AWS Native is in preview. AWS Classic is fully supported.
AWS Native v0.100.0 published on Wednesday, Mar 27, 2024 by Pulumi
aws-native.opensearchserverless.SecurityConfig
Explore with Pulumi AI
AWS Native is in preview. AWS Classic is fully supported.
AWS Native v0.100.0 published on Wednesday, Mar 27, 2024 by Pulumi
Amazon OpenSearchServerless security config resource
Example Usage
Example
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using AwsNative = Pulumi.AwsNative;
return await Deployment.RunAsync(() =>
{
var testSecurityConfig = new AwsNative.OpenSearchServerless.SecurityConfig("testSecurityConfig", new()
{
Name = "my-provider",
Type = AwsNative.OpenSearchServerless.SecurityConfigType.Saml,
Description = "Serverless SAML configuration",
SamlOptions = new AwsNative.OpenSearchServerless.Inputs.SecurityConfigSamlConfigOptionsArgs
{
Metadata = "<?xml version=\"1.0\" encoding=\"UTF-8\"?><md:EntityDescriptor entityID=\"http://www.okta.com/foobar\" xmlns:md=\"urn:oasis:names:tc:SAML:2.0:metadata\"><md:IDPSSODescriptor WantAuthnRequestsSigned=\"false\" protocolSupportEnumeration=\"urn:oasis:names:tc:SAML:2.0:protocol\"><md:KeyDescriptor use=\"signing\"><ds:KeyInfo xmlns:ds=\"http://www.w3.org/2000/09/xmldsig#\"><ds:X509Data><ds:X509Certificate>Mfoobar</ds:X509Certificate></ds:X509Data></ds:KeyInfo></md:KeyDescriptor><md:NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress</md:NameIDFormat><md:SingleSignOnService Binding=\"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST\" Location=\"https://trial-1234567.okta.com/app/trial-1234567_saml2_1/foobar/sso/saml\"/><md:SingleSignOnService Binding=\"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect\" Location=\"https://trial-1234567.okta.com/app/trial-1234567_saml2_1/foobar/sso/saml\"/></md:IDPSSODescriptor></md:EntityDescriptor>",
UserAttribute = "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier",
GroupAttribute = "ALLGroups",
SessionTimeout = 120,
},
});
});
package main
import (
"github.com/pulumi/pulumi-aws-native/sdk/go/aws/opensearchserverless"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := opensearchserverless.NewSecurityConfig(ctx, "testSecurityConfig", &opensearchserverless.SecurityConfigArgs{
Name: pulumi.String("my-provider"),
Type: opensearchserverless.SecurityConfigTypeSaml,
Description: pulumi.String("Serverless SAML configuration"),
SamlOptions: &opensearchserverless.SecurityConfigSamlConfigOptionsArgs{
Metadata: pulumi.String("<?xml version=\"1.0\" encoding=\"UTF-8\"?><md:EntityDescriptor entityID=\"http://www.okta.com/foobar\" xmlns:md=\"urn:oasis:names:tc:SAML:2.0:metadata\"><md:IDPSSODescriptor WantAuthnRequestsSigned=\"false\" protocolSupportEnumeration=\"urn:oasis:names:tc:SAML:2.0:protocol\"><md:KeyDescriptor use=\"signing\"><ds:KeyInfo xmlns:ds=\"http://www.w3.org/2000/09/xmldsig#\"><ds:X509Data><ds:X509Certificate>Mfoobar</ds:X509Certificate></ds:X509Data></ds:KeyInfo></md:KeyDescriptor><md:NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress</md:NameIDFormat><md:SingleSignOnService Binding=\"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST\" Location=\"https://trial-1234567.okta.com/app/trial-1234567_saml2_1/foobar/sso/saml\"/><md:SingleSignOnService Binding=\"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect\" Location=\"https://trial-1234567.okta.com/app/trial-1234567_saml2_1/foobar/sso/saml\"/></md:IDPSSODescriptor></md:EntityDescriptor>"),
UserAttribute: pulumi.String("http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier"),
GroupAttribute: pulumi.String("ALLGroups"),
SessionTimeout: pulumi.Int(120),
},
})
if err != nil {
return err
}
return nil
})
}
Coming soon!
