Class: AWSCDK::OpenSearchService::AdvancedSecurityOptions

Inherits:
Jsii::Struct
  • Object
show all
Defined in:
open_search_service/advanced_security_options.rb

Overview

Specifies options for fine-grained access control.

Instance Attribute Summary collapse

Class Method Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(master_user_arn: nil, master_user_name: nil, master_user_password: nil, saml_authentication_enabled: nil, saml_authentication_options: nil) ⇒ AdvancedSecurityOptions

Returns a new instance of AdvancedSecurityOptions.

Parameters:

  • master_user_arn (String, nil) (defaults to: nil)

    ARN for the master user.

  • master_user_name (String, nil) (defaults to: nil)

    Username for the master user.

  • master_user_password (AWSCDK::SecretValue, nil) (defaults to: nil)

    Password for the master user.

  • saml_authentication_enabled (Boolean, nil) (defaults to: nil)

    True to enable SAML authentication for a domain.

  • saml_authentication_options (AWSCDK::OpenSearchService::SAMLOptionsProperty, nil) (defaults to: nil)

    Container for information about the SAML configuration for OpenSearch Dashboards.



12
13
14
15
16
17
18
19
20
21
22
23
# File 'open_search_service/advanced_security_options.rb', line 12

def initialize(master_user_arn: nil, master_user_name: nil, master_user_password: nil, saml_authentication_enabled: nil, saml_authentication_options: nil)
  @master_user_arn = master_user_arn
  Jsii::Type.check_type(@master_user_arn, JSON.parse(Base64.strict_decode64("eyJwcmltaXRpdmUiOiJzdHJpbmcifQ==")), "masterUserArn") unless @master_user_arn.nil?
  @master_user_name = master_user_name
  Jsii::Type.check_type(@master_user_name, JSON.parse(Base64.strict_decode64("eyJwcmltaXRpdmUiOiJzdHJpbmcifQ==")), "masterUserName") unless @master_user_name.nil?
  @master_user_password = master_user_password
  Jsii::Type.check_type(@master_user_password, JSON.parse(Base64.strict_decode64("eyJmcW4iOiJhd3MtY2RrLWxpYi5TZWNyZXRWYWx1ZSJ9")), "masterUserPassword") unless @master_user_password.nil?
  @saml_authentication_enabled = saml_authentication_enabled
  Jsii::Type.check_type(@saml_authentication_enabled, JSON.parse(Base64.strict_decode64("eyJwcmltaXRpdmUiOiJib29sZWFuIn0=")), "samlAuthenticationEnabled") unless @saml_authentication_enabled.nil?
  @saml_authentication_options = saml_authentication_options.is_a?(Hash) ? ::AWSCDK::OpenSearchService::SAMLOptionsProperty.new(**saml_authentication_options.transform_keys(&:to_sym)) : saml_authentication_options
  Jsii::Type.check_type(@saml_authentication_options, JSON.parse(Base64.strict_decode64("eyJmcW4iOiJhd3MtY2RrLWxpYi5hd3Nfb3BlbnNlYXJjaHNlcnZpY2UuU0FNTE9wdGlvbnNQcm9wZXJ0eSJ9")), "samlAuthenticationOptions") unless @saml_authentication_options.nil?
end

Instance Attribute Details

#master_user_arnString? (readonly)

Note:

Default: - fine-grained access control is disabled

ARN for the master user.

Only specify this or masterUserName, but not both.

Returns:

  • (String, nil)


31
32
33
# File 'open_search_service/advanced_security_options.rb', line 31

def master_user_arn
  @master_user_arn
end

#master_user_nameString? (readonly)

Note:

Default: - fine-grained access control is disabled

Username for the master user.

Only specify this or masterUserArn, but not both.

Returns:

  • (String, nil)


38
39
40
# File 'open_search_service/advanced_security_options.rb', line 38

def master_user_name
  @master_user_name
end

#master_user_passwordAWSCDK::SecretValue? (readonly)

Note:

Default: - A Secrets Manager generated password

Password for the master user.

You can use SecretValue.unsafePlainText to specify a password in plain text or use secretsmanager.Secret.fromSecretAttributes to reference a secret in Secrets Manager.

Returns:



47
48
49
# File 'open_search_service/advanced_security_options.rb', line 47

def master_user_password
  @master_user_password
end

#saml_authentication_enabledBoolean? (readonly)

Note:

Default: - SAML authentication is disabled. Enabled if samlAuthenticationOptions is set.

True to enable SAML authentication for a domain.



53
54
55
# File 'open_search_service/advanced_security_options.rb', line 53

def saml_authentication_enabled
  @saml_authentication_enabled
end

#saml_authentication_optionsAWSCDK::OpenSearchService::SAMLOptionsProperty? (readonly)

Note:

Default: - no SAML authentication options

Container for information about the SAML configuration for OpenSearch Dashboards.

If set, saml_authentication_enabled will be enabled.



60
61
62
# File 'open_search_service/advanced_security_options.rb', line 60

def saml_authentication_options
  @saml_authentication_options
end

Class Method Details

.jsii_propertiesObject



62
63
64
65
66
67
68
69
70
# File 'open_search_service/advanced_security_options.rb', line 62

def self.jsii_properties
  {
    :master_user_arn => "masterUserArn",
    :master_user_name => "masterUserName",
    :master_user_password => "masterUserPassword",
    :saml_authentication_enabled => "samlAuthenticationEnabled",
    :saml_authentication_options => "samlAuthenticationOptions",
  }
end

Instance Method Details

#to_jsiiObject



72
73
74
75
76
77
78
79
80
81
82
# File 'open_search_service/advanced_security_options.rb', line 72

def to_jsii
  result = {}
  result.merge!({
    "masterUserArn" => @master_user_arn,
    "masterUserName" => @master_user_name,
    "masterUserPassword" => @master_user_password,
    "samlAuthenticationEnabled" => @saml_authentication_enabled,
    "samlAuthenticationOptions" => @saml_authentication_options,
  })
  result.compact
end