Package software.amazon.awscdk.services.opensearchservice

Interface SAMLOptionsProperty

All Superinterfaces:

software.amazon.jsii.JsiiSerializable

All Known Implementing Classes:

SAMLOptionsProperty.Jsii$Proxy

@Generated(value="jsii-pacmak/1.118.0 (build 02eec31)",
           date="2025-11-04T09:27:46.096Z")
@Stability(Stable)
public interface SAMLOptionsProperty
extends software.amazon.jsii.JsiiSerializable

Container for information about the SAML configuration for OpenSearch Dashboards.

Example:

 Domain domain = Domain.Builder.create(this, "Domain")
         .version(EngineVersion.OPENSEARCH_1_0)
         .enforceHttps(true)
         .nodeToNodeEncryption(true)
         .encryptionAtRest(EncryptionAtRestOptions.builder()
                 .enabled(true)
                 .build())
         .fineGrainedAccessControl(AdvancedSecurityOptions.builder()
                 .masterUserName("master-user")
                 .samlAuthenticationEnabled(true)
                 .samlAuthenticationOptions(SAMLOptionsProperty.builder()
                         .idpEntityId("entity-id")
                         .idpMetadataContent("metadata-content-with-quotes-escaped")
                         .build())
                 .build())
         .build();
 

Nested Class Summary

Nested Classes

Modifier and Type	Interface	Description
static final class	SAMLOptionsProperty.Builder	A builder for SAMLOptionsProperty
static final class	SAMLOptionsProperty.Jsii$Proxy	An implementation for SAMLOptionsProperty

Method Summary

Modifier and Type	Method	Description
static SAMLOptionsProperty.Builder	builder()
String	getIdpEntityId()	The unique entity ID of the application in the SAML identity provider.
String	getIdpMetadataContent()	The metadata of the SAML application, in XML format.
default String	getMasterBackendRole()	The backend role that the SAML master user is mapped to.
default String	getMasterUserName()	The SAML master username, which is stored in the domain's internal user database.
default String	getRolesKey()	Element of the SAML assertion to use for backend roles.
default Number	getSessionTimeoutMinutes()	The duration, in minutes, after which a user session becomes inactive.
default String	getSubjectKey()	Element of the SAML assertion to use for the user name.

Methods inherited from interface software.amazon.jsii.JsiiSerializable

$jsii$toJson

Method Details

getIdpEntityId

@Stability(Stable)
@NotNull
String getIdpEntityId()

The unique entity ID of the application in the SAML identity provider.

getIdpMetadataContent

@Stability(Stable)
@NotNull
String getIdpMetadataContent()

The metadata of the SAML application, in XML format.

getMasterBackendRole

@Stability(Stable)
@Nullable
default String getMasterBackendRole()

The backend role that the SAML master user is mapped to.

Any users with this backend role receives full permission in OpenSearch Dashboards/Kibana. To use a SAML master backend role, configure the rolesKey property.

Default: - The master user is not mapped to a backend role

getMasterUserName

@Stability(Stable)
@Nullable
default String getMasterUserName()

The SAML master username, which is stored in the domain's internal user database.

This SAML user receives full permission in OpenSearch Dashboards/Kibana. Creating a new master username does not delete any existing master usernames.

Default: - No master user name is configured

getRolesKey

@Stability(Stable)
@Nullable
default String getRolesKey()

Element of the SAML assertion to use for backend roles.

Default: - roles

getSessionTimeoutMinutes

@Stability(Stable)
@Nullable
default Number getSessionTimeoutMinutes()

The duration, in minutes, after which a user session becomes inactive.

Default: - 60

getSubjectKey

@Stability(Stable)
@Nullable
default String getSubjectKey()

Element of the SAML assertion to use for the user name.

Default: - NameID element of the SAML assertion fot the user name

builder

@Stability(Stable)
static SAMLOptionsProperty.Builder builder()

Returns:

a SAMLOptionsProperty.Builder of SAMLOptionsProperty