import pulumi
import pulumi_aws_native as aws_native
test_security_config = aws_native.opensearchserverless.SecurityConfig("testSecurityConfig",
name="my-provider",
type=aws_native.opensearchserverless.SecurityConfigType.SAML,
description="Serverless SAML configuration",
saml_options=aws_native.opensearchserverless.SecurityConfigSamlConfigOptionsArgs(
metadata="<?xml version=\"1.0\" encoding=\"UTF-8\"?><md:EntityDescriptor entityID=\"http://www.okta.com/foobar\" xmlns:md=\"urn:oasis:names:tc:SAML:2.0:metadata\"><md:IDPSSODescriptor WantAuthnRequestsSigned=\"false\" protocolSupportEnumeration=\"urn:oasis:names:tc:SAML:2.0:protocol\"><md:KeyDescriptor use=\"signing\"><ds:KeyInfo xmlns:ds=\"http://www.w3.org/2000/09/xmldsig#\"><ds:X509Data><ds:X509Certificate>Mfoobar</ds:X509Certificate></ds:X509Data></ds:KeyInfo></md:KeyDescriptor><md:NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress</md:NameIDFormat><md:SingleSignOnService Binding=\"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST\" Location=\"https://trial-1234567.okta.com/app/trial-1234567_saml2_1/foobar/sso/saml\"/><md:SingleSignOnService Binding=\"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect\" Location=\"https://trial-1234567.okta.com/app/trial-1234567_saml2_1/foobar/sso/saml\"/></md:IDPSSODescriptor></md:EntityDescriptor>",
user_attribute="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier",
group_attribute="ALLGroups",
session_timeout=120,
))
import * as pulumi from "@pulumi/pulumi";
import * as aws_native from "@pulumi/aws-native";
const testSecurityConfig = new aws_native.opensearchserverless.SecurityConfig("testSecurityConfig", {
name: "my-provider",
type: aws_native.opensearchserverless.SecurityConfigType.Saml,
description: "Serverless SAML configuration",
samlOptions: {
metadata: "<?xml version=\"1.0\" encoding=\"UTF-8\"?><md:EntityDescriptor entityID=\"http://www.okta.com/foobar\" xmlns:md=\"urn:oasis:names:tc:SAML:2.0:metadata\"><md:IDPSSODescriptor WantAuthnRequestsSigned=\"false\" protocolSupportEnumeration=\"urn:oasis:names:tc:SAML:2.0:protocol\"><md:KeyDescriptor use=\"signing\"><ds:KeyInfo xmlns:ds=\"http://www.w3.org/2000/09/xmldsig#\"><ds:X509Data><ds:X509Certificate>Mfoobar</ds:X509Certificate></ds:X509Data></ds:KeyInfo></md:KeyDescriptor><md:NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress</md:NameIDFormat><md:SingleSignOnService Binding=\"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST\" Location=\"https://trial-1234567.okta.com/app/trial-1234567_saml2_1/foobar/sso/saml\"/><md:SingleSignOnService Binding=\"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect\" Location=\"https://trial-1234567.okta.com/app/trial-1234567_saml2_1/foobar/sso/saml\"/></md:IDPSSODescriptor></md:EntityDescriptor>",
userAttribute: "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier",
groupAttribute: "ALLGroups",
sessionTimeout: 120,
},
});
Coming soon!
Example
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using AwsNative = Pulumi.AwsNative;
return await Deployment.RunAsync(() =>
{
var testSecurityConfig = new AwsNative.OpenSearchServerless.SecurityConfig("testSecurityConfig", new()
{
Name = "my-provider",
Type = AwsNative.OpenSearchServerless.SecurityConfigType.Saml,
Description = "Serverless SAML configuration",
SamlOptions = new AwsNative.OpenSearchServerless.Inputs.SecurityConfigSamlConfigOptionsArgs
{
Metadata = "<?xml version=\"1.0\" encoding=\"UTF-8\"?><md:EntityDescriptor entityID=\"http://www.okta.com/foobar\" xmlns:md=\"urn:oasis:names:tc:SAML:2.0:metadata\"><md:IDPSSODescriptor WantAuthnRequestsSigned=\"false\" protocolSupportEnumeration=\"urn:oasis:names:tc:SAML:2.0:protocol\"><md:KeyDescriptor use=\"signing\"><ds:KeyInfo xmlns:ds=\"http://www.w3.org/2000/09/xmldsig#\"><ds:X509Data><ds:X509Certificate>Mfoobar</ds:X509Certificate></ds:X509Data></ds:KeyInfo></md:KeyDescriptor><md:NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress</md:NameIDFormat><md:SingleSignOnService Binding=\"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST\" Location=\"https://trial-1234567.okta.com/app/trial-1234567_saml2_1/foobar/sso/saml\"/><md:SingleSignOnService Binding=\"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect\" Location=\"https://trial-1234567.okta.com/app/trial-1234567_saml2_1/foobar/sso/saml\"/></md:IDPSSODescriptor></md:EntityDescriptor>",
UserAttribute = "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier",
GroupAttribute = "ALLGroups",
SessionTimeout = 120,
},
});
});
package main
import (
