aws-cdk-lib.aws_opensearchservice.CfnDomain.SAMLOptionsProperty

interface SAMLOptionsProperty

LanguageType name
.NETAmazon.CDK.AWS.OpenSearchService.CfnDomain.SAMLOptionsProperty
Gogithub.com/aws/aws-cdk-go/awscdk/v2/awsopensearchservice#CfnDomain_SAMLOptionsProperty
Javasoftware.amazon.awscdk.services.opensearchservice.CfnDomain.SAMLOptionsProperty
Pythonaws_cdk.aws_opensearchservice.CfnDomain.SAMLOptionsProperty
TypeScript aws-cdk-lib » aws_opensearchservice » CfnDomain » SAMLOptionsProperty

Container for information about the SAML configuration for OpenSearch Dashboards.

Example

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import { aws_opensearchservice as opensearchservice } from 'aws-cdk-lib';
const sAMLOptionsProperty: opensearchservice.CfnDomain.SAMLOptionsProperty = {
  enabled: false,
  idp: {
    entityId: 'entityId',
    metadataContent: 'metadataContent',
  },
  masterBackendRole: 'masterBackendRole',
  masterUserName: 'masterUserName',
  rolesKey: 'rolesKey',
  sessionTimeoutMinutes: 123,
  subjectKey: 'subjectKey',
};

Properties

NameTypeDescription
enabled?boolean | IResolvableTrue to enable SAML authentication for a domain.
idp?IResolvable | IdpPropertyThe SAML Identity Provider's information.
masterBackendRole?stringThe backend role that the SAML master user is mapped to.
masterUserName?stringThe SAML master user name, which is stored in the domain's internal user database.
rolesKey?stringElement of the SAML assertion to use for backend roles.
sessionTimeoutMinutes?numberThe duration, in minutes, after which a user session becomes inactive.
subjectKey?stringElement of the SAML assertion to use for the user name.

enabled?

Type: boolean | IResolvable (optional)

True to enable SAML authentication for a domain.


idp?

Type: IResolvable | IdpProperty (optional)

The SAML Identity Provider's information.


masterBackendRole?

Type: string (optional)

The backend role that the SAML master user is mapped to.


masterUserName?

Type: string (optional)

The SAML master user name, which is stored in the domain's internal user database.


rolesKey?

Type: string (optional)

Element of the SAML assertion to use for backend roles.

Default is roles .


sessionTimeoutMinutes?

Type: number (optional)

The duration, in minutes, after which a user session becomes inactive.

Acceptable values are between 1 and 1440, and the default value is 60.


subjectKey?

Type: string (optional)

Element of the SAML assertion to use for the user name.

Default is NameID .