CfnSecurityConfigPropsMixin

class aws_cdk.mixins_preview.aws_opensearchserverless.mixins.CfnSecurityConfigPropsMixin(props, *, strategy=None)

Bases: Mixin

Specifies a security configuration for OpenSearch Serverless.

For more information, see SAML authentication for Amazon OpenSearch Serverless .

See:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-opensearchserverless-securityconfig.html

CloudformationResource:

AWS::OpenSearchServerless::SecurityConfig

Mixin:

true

ExampleMetadata:

fixture=_generated

Example:

# The code below shows an example of how to instantiate this type.
# The values are placeholders you should change.
from aws_cdk.mixins_preview import mixins
from aws_cdk.mixins_preview.aws_opensearchserverless import mixins as opensearchserverless_mixins

cfn_security_config_props_mixin = opensearchserverless_mixins.CfnSecurityConfigPropsMixin(opensearchserverless_mixins.CfnSecurityConfigMixinProps(
    description="description",
    iam_federation_options=opensearchserverless_mixins.CfnSecurityConfigPropsMixin.IamFederationConfigOptionsProperty(
        group_attribute="groupAttribute",
        user_attribute="userAttribute"
    ),
    iam_identity_center_options=opensearchserverless_mixins.CfnSecurityConfigPropsMixin.IamIdentityCenterConfigOptionsProperty(
        application_arn="applicationArn",
        application_description="applicationDescription",
        application_name="applicationName",
        group_attribute="groupAttribute",
        instance_arn="instanceArn",
        user_attribute="userAttribute"
    ),
    name="name",
    saml_options=opensearchserverless_mixins.CfnSecurityConfigPropsMixin.SamlConfigOptionsProperty(
        group_attribute="groupAttribute",
        metadata="metadata",
        open_search_serverless_entity_id="openSearchServerlessEntityId",
        session_timeout=123,
        user_attribute="userAttribute"
    ),
    type="type"
),
    strategy=mixins.PropertyMergeStrategy.OVERRIDE
)

Create a mixin to apply properties to AWS::OpenSearchServerless::SecurityConfig.

Parameters:

• props (Union[CfnSecurityConfigMixinProps, Dict[str, Any]]) – L1 properties to apply.

• strategy (Optional[PropertyMergeStrategy]) – (experimental) Strategy for merging nested properties. Default: - PropertyMergeStrategy.MERGE

Methods

apply_to(construct)

Apply the mixin properties to the construct.

Parameters:

construct (IConstruct)

Return type:

IConstruct

supports(construct)

Check if this mixin supports the given construct.

Parameters:

construct (IConstruct)

Return type:

bool

Attributes

CFN_PROPERTY_KEYS = ['description', 'iamFederationOptions', 'iamIdentityCenterOptions', 'name', 'samlOptions', 'type']

Static Methods

classmethod is_mixin(x)

(experimental) Checks if x is a Mixin.

Parameters:

x (Any) – Any object.

Return type:

bool

Returns:

true if x is an object created from a class which extends Mixin.

Stability:

experimental

IamFederationConfigOptionsProperty

class CfnSecurityConfigPropsMixin.IamFederationConfigOptionsProperty(*, group_attribute=None, user_attribute=None)

Bases: object

Describes IAM federation options for an OpenSearch Serverless security configuration in the form of a key-value map.

These options define how OpenSearch Serverless integrates with external identity providers using federation.

Parameters:

• group_attribute (Optional[str]) – The group attribute for this IAM federation integration. This attribute is used to map identity provider groups to OpenSearch Serverless permissions.

• user_attribute (Optional[str]) – The user attribute for this IAM federation integration. This attribute is used to identify users in the federated authentication process.

See:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-opensearchserverless-securityconfig-iamfederationconfigoptions.html

ExampleMetadata:

fixture=_generated

Example:

# The code below shows an example of how to instantiate this type.
# The values are placeholders you should change.
from aws_cdk.mixins_preview.aws_opensearchserverless import mixins as opensearchserverless_mixins

iam_federation_config_options_property = opensearchserverless_mixins.CfnSecurityConfigPropsMixin.IamFederationConfigOptionsProperty(
    group_attribute="groupAttribute",
    user_attribute="userAttribute"
)

Attributes

group_attribute

The group attribute for this IAM federation integration.

This attribute is used to map identity provider groups to OpenSearch Serverless permissions.

See:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-opensearchserverless-securityconfig-iamfederationconfigoptions.html#cfn-opensearchserverless-securityconfig-iamfederationconfigoptions-groupattribute

user_attribute

The user attribute for this IAM federation integration.

This attribute is used to identify users in the federated authentication process.

See:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-opensearchserverless-securityconfig-iamfederationconfigoptions.html#cfn-opensearchserverless-securityconfig-iamfederationconfigoptions-userattribute

IamIdentityCenterConfigOptionsProperty

class CfnSecurityConfigPropsMixin.IamIdentityCenterConfigOptionsProperty(*, application_arn=None, application_description=None, application_name=None, group_attribute=None, instance_arn=None, user_attribute=None)

Bases: object

Describes IAM Identity Center options for an OpenSearch Serverless security configuration in the form of a key-value map.

Parameters:

• application_arn (Optional[str]) – The ARN of the IAM Identity Center application used to integrate with OpenSearch Serverless.

• application_description (Optional[str]) – The description of the IAM Identity Center application used to integrate with OpenSearch Serverless.

