interface AdvancedSecurityOptions
| Language | Type name |
|---|---|
 .NET | Amazon.CDK.AWS.OpenSearchService.AdvancedSecurityOptions |
 Java | software.amazon.awscdk.services.opensearchservice.AdvancedSecurityOptions |
 Python | aws_cdk.aws_opensearchservice.AdvancedSecurityOptions |
 TypeScript (source) | @aws-cdk/aws-opensearchservice » AdvancedSecurityOptions |
Specifies options for fine-grained access control.
Example
const domain = new opensearch.Domain(this, 'Domain', {
version: opensearch.EngineVersion.OPENSEARCH_1_0,
enforceHttps: true,
nodeToNodeEncryption: true,
encryptionAtRest: {
enabled: true,
},
fineGrainedAccessControl: {
masterUserName: 'master-user',
},
logging: {
auditLogEnabled: true,
slowSearchLogEnabled: true,
appLogEnabled: true,
slowIndexLogEnabled: true,
},
});
Properties
| Name | Type | Description |
|---|---|---|
| master | string | ARN for the master user. |
| master | string | Username for the master user. |
| master | Secret | Password for the master user. |
masterUserArn?
Type:
string
(optional, default: fine-grained access control is disabled)
ARN for the master user.
Only specify this or masterUserName, but not both.
masterUserName?
Type:
string
(optional, default: fine-grained access control is disabled)
Username for the master user.
Only specify this or masterUserArn, but not both.
masterUserPassword?
Type:
Secret
(optional, default: A Secrets Manager generated password)
Password for the master user.
You can use SecretValue.unsafePlainText to specify a password in plain text or
use secretsmanager.Secret.fromSecretAttributes to reference a secret in
Secrets Manager.