Class: AWSCDK::Elasticsearch::CfnDomain::DomainEndpointOptionsProperty

Inherits:
Jsii::Struct
  • Object
show all
Defined in:
elasticsearch/cfn_domain.rb

Overview

Specifies additional options for the domain endpoint, such as whether to require HTTPS for all traffic or whether to use a custom endpoint rather than the default endpoint.

The AWS::Elasticsearch::Domain resource is being replaced by the AWS::OpenSearchService::Domain resource. While the legacy Elasticsearch resource and options are still supported, we recommend modifying your existing Cloudformation templates to use the new OpenSearch Service resource, which supports both OpenSearch and Elasticsearch. For more information about the service rename, see New resource types in the Amazon OpenSearch Service Developer Guide .

Instance Attribute Summary collapse

Class Method Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(custom_endpoint: nil, custom_endpoint_certificate_arn: nil, custom_endpoint_enabled: nil, enforce_https: nil, tls_security_policy: nil) ⇒ DomainEndpointOptionsProperty

Returns a new instance of DomainEndpointOptionsProperty.

Parameters:

  • custom_endpoint (String, nil) (defaults to: nil)

    The fully qualified URL for your custom endpoint.

  • custom_endpoint_certificate_arn (String, nil) (defaults to: nil)

    The Certificate Manager ARN for your domain's SSL/TLS certificate.

  • custom_endpoint_enabled (Boolean, AWSCDK::IResolvable, nil) (defaults to: nil)

    True to enable a custom endpoint for the domain.

  • enforce_https (Boolean, AWSCDK::IResolvable, nil) (defaults to: nil)

    True to require that all traffic to the domain arrive over HTTPS.

  • tls_security_policy (String, nil) (defaults to: nil)

    The minimum TLS version required for traffic to the domain. Valid values are TLS 1.3 (recommended) or 1.2:.



944
945
946
947
948
949
950
951
952
953
954
955
# File 'elasticsearch/cfn_domain.rb', line 944

def initialize(custom_endpoint: nil, custom_endpoint_certificate_arn: nil, custom_endpoint_enabled: nil, enforce_https: nil, tls_security_policy: nil)
  @custom_endpoint = custom_endpoint
  Jsii::Type.check_type(@custom_endpoint, JSON.parse(Base64.strict_decode64("eyJwcmltaXRpdmUiOiJzdHJpbmcifQ==")), "customEndpoint") unless @custom_endpoint.nil?
  @custom_endpoint_certificate_arn = custom_endpoint_certificate_arn
  Jsii::Type.check_type(@custom_endpoint_certificate_arn, JSON.parse(Base64.strict_decode64("eyJwcmltaXRpdmUiOiJzdHJpbmcifQ==")), "customEndpointCertificateArn") unless @custom_endpoint_certificate_arn.nil?
  @custom_endpoint_enabled = custom_endpoint_enabled
  Jsii::Type.check_type(@custom_endpoint_enabled, JSON.parse(Base64.strict_decode64("eyJ1bmlvbiI6eyJ0eXBlcyI6W3sicHJpbWl0aXZlIjoiYm9vbGVhbiJ9LHsiZnFuIjoiYXdzLWNkay1saWIuSVJlc29sdmFibGUifV19fQ==")), "customEndpointEnabled") unless @custom_endpoint_enabled.nil?
  @enforce_https = enforce_https
  Jsii::Type.check_type(@enforce_https, JSON.parse(Base64.strict_decode64("eyJ1bmlvbiI6eyJ0eXBlcyI6W3sicHJpbWl0aXZlIjoiYm9vbGVhbiJ9LHsiZnFuIjoiYXdzLWNkay1saWIuSVJlc29sdmFibGUifV19fQ==")), "enforceHttps") unless @enforce_https.nil?
  @tls_security_policy = tls_security_policy
  Jsii::Type.check_type(@tls_security_policy, JSON.parse(Base64.strict_decode64("eyJwcmltaXRpdmUiOiJzdHJpbmcifQ==")), "tlsSecurityPolicy") unless @tls_security_policy.nil?
end

Instance Attribute Details

#custom_endpointString? (readonly)

The fully qualified URL for your custom endpoint.

Required if you enabled a custom endpoint for the domain.



963
964
965
# File 'elasticsearch/cfn_domain.rb', line 963

def custom_endpoint
  @custom_endpoint
end

#custom_endpoint_certificate_arnString? (readonly)

The Certificate Manager ARN for your domain's SSL/TLS certificate.

Required if you enabled a custom endpoint for the domain.



970
971
972
# File 'elasticsearch/cfn_domain.rb', line 970

def custom_endpoint_certificate_arn
  @custom_endpoint_certificate_arn
end

#custom_endpoint_enabledBoolean, ... (readonly)

True to enable a custom endpoint for the domain.

If enabled, you must also provide values for CustomEndpoint and CustomEndpointCertificateArn .



977
978
979
# File 'elasticsearch/cfn_domain.rb', line 977

def custom_endpoint_enabled
  @custom_endpoint_enabled
end

#enforce_httpsBoolean, ... (readonly)

True to require that all traffic to the domain arrive over HTTPS.



982
983
984
# File 'elasticsearch/cfn_domain.rb', line 982

def enforce_https
  @enforce_https
end

#tls_security_policyString? (readonly)

The minimum TLS version required for traffic to the domain. Valid values are TLS 1.3 (recommended) or 1.2:.

  • Policy-Min-TLS-1-0-2019-07
  • Policy-Min-TLS-1-2-2019-07


990
991
992
# File 'elasticsearch/cfn_domain.rb', line 990

def tls_security_policy
  @tls_security_policy
end

Class Method Details

.jsii_propertiesObject



992
993
994
995
996
997
998
999
1000
# File 'elasticsearch/cfn_domain.rb', line 992

def self.jsii_properties
  {
    :custom_endpoint => "customEndpoint",
    :custom_endpoint_certificate_arn => "customEndpointCertificateArn",
    :custom_endpoint_enabled => "customEndpointEnabled",
    :enforce_https => "enforceHttps",
    :tls_security_policy => "tlsSecurityPolicy",
  }
end

Instance Method Details

#to_jsiiObject



1002
1003
1004
1005
1006
1007
1008
1009
1010
1011
1012
# File 'elasticsearch/cfn_domain.rb', line 1002

def to_jsii
  result = {}
  result.merge!({
    "customEndpoint" => @custom_endpoint,
    "customEndpointCertificateArn" => @custom_endpoint_certificate_arn,
    "customEndpointEnabled" => @custom_endpoint_enabled,
    "enforceHttps" => @enforce_https,
    "tlsSecurityPolicy" => @tls_security_policy,
  })
  result.compact
end