1. Packages
  2. AWS Native
  3. API Docs
  4. opensearchserverless
  5. SecurityConfig

AWS Native is in preview. AWS Classic is fully supported.

AWS Native v0.100.0 published on Wednesday, Mar 27, 2024 by Pulumi

aws-native.opensearchserverless.SecurityConfig

Explore with Pulumi AI

aws-native logo

AWS Native is in preview. AWS Classic is fully supported.

AWS Native v0.100.0 published on Wednesday, Mar 27, 2024 by Pulumi

    Amazon OpenSearchServerless security config resource

    Example Usage

    Example

    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using AwsNative = Pulumi.AwsNative;
    
    return await Deployment.RunAsync(() => 
    {
        var testSecurityConfig = new AwsNative.OpenSearchServerless.SecurityConfig("testSecurityConfig", new()
        {
            Name = "my-provider",
            Type = AwsNative.OpenSearchServerless.SecurityConfigType.Saml,
            Description = "Serverless SAML configuration",
            SamlOptions = new AwsNative.OpenSearchServerless.Inputs.SecurityConfigSamlConfigOptionsArgs
            {
                Metadata = "<?xml version=\"1.0\" encoding=\"UTF-8\"?><md:EntityDescriptor entityID=\"http://www.okta.com/foobar\" xmlns:md=\"urn:oasis:names:tc:SAML:2.0:metadata\"><md:IDPSSODescriptor WantAuthnRequestsSigned=\"false\" protocolSupportEnumeration=\"urn:oasis:names:tc:SAML:2.0:protocol\"><md:KeyDescriptor use=\"signing\"><ds:KeyInfo xmlns:ds=\"http://www.w3.org/2000/09/xmldsig#\"><ds:X509Data><ds:X509Certificate>Mfoobar</ds:X509Certificate></ds:X509Data></ds:KeyInfo></md:KeyDescriptor><md:NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress</md:NameIDFormat><md:SingleSignOnService Binding=\"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST\" Location=\"https://trial-1234567.okta.com/app/trial-1234567_saml2_1/foobar/sso/saml\"/><md:SingleSignOnService Binding=\"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect\" Location=\"https://trial-1234567.okta.com/app/trial-1234567_saml2_1/foobar/sso/saml\"/></md:IDPSSODescriptor></md:EntityDescriptor>",
                UserAttribute = "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier",
                GroupAttribute = "ALLGroups",
                SessionTimeout = 120,
            },
        });
    
    });
    
    package main
    
    import (
    	"github.com/pulumi/pulumi-aws-native/sdk/go/aws/opensearchserverless"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		_, err := opensearchserverless.NewSecurityConfig(ctx, "testSecurityConfig", &opensearchserverless.SecurityConfigArgs{
    			Name:        pulumi.String("my-provider"),
    			Type:        opensearchserverless.SecurityConfigTypeSaml,
    			Description: pulumi.String("Serverless SAML configuration"),
    			SamlOptions: &opensearchserverless.SecurityConfigSamlConfigOptionsArgs{
    				Metadata:       pulumi.String("<?xml version=\"1.0\" encoding=\"UTF-8\"?><md:EntityDescriptor entityID=\"http://www.okta.com/foobar\" xmlns:md=\"urn:oasis:names:tc:SAML:2.0:metadata\"><md:IDPSSODescriptor WantAuthnRequestsSigned=\"false\" protocolSupportEnumeration=\"urn:oasis:names:tc:SAML:2.0:protocol\"><md:KeyDescriptor use=\"signing\"><ds:KeyInfo xmlns:ds=\"http://www.w3.org/2000/09/xmldsig#\"><ds:X509Data><ds:X509Certificate>Mfoobar</ds:X509Certificate></ds:X509Data></ds:KeyInfo></md:KeyDescriptor><md:NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress</md:NameIDFormat><md:SingleSignOnService Binding=\"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST\" Location=\"https://trial-1234567.okta.com/app/trial-1234567_saml2_1/foobar/sso/saml\"/><md:SingleSignOnService Binding=\"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect\" Location=\"https://trial-1234567.okta.com/app/trial-1234567_saml2_1/foobar/sso/saml\"/></md:IDPSSODescriptor></md:EntityDescriptor>"),
    				UserAttribute:  pulumi.String("http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier"),
    				GroupAttribute: pulumi.String("ALLGroups"),
    				SessionTimeout: pulumi.Int(120),
    			},
    		})
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    