"github.com/pulumi/pulumi-aws-native/sdk/go/aws/opensearchserverless"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := opensearchserverless.NewSecurityConfig(ctx, "testSecurityConfig", &opensearchserverless.SecurityConfigArgs{
Name: pulumi.String("my-provider"),
Type: opensearchserverless.SecurityConfigTypeSaml,
Description: pulumi.String("Serverless SAML configuration"),
SamlOptions: &opensearchserverless.SecurityConfigSamlConfigOptionsArgs{
Metadata: pulumi.String("<?xml version=\"1.0\" encoding=\"UTF-8\"?><md:EntityDescriptor entityID=\"http://www.okta.com/foobar\" xmlns:md=\"urn:oasis:names:tc:SAML:2.0:metadata\"><md:IDPSSODescriptor WantAuthnRequestsSigned=\"false\" protocolSupportEnumeration=\"urn:oasis:names:tc:SAML:2.0:protocol\"><md:KeyDescriptor use=\"signing\"><ds:KeyInfo xmlns:ds=\"http://www.w3.org/2000/09/xmldsig#\"><ds:X509Data><ds:X509Certificate>Mfoobar</ds:X509Certificate></ds:X509Data></ds:KeyInfo></md:KeyDescriptor><md:NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress</md:NameIDFormat><md:SingleSignOnService Binding=\"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST\" Location=\"https://trial-1234567.okta.com/app/trial-1234567_saml2_1/foobar/sso/saml\"/><md:SingleSignOnService Binding=\"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect\" Location=\"https://trial-1234567.okta.com/app/trial-1234567_saml2_1/foobar/sso/saml\"/></md:IDPSSODescriptor></md:EntityDescriptor>"),
UserAttribute: pulumi.String("http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier"),
GroupAttribute: pulumi.String("ALLGroups"),
SessionTimeout: pulumi.Int(120),
},
})
if err != nil {
return err
}
return nil
})
}
Coming soon!
import pulumi
import pulumi_aws_native as aws_native
test_security_config = aws_native.opensearchserverless.SecurityConfig("testSecurityConfig",
name="my-provider",
type=aws_native.opensearchserverless.SecurityConfigType.SAML,
description="Serverless SAML configuration",
saml_options=aws_native.opensearchserverless.SecurityConfigSamlConfigOptionsArgs(
metadata="<?xml version=\"1.0\" encoding=\"UTF-8\"?><md:EntityDescriptor entityID=\"http://www.okta.com/foobar\" xmlns:md=\"urn:oasis:names:tc:SAML:2.0:metadata\"><md:IDPSSODescriptor WantAuthnRequestsSigned=\"false\" protocolSupportEnumeration=\"urn:oasis:names:tc:SAML:2.0:protocol\"><md:KeyDescriptor use=\"signing\"><ds:KeyInfo xmlns:ds=\"http://www.w3.org/2000/09/xmldsig#\"><ds:X509Data><ds:X509Certificate>Mfoobar</ds:X509Certificate></ds:X509Data></ds:KeyInfo></md:KeyDescriptor><md:NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress</md:NameIDFormat><md:SingleSignOnService Binding=\"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST\" Location=\"https://trial-1234567.okta.com/app/trial-1234567_saml2_1/foobar/sso/saml\"/><md:SingleSignOnService Binding=\"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect\" Location=\"https://trial-1234567.okta.com/app/trial-1234567_saml2_1/foobar/sso/saml\"/></md:IDPSSODescriptor></md:EntityDescriptor>",
user_attribute="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier",
group_attribute="ALLGroups",
session_timeout=120,
))
import * as pulumi from "@pulumi/pulumi";
import * as aws_native from "@pulumi/aws-native";
const testSecurityConfig = new aws_native.opensearchserverless.SecurityConfig("testSecurityConfig", {
name: "my-provider",
type: aws_native.opensearchserverless.SecurityConfigType.Saml,
description: "Serverless SAML configuration",
samlOptions: {
metadata: "<?xml version=\"1.0\" encoding=\"UTF-8\"?><md:EntityDescriptor entityID=\"http://www.okta.com/foobar\" xmlns:md=\"urn:oasis:names:tc:SAML:2.0:metadata\"><md:IDPSSODescriptor WantAuthnRequestsSigned=\"false\" protocolSupportEnumeration=\"urn:oasis:names:tc:SAML:2.0:protocol\"><md:KeyDescriptor use=\"signing\"><ds:KeyInfo xmlns:ds=\"http://www.w3.org/2000/09/xmldsig#\"><ds:X509Data><ds:X509Certificate>Mfoobar</ds:X509Certificate></ds:X509Data></ds:KeyInfo></md:KeyDescriptor><md:NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress</md:NameIDFormat><md:SingleSignOnService Binding=\"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST\" Location=\"https://trial-1234567.okta.com/app/trial-1234567_saml2_1/foobar/sso/saml\"/><md:SingleSignOnService Binding=\"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect\" Location=\"https://trial-1234567.okta.com/app/trial-1234567_saml2_1/foobar/sso/saml\"/></md:IDPSSODescriptor></md:EntityDescriptor>",
userAttribute: "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier",
groupAttribute: "ALLGroups",
sessionTimeout: 120,
},
});
Coming soon!
