Package software.amazon.awscdk.services.opensearchservice

Class Domain.Builder

java.lang.Object
software.amazon.awscdk.services.opensearchservice.Domain.Builder
All Implemented Interfaces:
software.amazon.jsii.Builder<Domain>
Enclosing class:
Domain
@Stability(Stable) public static final class Domain.Builder extends Object implements software.amazon.jsii.Builder<Domain>
A fluent builder for Domain.

  • Method Details

    • create

      @Stability(Stable) public static Domain.Builder create(software.constructs.Construct scope, String id)
      Parameters:
      scope - This parameter is required.
      id - This parameter is required.
      Returns:
      a new instance of Domain.Builder.

    • version

      @Stability(Stable) public Domain.Builder version(EngineVersion version)
      The Elasticsearch/OpenSearch version that your domain will leverage.

      Parameters:
      version - The Elasticsearch/OpenSearch version that your domain will leverage. This parameter is required.
      Returns:
      this

    • accessPolicies

      @Stability(Stable) public Domain.Builder accessPolicies(List<? extends PolicyStatement> accessPolicies)
      Domain access policies.

      Default: - No access policies.

      Parameters:
      accessPolicies - Domain access policies. This parameter is required.
      Returns:
      this

    • advancedOptions

      @Stability(Stable) public Domain.Builder advancedOptions(Map<String,String> advancedOptions)
      Additional options to specify for the Amazon OpenSearch Service domain.

      Default: - no advanced options are specified

      Parameters:
      advancedOptions - Additional options to specify for the Amazon OpenSearch Service domain. This parameter is required.
      Returns:
      this
      See Also:

    • automatedSnapshotStartHour

      @Stability(Stable) public Domain.Builder automatedSnapshotStartHour(Number automatedSnapshotStartHour)
      The hour in UTC during which the service takes an automated daily snapshot of the indices in the Amazon OpenSearch Service domain.

      Only applies for Elasticsearch versions below 5.3.

      Default: - Hourly automated snapshots not used

      Parameters:
      automatedSnapshotStartHour - The hour in UTC during which the service takes an automated daily snapshot of the indices in the Amazon OpenSearch Service domain. This parameter is required.
      Returns:
      this

    • capacity

      @Stability(Stable) public Domain.Builder capacity(CapacityConfig capacity)
      The cluster capacity configuration for the Amazon OpenSearch Service domain.

      Default: - 1 r5.large.search data node; no dedicated master nodes.

      Parameters:
      capacity - The cluster capacity configuration for the Amazon OpenSearch Service domain. This parameter is required.
      Returns:
      this

    • cognitoDashboardsAuth

      @Stability(Stable) public Domain.Builder cognitoDashboardsAuth(CognitoOptions cognitoDashboardsAuth)
      Configures Amazon OpenSearch Service to use Amazon Cognito authentication for OpenSearch Dashboards.

      Default: - Cognito not used for authentication to OpenSearch Dashboards.

      Parameters:
      cognitoDashboardsAuth - Configures Amazon OpenSearch Service to use Amazon Cognito authentication for OpenSearch Dashboards. This parameter is required.
      Returns:
      this

    • coldStorageEnabled

      @Stability(Stable) public Domain.Builder coldStorageEnabled(Boolean coldStorageEnabled)
      Whether to enable or disable cold storage on the domain.

      You must enable UltraWarm storage to enable cold storage.

      Default: - undefined

      Parameters:
      coldStorageEnabled - Whether to enable or disable cold storage on the domain. This parameter is required.
      Returns:
      this
      See Also:

    • customEndpoint

      @Stability(Stable) public Domain.Builder customEndpoint(CustomEndpointOptions customEndpoint)
      To configure a custom domain configure these options.

      If you specify a Route53 hosted zone it will create a CNAME record and use DNS validation for the certificate

      Default: - no custom domain endpoint will be configured

      Parameters:
      customEndpoint - To configure a custom domain configure these options. This parameter is required.
      Returns:
      this

    • domainName

      @Stability(Stable) public Domain.Builder domainName(String domainName)
      Enforces a particular physical domain name.

      Default: - A name will be auto-generated.

      Parameters:
      domainName - Enforces a particular physical domain name. This parameter is required.
      Returns:
      this

    • ebs

      @Stability(Stable) public Domain.Builder ebs(EbsOptions ebs)
      The configurations of Amazon Elastic Block Store (Amazon EBS) volumes that are attached to data nodes in the Amazon OpenSearch Service domain.

      Default: - 10 GiB General Purpose (SSD) volumes per node.

      Parameters:
      ebs - The configurations of Amazon Elastic Block Store (Amazon EBS) volumes that are attached to data nodes in the Amazon OpenSearch Service domain. This parameter is required.
      Returns:
      this

    • enableAutoSoftwareUpdate

      @Stability(Stable) public Domain.Builder enableAutoSoftwareUpdate(Boolean enableAutoSoftwareUpdate)
      Specifies whether automatic service software updates are enabled for the domain.

      Default: - false

      Parameters:
      enableAutoSoftwareUpdate - Specifies whether automatic service software updates are enabled for the domain. This parameter is required.
      Returns:
      this
      See Also:

    • enableVersionUpgrade

      @Stability(Stable) public Domain.Builder enableVersionUpgrade(Boolean enableVersionUpgrade)
      To upgrade an Amazon OpenSearch Service domain to a new version, rather than replacing the entire domain resource, use the EnableVersionUpgrade update policy.

      Default: - false

      Parameters:
      enableVersionUpgrade - To upgrade an Amazon OpenSearch Service domain to a new version, rather than replacing the entire domain resource, use the EnableVersionUpgrade update policy. This parameter is required.
      Returns:
      this
      See Also:

    • encryptionAtRest

      @Stability(Stable) public Domain.Builder encryptionAtRest(EncryptionAtRestOptions encryptionAtRest)
      Encryption at rest options for the cluster.

      Default: - No encryption at rest

      Parameters:
      encryptionAtRest - Encryption at rest options for the cluster. This parameter is required.
      Returns:
      this

    • enforceHttps

      @Stability(Stable) public Domain.Builder enforceHttps(Boolean enforceHttps)
      True to require that all traffic to the domain arrive over HTTPS.

      Default: - false

      Parameters:
      enforceHttps - True to require that all traffic to the domain arrive over HTTPS. This parameter is required.
      Returns:
      this

    • fineGrainedAccessControl

      @Stability(Stable) public Domain.Builder fineGrainedAccessControl(AdvancedSecurityOptions fineGrainedAccessControl)
      Specifies options for fine-grained access control.

      Requires Elasticsearch version 6.7 or later or OpenSearch version 1.0 or later. Enabling fine-grained access control also requires encryption of data at rest and node-to-node encryption, along with enforced HTTPS.

      Default: - fine-grained access control is disabled

      Parameters:
      fineGrainedAccessControl - Specifies options for fine-grained access control. This parameter is required.
      Returns:
      this

    • ipAddressType

      @Stability(Stable) public Domain.Builder ipAddressType(IpAddressType ipAddressType)
      Specify either dual stack or IPv4 as your IP address type.

      Dual stack allows you to share domain resources across IPv4 and IPv6 address types, and is the recommended option.

      If you set your IP address type to dual stack, you can't change your address type later.

      Default: - IpAddressType.IPV4

      Parameters:
      ipAddressType - Specify either dual stack or IPv4 as your IP address type. This parameter is required.
      Returns:
      this

    • logging

      @Stability(Stable) public Domain.Builder logging(LoggingOptions logging)
      Configuration log publishing configuration options.

      Default: - No logs are published

      Parameters:
      logging - Configuration log publishing configuration options. This parameter is required.
      Returns:
      this

    • nodeToNodeEncryption

      @Stability(Stable) public Domain.Builder nodeToNodeEncryption(Boolean nodeToNodeEncryption)
      Specify true to enable node to node encryption.

      Requires Elasticsearch version 6.0 or later or OpenSearch version 1.0 or later.

      Default: - Node to node encryption is not enabled.

      Parameters:
      nodeToNodeEncryption - Specify true to enable node to node encryption. This parameter is required.
      Returns:
      this

    • offPeakWindowEnabled

      @Stability(Stable) public Domain.Builder offPeakWindowEnabled(Boolean offPeakWindowEnabled)
      Options for enabling a domain's off-peak window, during which OpenSearch Service can perform mandatory configuration changes on the domain.

      Off-peak windows were introduced on February 16, 2023. All domains created before this date have the off-peak window disabled by default. You must manually enable and configure the off-peak window for these domains. All domains created after this date will have the off-peak window enabled by default. You can't disable the off-peak window for a domain after it's enabled.

      Default: - Disabled for domains created before February 16, 2023. Enabled for domains created after. Enabled if `offPeakWindowStart` is set.

      Parameters:
      offPeakWindowEnabled - Options for enabling a domain's off-peak window, during which OpenSearch Service can perform mandatory configuration changes on the domain. This parameter is required.
      Returns:
      this
      See Also:

    • offPeakWindowStart

      @Stability(Stable) public Domain.Builder offPeakWindowStart(WindowStartTime offPeakWindowStart)
      Start time for the off-peak window, in Coordinated Universal Time (UTC).

      The window length will always be 10 hours, so you can't specify an end time. For example, if you specify 11:00 P.M. UTC as a start time, the end time will automatically be set to 9:00 A.M.

      Default: - 10:00 P.M. local time

      Parameters:
      offPeakWindowStart - Start time for the off-peak window, in Coordinated Universal Time (UTC). This parameter is required.
      Returns:
      this

    • removalPolicy

      @Stability(Stable) public Domain.Builder removalPolicy(RemovalPolicy removalPolicy)
      Policy to apply when the domain is removed from the stack.

      Default: RemovalPolicy.RETAIN

      Parameters:
      removalPolicy - Policy to apply when the domain is removed from the stack. This parameter is required.
      Returns:
      this

    • securityGroups

      @Stability(Stable) public Domain.Builder securityGroups(List<? extends ISecurityGroup> securityGroups)
      The list of security groups that are associated with the VPC endpoints for the domain.

      Only used if vpc is specified.

      Default: - One new security group is created.

      Parameters:
      securityGroups - The list of security groups that are associated with the VPC endpoints for the domain. This parameter is required.
      Returns:
      this
      See Also:

    • suppressLogsResourcePolicy

      @Stability(Stable) public Domain.Builder suppressLogsResourcePolicy(Boolean suppressLogsResourcePolicy)
      Specify whether to create a CloudWatch Logs resource policy or not.

      When logging is enabled for the domain, a CloudWatch Logs resource policy is created by default. However, CloudWatch Logs supports only 10 resource policies per region. If you enable logging for several domains, it may hit the quota and cause an error. By setting this property to true, creating a resource policy is suppressed, allowing you to avoid this problem.

      If you set this option to true, you must create a resource policy before deployment.

      Default: - false

      Parameters:
      suppressLogsResourcePolicy - Specify whether to create a CloudWatch Logs resource policy or not. This parameter is required.
      Returns:
      this
      See Also:

    • tlsSecurityPolicy

      @Stability(Stable) public Domain.Builder tlsSecurityPolicy(TLSSecurityPolicy tlsSecurityPolicy)
      The minimum TLS version required for traffic to the domain.

      Default: - TLSSecurityPolicy.TLS_1_0

      Parameters:
      tlsSecurityPolicy - The minimum TLS version required for traffic to the domain. This parameter is required.
      Returns:
      this

    • useUnsignedBasicAuth

      @Stability(Stable) public Domain.Builder useUnsignedBasicAuth(Boolean useUnsignedBasicAuth)
      Configures the domain so that unsigned basic auth is enabled.

      If no master user is provided a default master user with username admin and a dynamically generated password stored in KMS is created. The password can be retrieved by getting masterUserPassword from the domain instance.

      Setting this to true will also add an access policy that allows unsigned access, enable node to node encryption, encryption at rest. If conflicting settings are encountered (like disabling encryption at rest) enabling this setting will cause a failure.

      Default: - false

      Parameters:
      useUnsignedBasicAuth - Configures the domain so that unsigned basic auth is enabled. This parameter is required.
      Returns:
      this

    • vpc

      @Stability(Stable) public Domain.Builder vpc(IVpc vpc)
      Place the domain inside this VPC.

      Default: - Domain is not placed in a VPC.

      Parameters:
      vpc - Place the domain inside this VPC. This parameter is required.
      Returns:
      this
      See Also:

    • vpcSubnets

      @Stability(Stable) public Domain.Builder vpcSubnets(List<? extends SubnetSelection> vpcSubnets)
      The specific vpc subnets the domain will be placed in.

      You must provide one subnet for each Availability Zone that your domain uses. For example, you must specify three subnet IDs for a three Availability Zone domain.

      Only used if vpc is specified.

      Default: - All private subnets.

      Parameters:
      vpcSubnets - The specific vpc subnets the domain will be placed in. This parameter is required.
      Returns:
      this
      See Also:

    • zoneAwareness

      @Stability(Stable) public Domain.Builder zoneAwareness(ZoneAwarenessConfig zoneAwareness)
      The cluster zone awareness configuration for the Amazon OpenSearch Service domain.

      Default: - no zone awareness (1 AZ)

      Parameters:
      zoneAwareness - The cluster zone awareness configuration for the Amazon OpenSearch Service domain. This parameter is required.
      Returns:
      this

    • build

      @Stability(Stable) public Domain build()
      Specified by:
      build in interface software.amazon.jsii.Builder<Domain>
      Returns:
      a newly built instance of Domain.