    Coming soon!

    import pulumi
    import pulumi_aws_native as aws_native
    
    test_security_config = aws_native.opensearchserverless.SecurityConfig("testSecurityConfig",
        name="my-provider",
        type=aws_native.opensearchserverless.SecurityConfigType.SAML,
        description="Serverless SAML configuration",
        saml_options=aws_native.opensearchserverless.SecurityConfigSamlConfigOptionsArgs(
            metadata="<?xml version=\"1.0\" encoding=\"UTF-8\"?><md:EntityDescriptor entityID=\"http://www.okta.com/foobar\" xmlns:md=\"urn:oasis:names:tc:SAML:2.0:metadata\"><md:IDPSSODescriptor WantAuthnRequestsSigned=\"false\" protocolSupportEnumeration=\"urn:oasis:names:tc:SAML:2.0:protocol\"><md:KeyDescriptor use=\"signing\"><ds:KeyInfo xmlns:ds=\"http://www.w3.org/2000/09/xmldsig#\"><ds:X509Data><ds:X509Certificate>Mfoobar</ds:X509Certificate></ds:X509Data></ds:KeyInfo></md:KeyDescriptor><md:NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress</md:NameIDFormat><md:SingleSignOnService Binding=\"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST\" Location=\"https://trial-1234567.okta.com/app/trial-1234567_saml2_1/foobar/sso/saml\"/><md:SingleSignOnService Binding=\"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect\" Location=\"https://trial-1234567.okta.com/app/trial-1234567_saml2_1/foobar/sso/saml\"/></md:IDPSSODescriptor></md:EntityDescriptor>",
            user_attribute="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier",
            group_attribute="ALLGroups",
            session_timeout=120,
        ))
    
    import * as pulumi from "@pulumi/pulumi";
    import * as aws_native from "@pulumi/aws-native";
    
    const testSecurityConfig = new aws_native.opensearchserverless.SecurityConfig("testSecurityConfig", {
        name: "my-provider",
        type: aws_native.opensearchserverless.SecurityConfigType.Saml,
        description: "Serverless SAML configuration",
        samlOptions: {
            metadata: "<?xml version=\"1.0\" encoding=\"UTF-8\"?><md:EntityDescriptor entityID=\"http://www.okta.com/foobar\" xmlns:md=\"urn:oasis:names:tc:SAML:2.0:metadata\"><md:IDPSSODescriptor WantAuthnRequestsSigned=\"false\" protocolSupportEnumeration=\"urn:oasis:names:tc:SAML:2.0:protocol\"><md:KeyDescriptor use=\"signing\"><ds:KeyInfo xmlns:ds=\"http://www.w3.org/2000/09/xmldsig#\"><ds:X509Data><ds:X509Certificate>Mfoobar</ds:X509Certificate></ds:X509Data></ds:KeyInfo></md:KeyDescriptor><md:NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress</md:NameIDFormat><md:SingleSignOnService Binding=\"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST\" Location=\"https://trial-1234567.okta.com/app/trial-1234567_saml2_1/foobar/sso/saml\"/><md:SingleSignOnService Binding=\"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect\" Location=\"https://trial-1234567.okta.com/app/trial-1234567_saml2_1/foobar/sso/saml\"/></md:IDPSSODescriptor></md:EntityDescriptor>",
            userAttribute: "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier",
            groupAttribute: "ALLGroups",
            sessionTimeout: 120,
        },
    });
    

    Coming soon!