• application_name (Optional[str]) – The name of the IAM Identity Center application used to integrate with OpenSearch Serverless.

• group_attribute (Optional[str]) – The group attribute for this IAM Identity Center integration. Defaults to GroupId .

• instance_arn (Optional[str]) – The ARN of the IAM Identity Center instance used to integrate with OpenSearch Serverless.

• user_attribute (Optional[str]) – The user attribute for this IAM Identity Center integration. Defaults to UserId

See:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-opensearchserverless-securityconfig-iamidentitycenterconfigoptions.html

ExampleMetadata:

fixture=_generated

Example:

# The code below shows an example of how to instantiate this type.
# The values are placeholders you should change.
from aws_cdk.mixins_preview.aws_opensearchserverless import mixins as opensearchserverless_mixins

iam_identity_center_config_options_property = opensearchserverless_mixins.CfnSecurityConfigPropsMixin.IamIdentityCenterConfigOptionsProperty(
    application_arn="applicationArn",
    application_description="applicationDescription",
    application_name="applicationName",
    group_attribute="groupAttribute",
    instance_arn="instanceArn",
    user_attribute="userAttribute"
)

Attributes

application_arn

The ARN of the IAM Identity Center application used to integrate with OpenSearch Serverless.

See:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-opensearchserverless-securityconfig-iamidentitycenterconfigoptions.html#cfn-opensearchserverless-securityconfig-iamidentitycenterconfigoptions-applicationarn

application_description

The description of the IAM Identity Center application used to integrate with OpenSearch Serverless.

See:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-opensearchserverless-securityconfig-iamidentitycenterconfigoptions.html#cfn-opensearchserverless-securityconfig-iamidentitycenterconfigoptions-applicationdescription

application_name

The name of the IAM Identity Center application used to integrate with OpenSearch Serverless.

See:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-opensearchserverless-securityconfig-iamidentitycenterconfigoptions.html#cfn-opensearchserverless-securityconfig-iamidentitycenterconfigoptions-applicationname

group_attribute

The group attribute for this IAM Identity Center integration.

Defaults to GroupId .

See:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-opensearchserverless-securityconfig-iamidentitycenterconfigoptions.html#cfn-opensearchserverless-securityconfig-iamidentitycenterconfigoptions-groupattribute

instance_arn

The ARN of the IAM Identity Center instance used to integrate with OpenSearch Serverless.

See:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-opensearchserverless-securityconfig-iamidentitycenterconfigoptions.html#cfn-opensearchserverless-securityconfig-iamidentitycenterconfigoptions-instancearn

user_attribute

The user attribute for this IAM Identity Center integration.

Defaults to UserId

See:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-opensearchserverless-securityconfig-iamidentitycenterconfigoptions.html#cfn-opensearchserverless-securityconfig-iamidentitycenterconfigoptions-userattribute

SamlConfigOptionsProperty

class CfnSecurityConfigPropsMixin.SamlConfigOptionsProperty(*, group_attribute=None, metadata=None, open_search_serverless_entity_id=None, session_timeout=None, user_attribute=None)

Bases: object

Describes SAML options for an OpenSearch Serverless security configuration in the form of a key-value map.

Parameters:

• group_attribute (Optional[str]) – The group attribute for this SAML integration.

• metadata (Optional[str]) – The XML IdP metadata file generated from your identity provider.

• open_search_serverless_entity_id (Optional[str]) – Custom entity ID attribute to override the default entity ID for this SAML integration.

• session_timeout (Union[int, float, None]) – The session timeout, in minutes. Default is 60 minutes (12 hours).

• user_attribute (Optional[str]) – A user attribute for this SAML integration.

See:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-opensearchserverless-securityconfig-samlconfigoptions.html

ExampleMetadata:

fixture=_generated

Example:

# The code below shows an example of how to instantiate this type.
# The values are placeholders you should change.
from aws_cdk.mixins_preview.aws_opensearchserverless import mixins as opensearchserverless_mixins

saml_config_options_property = opensearchserverless_mixins.CfnSecurityConfigPropsMixin.SamlConfigOptionsProperty(
    group_attribute="groupAttribute",
    metadata="metadata",
    open_search_serverless_entity_id="openSearchServerlessEntityId",
    session_timeout=123,
    user_attribute="userAttribute"
)

Attributes

group_attribute

The group attribute for this SAML integration.

See:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-opensearchserverless-securityconfig-samlconfigoptions.html#cfn-opensearchserverless-securityconfig-samlconfigoptions-groupattribute

metadata

The XML IdP metadata file generated from your identity provider.

See:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-opensearchserverless-securityconfig-samlconfigoptions.html#cfn-opensearchserverless-securityconfig-samlconfigoptions-metadata

open_search_serverless_entity_id

Custom entity ID attribute to override the default entity ID for this SAML integration.

See:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-opensearchserverless-securityconfig-samlconfigoptions.html#cfn-opensearchserverless-securityconfig-samlconfigoptions-opensearchserverlessentityid

session_timeout

The session timeout, in minutes.

Default is 60 minutes (12 hours).

See:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-opensearchserverless-securityconfig-samlconfigoptions.html#cfn-opensearchserverless-securityconfig-samlconfigoptions-sessiontimeout

user_attribute

A user attribute for this SAML integration.

See:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-opensearchserverless-securityconfig-samlconfigoptions.html#cfn-opensearchserverless-securityconfig-samlconfigoptions-userattribute