vpcSubnets
- The specific vpc subnets the domain will be placed in. This parameter is required.this
public Domain.Builder zoneAwareness(ZoneAwarenessConfig zoneAwareness)
Default: - no zone awareness (1 AZ)
zoneAwareness
- The cluster zone awareness configuration for the Amazon OpenSearch Service domain. This parameter is required.this
public Domain build()