    Example

    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using AwsNative = Pulumi.AwsNative;
    
    return await Deployment.RunAsync(() => 
    {
        var testSecurityConfig = new AwsNative.OpenSearchServerless.SecurityConfig("testSecurityConfig", new()
        {
            Name = "my-provider",
            Type = AwsNative.OpenSearchServerless.SecurityConfigType.Saml,
            Description = "Serverless SAML configuration",
            SamlOptions = new AwsNative.OpenSearchServerless.Inputs.SecurityConfigSamlConfigOptionsArgs
            {
                Metadata = "<?xml version=\"1.0\" encoding=\"UTF-8\"?><md:EntityDescriptor entityID=\"http://www.okta.com/foobar\" xmlns:md=\"urn:oasis:names:tc:SAML:2.0:metadata\"><md:IDPSSODescriptor WantAuthnRequestsSigned=\"false\" protocolSupportEnumeration=\"urn:oasis:names:tc:SAML:2.0:protocol\"><md:KeyDescriptor use=\"signing\"><ds:KeyInfo xmlns:ds=\"http://www.w3.org/2000/09/xmldsig#\"><ds:X509Data><ds:X509Certificate>Mfoobar</ds:X509Certificate></ds:X509Data></ds:KeyInfo></md:KeyDescriptor><md:NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress</md:NameIDFormat><md:SingleSignOnService Binding=\"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST\" Location=\"https://trial-1234567.okta.com/app/trial-1234567_saml2_1/foobar/sso/saml\"/><md:SingleSignOnService Binding=\"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect\" Location=\"https://trial-1234567.okta.com/app/trial-1234567_saml2_1/foobar/sso/saml\"/></md:IDPSSODescriptor></md:EntityDescriptor>",
                UserAttribute = "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier",
                GroupAttribute = "ALLGroups",
                SessionTimeout = 120,
            },
        });
    
    });
    
    package main
    
    import (
    	"github.com/pulumi/pulumi-aws-native/sdk/go/aws/opensearchserverless"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		_, err := opensearchserverless.NewSecurityConfig(ctx, "testSecurityConfig", &opensearchserverless.SecurityConfigArgs{
    			Name:        pulumi.String("my-provider"),
    			Type:        opensearchserverless.SecurityConfigTypeSaml,
    			Description: pulumi.String("Serverless SAML configuration"),
    			SamlOptions: &opensearchserverless.SecurityConfigSamlConfigOptionsArgs{
    				Metadata:       pulumi.String("<?xml version=\"1.0\" encoding=\"UTF-8\"?><md:EntityDescriptor entityID=\"http://www.okta.com/foobar\" xmlns:md=\"urn:oasis:names:tc:SAML:2.0:metadata\"><md:IDPSSODescriptor WantAuthnRequestsSigned=\"false\" protocolSupportEnumeration=\"urn:oasis:names:tc:SAML:2.0:protocol\"><md:KeyDescriptor use=\"signing\"><ds:KeyInfo xmlns:ds=\"http://www.w3.org/2000/09/xmldsig#\"><ds:X509Data><ds:X509Certificate>Mfoobar</ds:X509Certificate></ds:X509Data></ds:KeyInfo></md:KeyDescriptor><md:NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress</md:NameIDFormat><md:SingleSignOnService Binding=\"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST\" Location=\"https://trial-1234567.okta.com/app/trial-1234567_saml2_1/foobar/sso/saml\"/><md:SingleSignOnService Binding=\"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect\" Location=\"https://trial-1234567.okta.com/app/trial-1234567_saml2_1/foobar/sso/saml\"/></md:IDPSSODescriptor></md:EntityDescriptor>"),
    				UserAttribute:  pulumi.String("http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier"),
    				GroupAttribute: pulumi.String("ALLGroups"),
    				SessionTimeout: pulumi.Int(120),
    			},
    		})
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    

    Coming soon!

