SAMLOptionsInput

The SAML authentication configuration for an Amazon OpenSearch Service domain.

Contents

Enabled

True to enable SAML authentication for a domain.

Type: Boolean

Required: No

Idp

The SAML Identity Provider's information.

Type: SAMLIdp object

Required: No

MasterBackendRole

The backend role that the SAML master user is mapped to.

Type: String

Length Constraints: Minimum length of 1. Maximum length of 256.

Required: No

MasterUserName

The SAML master user name, which is stored in the domain's internal user database.

Type: String

Length Constraints: Minimum length of 1. Maximum length of 64.

Pattern: .*

Required: No

RolesKey

Element of the SAML assertion to use for backend roles. Default is roles.

Type: String

Required: No

SessionTimeoutMinutes

The duration, in minutes, after which a user session becomes inactive. Acceptable values are between 1 and 1440, and the default value is 60.

Type: Integer

Required: No

SubjectKey

Element of the SAML assertion to use for the user name. Default is NameID.

Type: String

Required: No

See Also

For more information about using this API in one of the language-specific AWS SDKs, see the following:

• AWS SDK for C++

• AWS SDK for Java V2

• AWS SDK for Ruby V3