This is the new CloudFormation Template Reference Guide. Please update your bookmarks and links. For help getting started with CloudFormation, see the AWS CloudFormation User Guide.
AWS::OpenSearchService::Domain VPCOptions
The virtual private cloud (VPC) configuration for the OpenSearch Service domain. For more information, see Launching your Amazon OpenSearch Service domains using a VPC in the Amazon OpenSearch Service Developer Guide.
Syntax
To declare this entity in your CloudFormation template, use the following syntax:
JSON
{ "EgressEnabled" :Boolean, "SecurityGroupIds" :[ String, ... ], "SubnetIds" :[ String, ... ]}
YAML
EgressEnabled:BooleanSecurityGroupIds:- StringSubnetIds:- String
Properties
EgressEnabled-
Controls whether egress traffic from the domain is routed through the customer VPC. When
true, outbound traffic flows through the VPC. Whenfalse, outbound traffic goes through the public internet.Required: No
Type: Boolean
Update requires: No interruption
SecurityGroupIds-
The list of security group IDs that are associated with the VPC endpoints for the domain. If you don't provide a security group ID, OpenSearch Service uses the default security group for the VPC. To learn more, see Security groups for your VPC in the Amazon VPC User Guide.
Required: No
Type: Array of String
Update requires: No interruption
SubnetIds-
Provide one subnet ID for each Availability Zone that your domain uses. For example, you must specify three subnet IDs for a three-AZ domain. To learn more, see VPCs and subnets in the Amazon VPC User Guide.
If you specify more than one subnet, you must also configure
ZoneAwarenessEnabledandZoneAwarenessConfigwithin ClusterConfig, otherwise you'll see the error "You must specify exactly one subnet" during template creation.Required: No
Type: Array of String
Update requires: No interruption
See also
-
Launching your Amazon OpenSearch Service domains within a VPC in the Amazon OpenSearch Service Developer Guide.
