AWS::OpenSearchService::Domain SAMLOptions
Container for information about the SAML configuration for OpenSearch Dashboards.
Syntax
To declare this entity in your AWS CloudFormation template, use the following syntax:
JSON
{ "Enabled" :Boolean, "Idp" :Idp, "MasterBackendRole" :String, "MasterUserName" :String, "RolesKey" :String, "SessionTimeoutMinutes" :Integer, "SubjectKey" :String}
YAML
Enabled:BooleanIdp:IdpMasterBackendRole:StringMasterUserName:StringRolesKey:StringSessionTimeoutMinutes:IntegerSubjectKey:String
Properties
Enabled-
True to enable SAML authentication for a domain.
Required: No
Type: Boolean
Update requires: No interruption
Idp-
The SAML Identity Provider's information.
Required: No
Type: Idp
Update requires: No interruption
MasterBackendRole-
The backend role that the SAML master user is mapped to.
Required: No
Type: String
Minimum:
1Maximum:
256Update requires: No interruption
MasterUserName-
The SAML master user name, which is stored in the domain's internal user database.
Required: No
Type: String
Pattern:
.*Minimum:
1Maximum:
64Update requires: No interruption
RolesKey-
Element of the SAML assertion to use for backend roles. Default is
roles.Required: No
Type: String
Update requires: No interruption
SessionTimeoutMinutes-
The duration, in minutes, after which a user session becomes inactive. Acceptable values are between 1 and 1440, and the default value is 60.
Required: No
Type: Integer
Update requires: No interruption
SubjectKey-
Element of the SAML assertion to use for the user name. Default is
NameID.Required: No
Type: String
Update requires: No interruption