    import pulumi
    import pulumi_aws_native as aws_native
    
    test_security_config = aws_native.opensearchserverless.SecurityConfig("testSecurityConfig",
        name="my-provider",
        type=aws_native.opensearchserverless.SecurityConfigType.SAML,
        description="Serverless SAML configuration",
        saml_options=aws_native.opensearchserverless.SecurityConfigSamlConfigOptionsArgs(
            metadata="<?xml version=\"1.0\" encoding=\"UTF-8\"?><md:EntityDescriptor entityID=\"http://www.okta.com/foobar\" xmlns:md=\"urn:oasis:names:tc:SAML:2.0:metadata\"><md:IDPSSODescriptor WantAuthnRequestsSigned=\"false\" protocolSupportEnumeration=\"urn:oasis:names:tc:SAML:2.0:protocol\"><md:KeyDescriptor use=\"signing\"><ds:KeyInfo xmlns:ds=\"http://www.w3.org/2000/09/xmldsig#\"><ds:X509Data><ds:X509Certificate>Mfoobar</ds:X509Certificate></ds:X509Data></ds:KeyInfo></md:KeyDescriptor><md:NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress</md:NameIDFormat><md:SingleSignOnService Binding=\"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST\" Location=\"https://trial-1234567.okta.com/app/trial-1234567_saml2_1/foobar/sso/saml\"/><md:SingleSignOnService Binding=\"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect\" Location=\"https://trial-1234567.okta.com/app/trial-1234567_saml2_1/foobar/sso/saml\"/></md:IDPSSODescriptor></md:EntityDescriptor>",
            user_attribute="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier",
            group_attribute="ALLGroups",
            session_timeout=120,
        ))
    
    import * as pulumi from "@pulumi/pulumi";
    import * as aws_native from "@pulumi/aws-native";
    
    const testSecurityConfig = new aws_native.opensearchserverless.SecurityConfig("testSecurityConfig", {
        name: "my-provider",
        type: aws_native.opensearchserverless.SecurityConfigType.Saml,
        description: "Serverless SAML configuration",
        samlOptions: {
            metadata: "<?xml version=\"1.0\" encoding=\"UTF-8\"?><md:EntityDescriptor entityID=\"http://www.okta.com/foobar\" xmlns:md=\"urn:oasis:names:tc:SAML:2.0:metadata\"><md:IDPSSODescriptor WantAuthnRequestsSigned=\"false\" protocolSupportEnumeration=\"urn:oasis:names:tc:SAML:2.0:protocol\"><md:KeyDescriptor use=\"signing\"><ds:KeyInfo xmlns:ds=\"http://www.w3.org/2000/09/xmldsig#\"><ds:X509Data><ds:X509Certificate>Mfoobar</ds:X509Certificate></ds:X509Data></ds:KeyInfo></md:KeyDescriptor><md:NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress</md:NameIDFormat><md:SingleSignOnService Binding=\"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST\" Location=\"https://trial-1234567.okta.com/app/trial-1234567_saml2_1/foobar/sso/saml\"/><md:SingleSignOnService Binding=\"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect\" Location=\"https://trial-1234567.okta.com/app/trial-1234567_saml2_1/foobar/sso/saml\"/></md:IDPSSODescriptor></md:EntityDescriptor>",
            userAttribute: "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier",
            groupAttribute: "ALLGroups",
            sessionTimeout: 120,
        },
    });
    

    Coming soon!

    Create SecurityConfig Resource

    new SecurityConfig(name: string, args?: SecurityConfigArgs, opts?: CustomResourceOptions);
    @overload
    def SecurityConfig(resource_name: str,
                       opts: Optional[ResourceOptions] = None,
                       description: Optional[str] = None,
                       name: Optional[str] = None,
                       saml_options: Optional[SecurityConfigSamlConfigOptionsArgs] = None,
                       type: Optional[SecurityConfigType] = None)
    @overload
    def SecurityConfig(resource_name: str,
                       args: Optional[SecurityConfigArgs] = None,
                       opts: Optional[ResourceOptions] = None)
    func NewSecurityConfig(ctx *Context, name string, args *SecurityConfigArgs, opts ...ResourceOption) (*SecurityConfig, error)
    public SecurityConfig(string name, SecurityConfigArgs? args = null, CustomResourceOptions? opts = null)
    public SecurityConfig(String name, SecurityConfigArgs args)
    public SecurityConfig(String name, SecurityConfigArgs args, CustomResourceOptions options)
    
    type: aws-native:opensearchserverless:SecurityConfig
    properties: # The arguments to resource properties.
    options: # Bag of options to control resource's behavior.
    
    
    name string
    The unique name of the resource.
    args SecurityConfigArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    resource_name str
    The unique name of the resource.
    args SecurityConfigArgs
    The arguments to resource properties.
    opts ResourceOptions
    Bag of options to control resource's behavior.
    ctx Context
    Context object for the current deployment.
    name string
    The unique name of the resource.
    args SecurityConfigArgs
    The arguments to resource properties.
    opts ResourceOption
    Bag of options to control resource's behavior.
    name string
    The unique name of the resource.
    args SecurityConfigArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    name String
    The unique name of the resource.
    args SecurityConfigArgs
    The arguments to resource properties.
    options CustomResourceOptions
    Bag of options to control resource's behavior.