Create SecurityConfig Resource
new SecurityConfig(name: string, args?: SecurityConfigArgs, opts?: CustomResourceOptions);
@overload
def SecurityConfig(resource_name: str,
opts: Optional[ResourceOptions] = None,
description: Optional[str] = None,
name: Optional[str] = None,
saml_options: Optional[SecurityConfigSamlConfigOptionsArgs] = None,
type: Optional[SecurityConfigType] = None)
@overload
def SecurityConfig(resource_name: str,
args: Optional[SecurityConfigArgs] = None,
opts: Optional[ResourceOptions] = None)
func NewSecurityConfig(ctx *Context, name string, args *SecurityConfigArgs, opts ...ResourceOption) (*SecurityConfig, error)
public SecurityConfig(string name, SecurityConfigArgs? args = null, CustomResourceOptions? opts = null)
public SecurityConfig(String name, SecurityConfigArgs args)
public SecurityConfig(String name, SecurityConfigArgs args, CustomResourceOptions options)
type: aws-native:opensearchserverless:SecurityConfig
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args SecurityConfigArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args SecurityConfigArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args SecurityConfigArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args SecurityConfigArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args SecurityConfigArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
SecurityConfig Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
The SecurityConfig resource accepts the following input properties:
- Description string
- Security config description
- Name string
- The friendly name of the security config
- Saml
Options Pulumi.Aws Native. Open Search Serverless. Inputs. Security Config Saml Config Options - Type
Pulumi.
Aws Native. Open Search Serverless. Security Config Type
- Description string
- Security config description
- Name string
- The friendly name of the security config
- Saml
Options SecurityConfig Saml Config Options Args - Type
Security
Config Type
- description String
- Security config description
- name String
- The friendly name of the security config
- saml
Options SecurityConfig Saml Config Options - type
Security
Config Type
- description string
- Security config description
- name string
- The friendly name of the security config
- saml
Options SecurityConfig Saml Config Options - type
Security
Config Type
- description str
- Security config description
- name str
- The friendly name of the security config
- saml_
options SecurityConfig Saml Config Options Args - type
Security
Config Type
- description String
- Security config description
- name String
- The friendly name of the security config
- saml
Options Property Map - type "saml"
Outputs
All input properties are implicitly available as output properties. Additionally, the SecurityConfig resource produces the following output properties:
Supporting Types
SecurityConfigSamlConfigOptions, SecurityConfigSamlConfigOptionsArgs
- Metadata string
- The XML saml provider metadata document that you want to use
- Group
Attribute string - Group attribute for this saml integration
- Session
Timeout int - Defines the session timeout in minutes
- User
Attribute string - Custom attribute for this saml integration
- Metadata string
- The XML saml provider metadata document that you want to use
- Group
Attribute string - Group attribute for this saml integration
- Session
Timeout int - Defines the session timeout in minutes
- User
Attribute string - Custom attribute for this saml integration
- metadata String
- The XML saml provider metadata document that you want to use
- group
Attribute String - Group attribute for this saml integration
- session
Timeout Integer - Defines the session timeout in minutes
- user
Attribute String - Custom attribute for this saml integration
- metadata string
- The XML saml provider metadata document that you want to use
- group
Attribute string - Group attribute for this saml integration
- session
Timeout number - Defines the session timeout in minutes
- user
Attribute string - Custom attribute for this saml integration
- metadata str
- The XML saml provider metadata document that you want to use
- group_
attribute str - Group attribute for this saml integration
- session_
timeout int - Defines the session timeout in minutes
- user_
attribute str - Custom attribute for this saml integration
- metadata String
- The XML saml provider metadata document that you want to use
- group
Attribute String - Group attribute for this saml integration
- session
Timeout Number - Defines the session timeout in minutes
- user
Attribute String - Custom attribute for this saml integration
SecurityConfigType, SecurityConfigTypeArgs
- Saml
- saml
- Security
Config Type Saml - saml
- Saml
- saml
- Saml
- saml
- SAML
- saml
- "saml"
- saml
Package Details
- Repository
- AWS Native pulumi/pulumi-aws-native
- License
- Apache-2.0
AWS Native is in preview. AWS Classic is fully supported.
AWS Native v0.100.0 published on Wednesday, Mar 27, 2024 by Pulumi