AdvancedSecurityOptions
- class aws_cdk.aws_opensearchservice.AdvancedSecurityOptions(*, master_user_arn=None, master_user_name=None, master_user_password=None)
Bases:
objectSpecifies options for fine-grained access control.
- Parameters:
master_user_arn (
Optional[str]) – ARN for the master user. Only specify this or masterUserName, but not both. Default: - fine-grained access control is disabledmaster_user_name (
Optional[str]) – Username for the master user. Only specify this or masterUserArn, but not both. Default: - fine-grained access control is disabledmaster_user_password (
Optional[SecretValue]) – Password for the master user. You can useSecretValue.unsafePlainTextto specify a password in plain text or usesecretsmanager.Secret.fromSecretAttributesto reference a secret in Secrets Manager. Default: - A Secrets Manager generated password
- ExampleMetadata:
infused
Example:
domain = opensearch.Domain(self, "Domain", version=opensearch.EngineVersion.OPENSEARCH_1_0, enforce_https=True, node_to_node_encryption=True, encryption_at_rest=opensearch.EncryptionAtRestOptions( enabled=True ), fine_grained_access_control=opensearch.AdvancedSecurityOptions( master_user_name="master-user" ), logging=opensearch.LoggingOptions( audit_log_enabled=True, slow_search_log_enabled=True, app_log_enabled=True, slow_index_log_enabled=True ) )
Attributes
- master_user_arn
ARN for the master user.
Only specify this or masterUserName, but not both.
- Default:
fine-grained access control is disabled
- master_user_name
Username for the master user.
Only specify this or masterUserArn, but not both.
- Default:
fine-grained access control is disabled
- master_user_password
Password for the master user.
You can use
SecretValue.unsafePlainTextto specify a password in plain text or usesecretsmanager.Secret.fromSecretAttributesto reference a secret in Secrets Manager.- Default:
A Secrets Manager generated password