interface SAMLOptionsProperty
This page is available in another version. Click here for the v2 documentation.
| Language | Type name |
|---|---|
 .NET | Amazon.CDK.AWS.OpenSearchService.CfnDomain.SAMLOptionsProperty |
 Java | software.amazon.awscdk.services.opensearchservice.CfnDomain.SAMLOptionsProperty |
 Python | aws_cdk.aws_opensearchservice.CfnDomain.SAMLOptionsProperty |
 TypeScript | @aws-cdk/aws-opensearchservice » CfnDomain » SAMLOptionsProperty |
Container for information about the SAML configuration for OpenSearch Dashboards.
Example
// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import * as opensearchservice from '@aws-cdk/aws-opensearchservice';
const sAMLOptionsProperty: opensearchservice.CfnDomain.SAMLOptionsProperty = {
enabled: false,
idp: {
entityId: 'entityId',
metadataContent: 'metadataContent',
},
masterBackendRole: 'masterBackendRole',
masterUserName: 'masterUserName',
rolesKey: 'rolesKey',
sessionTimeoutMinutes: 123,
subjectKey: 'subjectKey',
};
Properties
| Name | Type | Description |
|---|---|---|
| enabled? | boolean | IResolvable | True to enable SAML authentication for a domain. |
| idp? | IResolvable | Idp | The SAML Identity Provider's information. |
| master | string | The backend role that the SAML master user is mapped to. |
| master | string | The SAML master user name, which is stored in the domain's internal user database. |
| roles | string | Element of the SAML assertion to use for backend roles. |
| session | number | The duration, in minutes, after which a user session becomes inactive. |
| subject | string | Element of the SAML assertion to use for the user name. |
enabled?
Type:
boolean | IResolvable
(optional)
True to enable SAML authentication for a domain.
idp?
Type:
IResolvable | Idp
(optional)
The SAML Identity Provider's information.
masterBackendRole?
Type:
string
(optional)
The backend role that the SAML master user is mapped to.
masterUserName?
Type:
string
(optional)
The SAML master user name, which is stored in the domain's internal user database.
rolesKey?
Type:
string
(optional)
Element of the SAML assertion to use for backend roles.
Default is roles .
sessionTimeoutMinutes?
Type:
number
(optional)
The duration, in minutes, after which a user session becomes inactive.
Acceptable values are between 1 and 1440, and the default value is 60.
subjectKey?
Type:
string
(optional)
Element of the SAML assertion to use for the user name.
Default is NameID .