This is the new *CloudFormation Template Reference Guide*. Please update your bookmarks and links. For help getting started with CloudFormation, see the [AWS CloudFormation User Guide](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/Welcome.html). # AWS::OpenSearchServerless::SecurityConfig IamFederationConfigOptions Describes IAM federation options for an OpenSearch Serverless security configuration in the form of a key-value map. These options define how OpenSearch Serverless integrates with external identity providers using federation. ## Syntax To declare this entity in your CloudFormation template, use the following syntax: ### JSON ``` { "[GroupAttribute](#cfn-opensearchserverless-securityconfig-iamfederationconfigoptions-groupattribute)" : String, "[UserAttribute](#cfn-opensearchserverless-securityconfig-iamfederationconfigoptions-userattribute)" : String } ``` ### YAML ``` [GroupAttribute](#cfn-opensearchserverless-securityconfig-iamfederationconfigoptions-groupattribute): String [UserAttribute](#cfn-opensearchserverless-securityconfig-iamfederationconfigoptions-userattribute): String ``` ## Properties `GroupAttribute` The group attribute for this IAM federation integration. This attribute is used to map identity provider groups to OpenSearch Serverless permissions. *Required*: No *Type*: String *Pattern*: `[A-Za-z][A-Za-z0-9_.:/=+\-@]*` *Minimum*: `1` *Maximum*: `64` *Update requires*: [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt) `UserAttribute` The user attribute for this IAM federation integration. This attribute is used to identify users in the federated authentication process. *Required*: No *Type*: String *Pattern*: `[A-Za-z][A-Za-z0-9_.:/=+\-@]*` *Minimum*: `1` *Maximum*: `64` *Update requires*: [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt)