aws-cdk-lib.aws_elasticsearch.AdvancedSecurityOptions

interface AdvancedSecurityOptions ⚠️

LanguageType name
.NETAmazon.CDK.AWS.Elasticsearch.AdvancedSecurityOptions
Gogithub.com/aws/aws-cdk-go/awscdk/v2/awselasticsearch#AdvancedSecurityOptions
Javasoftware.amazon.awscdk.services.elasticsearch.AdvancedSecurityOptions
Pythonaws_cdk.aws_elasticsearch.AdvancedSecurityOptions
TypeScript (source)aws-cdk-lib » aws_elasticsearch » AdvancedSecurityOptions

⚠️ Deprecated: use opensearchservice module instead

Specifies options for fine-grained access control.

Example

const domain = new es.Domain(this, 'Domain', {
  version: es.ElasticsearchVersion.V7_1,
  enforceHttps: true,
  nodeToNodeEncryption: true,
  encryptionAtRest: {
    enabled: true,
  },
  fineGrainedAccessControl: {
    masterUserName: 'master-user',
  },
});

const masterUserPassword = domain.masterUserPassword;

Properties

NameTypeDescription
masterUserArn?⚠️stringARN for the master user.
masterUserName?⚠️stringUsername for the master user.
masterUserPassword?⚠️SecretValuePassword for the master user.

masterUserArn?⚠️

⚠️ Deprecated: use opensearchservice module instead

Type: string (optional, default: fine-grained access control is disabled)

ARN for the master user.

Only specify this or masterUserName, but not both.


masterUserName?⚠️

⚠️ Deprecated: use opensearchservice module instead

Type: string (optional, default: fine-grained access control is disabled)

Username for the master user.

Only specify this or masterUserArn, but not both.


masterUserPassword?⚠️

⚠️ Deprecated: use opensearchservice module instead

Type: SecretValue (optional, default: A Secrets Manager generated password)

Password for the master user.

You can use SecretValue.unsafePlainText to specify a password in plain text or use secretsmanager.Secret.fromSecretAttributes to reference a secret in Secrets Manager.