    SecurityConfig Resource Properties

    To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

    Inputs

    The SecurityConfig resource accepts the following input properties:

    Description string
    Security config description
    Name string
    The friendly name of the security config
    SamlOptions SecurityConfigSamlConfigOptionsArgs
    Type SecurityConfigType
    description String
    Security config description
    name String
    The friendly name of the security config
    samlOptions SecurityConfigSamlConfigOptions
    type SecurityConfigType
    description string
    Security config description
    name string
    The friendly name of the security config
    samlOptions SecurityConfigSamlConfigOptions
    type SecurityConfigType
    description str
    Security config description
    name str
    The friendly name of the security config
    saml_options SecurityConfigSamlConfigOptionsArgs
    type SecurityConfigType
    description String
    Security config description
    name String
    The friendly name of the security config
    samlOptions Property Map
    type "saml"

    Outputs

    All input properties are implicitly available as output properties. Additionally, the SecurityConfig resource produces the following output properties:

    AwsId string
    The identifier of the security config
    Id string
    The provider-assigned unique ID for this managed resource.
    AwsId string
    The identifier of the security config
    Id string
    The provider-assigned unique ID for this managed resource.
    awsId String
    The identifier of the security config
    id String
    The provider-assigned unique ID for this managed resource.
    awsId string
    The identifier of the security config
    id string
    The provider-assigned unique ID for this managed resource.
    aws_id str
    The identifier of the security config
    id str
    The provider-assigned unique ID for this managed resource.
    awsId String
    The identifier of the security config
    id String
    The provider-assigned unique ID for this managed resource.

    Supporting Types

    SecurityConfigSamlConfigOptions, SecurityConfigSamlConfigOptionsArgs

    Metadata string
    The XML saml provider metadata document that you want to use
    GroupAttribute string
    Group attribute for this saml integration
    SessionTimeout int
    Defines the session timeout in minutes
    UserAttribute string
    Custom attribute for this saml integration
    Metadata string
    The XML saml provider metadata document that you want to use
    GroupAttribute string
    Group attribute for this saml integration
    SessionTimeout int
    Defines the session timeout in minutes
    UserAttribute string
    Custom attribute for this saml integration
    metadata String
    The XML saml provider metadata document that you want to use
    groupAttribute String
    Group attribute for this saml integration
    sessionTimeout Integer
    Defines the session timeout in minutes
    userAttribute String
    Custom attribute for this saml integration
    metadata string
    The XML saml provider metadata document that you want to use
    groupAttribute string
    Group attribute for this saml integration
    sessionTimeout number
    Defines the session timeout in minutes
    userAttribute string
    Custom attribute for this saml integration
    metadata str
    The XML saml provider metadata document that you want to use
    group_attribute str
    Group attribute for this saml integration
    session_timeout int
    Defines the session timeout in minutes
    user_attribute str
    Custom attribute for this saml integration
    metadata String
    The XML saml provider metadata document that you want to use
    groupAttribute String
    Group attribute for this saml integration
    sessionTimeout Number
    Defines the session timeout in minutes
    userAttribute String
    Custom attribute for this saml integration

    SecurityConfigType, SecurityConfigTypeArgs

    Saml
    saml
    SecurityConfigTypeSaml
    saml
    Saml
    saml
    Saml
    saml
    SAML
    saml
    "saml"
    saml

    Package Details

    Repository
    AWS Native pulumi/pulumi-aws-native
    License
    Apache-2.0
    aws-native logo

    AWS Native is in preview. AWS Classic is fully supported.

    AWS Native v0.100.0 published on Wednesday, Mar 27, 2024 by Pulumi