AWS Classic v5.41.0, May 15 23

aws.elasticsearch.DomainSamlOptions

Explore with Pulumi AI

Manages SAML authentication options for an AWS Elasticsearch Domain.

Example Usage

Basic Usage

using System.Collections.Generic;
using System.IO;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;

return await Deployment.RunAsync(() => 
{
    var exampleDomain = new Aws.ElasticSearch.Domain("exampleDomain", new()
    {
        ElasticsearchVersion = "1.5",
        ClusterConfig = new Aws.ElasticSearch.Inputs.DomainClusterConfigArgs
        {
            InstanceType = "r4.large.elasticsearch",
        },
        SnapshotOptions = new Aws.ElasticSearch.Inputs.DomainSnapshotOptionsArgs
        {
            AutomatedSnapshotStartHour = 23,
        },
        Tags = 
        {
            { "Domain", "TestDomain" },
        },
    });

    var exampleDomainSamlOptions = new Aws.ElasticSearch.DomainSamlOptions("exampleDomainSamlOptions", new()
    {
        DomainName = exampleDomain.DomainName,
        SamlOptions = new Aws.ElasticSearch.Inputs.DomainSamlOptionsSamlOptionsArgs
        {
            Enabled = true,
            Idp = new Aws.ElasticSearch.Inputs.DomainSamlOptionsSamlOptionsIdpArgs
            {
                EntityId = "https://example.com",
                MetadataContent = File.ReadAllText("./saml-metadata.xml"),
            },
        },
    });

});

package main

import (
	"os"

	"github.com/pulumi/pulumi-aws/sdk/v5/go/aws/elasticsearch"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func readFileOrPanic(path string) pulumi.StringPtrInput {
	data, err := os.ReadFile(path)
	if err != nil {
		panic(err.Error())
	}
	return pulumi.String(string(data))
}

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		exampleDomain, err := elasticsearch.NewDomain(ctx, "exampleDomain", &elasticsearch.DomainArgs{
			ElasticsearchVersion: pulumi.String("1.5"),
			ClusterConfig: &elasticsearch.DomainClusterConfigArgs{
				InstanceType: pulumi.String("r4.large.elasticsearch"),
			},
			SnapshotOptions: &elasticsearch.DomainSnapshotOptionsArgs{
				AutomatedSnapshotStartHour: pulumi.Int(23),
			},
			Tags: pulumi.StringMap{
				"Domain": pulumi.String("TestDomain"),
			},
		})
		if err != nil {
			return err
		}
		_, err = elasticsearch.NewDomainSamlOptions(ctx, "exampleDomainSamlOptions", &elasticsearch.DomainSamlOptionsArgs{
			DomainName: exampleDomain.DomainName,
			SamlOptions: &elasticsearch.DomainSamlOptionsSamlOptionsArgs{
				Enabled: pulumi.Bool(true),
				Idp: &elasticsearch.DomainSamlOptionsSamlOptionsIdpArgs{
					EntityId:        pulumi.String("https://example.com"),
					MetadataContent: readFileOrPanic("./saml-metadata.xml"),
				},
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.elasticsearch.Domain;
import com.pulumi.aws.elasticsearch.DomainArgs;
import com.pulumi.aws.elasticsearch.inputs.DomainClusterConfigArgs;
import com.pulumi.aws.elasticsearch.inputs.DomainSnapshotOptionsArgs;
import com.pulumi.aws.elasticsearch.DomainSamlOptions;
import com.pulumi.aws.elasticsearch.DomainSamlOptionsArgs;
import com.pulumi.aws.elasticsearch.inputs.DomainSamlOptionsSamlOptionsArgs;
import com.pulumi.aws.elasticsearch.inputs.DomainSamlOptionsSamlOptionsIdpArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var exampleDomain = new Domain("exampleDomain", DomainArgs.builder()        
            .elasticsearchVersion("1.5")
            .clusterConfig(DomainClusterConfigArgs.builder()
                .instanceType("r4.large.elasticsearch")
                .build())
            .snapshotOptions(DomainSnapshotOptionsArgs.builder()
                .automatedSnapshotStartHour(23)
                .build())
            .tags(Map.of("Domain", "TestDomain"))
            .build());

        var exampleDomainSamlOptions = new DomainSamlOptions("exampleDomainSamlOptions", DomainSamlOptionsArgs.builder()        
            .domainName(exampleDomain.domainName())
            .samlOptions(DomainSamlOptionsSamlOptionsArgs.builder()
                .enabled(true)
                .idp(DomainSamlOptionsSamlOptionsIdpArgs.builder()
                    .entityId("https://example.com")
                    .metadataContent(Files.readString(Paths.get("./saml-metadata.xml")))
                    .build())
                .build())
            .build());

    }
}

import pulumi
import pulumi_aws as aws

example_domain = aws.elasticsearch.Domain("exampleDomain",
    elasticsearch_version="1.5",
    cluster_config=aws.elasticsearch.DomainClusterConfigArgs(
        instance_type="r4.large.elasticsearch",
    ),
    snapshot_options=aws.elasticsearch.DomainSnapshotOptionsArgs(
        automated_snapshot_start_hour=23,
    ),
    tags={
        "Domain": "TestDomain",
    })
example_domain_saml_options = aws.elasticsearch.DomainSamlOptions("exampleDomainSamlOptions",
    domain_name=example_domain.domain_name,
    saml_options=aws.elasticsearch.DomainSamlOptionsSamlOptionsArgs(
        enabled=True,
        idp=aws.elasticsearch.DomainSamlOptionsSamlOptionsIdpArgs(
            entity_id="https://example.com",
            metadata_content=(lambda path: open(path).read())("./saml-metadata.xml"),
        ),
    ))

import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
import * as fs from "fs";

const exampleDomain = new aws.elasticsearch.Domain("exampleDomain", {
    elasticsearchVersion: "1.5",
    clusterConfig: {
        instanceType: "r4.large.elasticsearch",
    },
    snapshotOptions: {
        automatedSnapshotStartHour: 23,
    },
    tags: {
        Domain: "TestDomain",
    },
});
const exampleDomainSamlOptions = new aws.elasticsearch.DomainSamlOptions("exampleDomainSamlOptions", {
    domainName: exampleDomain.domainName,
    samlOptions: {
        enabled: true,
        idp: {
            entityId: "https://example.com",
            metadataContent: fs.readFileSync("./saml-metadata.xml"),
        },
    },
});

resources:
  exampleDomain:
    type: aws:elasticsearch:Domain
    properties:
      elasticsearchVersion: '1.5'
      clusterConfig:
        instanceType: r4.large.elasticsearch
      snapshotOptions:
        automatedSnapshotStartHour: 23
      tags:
        Domain: TestDomain
  exampleDomainSamlOptions:
    type: aws:elasticsearch:DomainSamlOptions
    properties:
      domainName: ${exampleDomain.domainName}
      samlOptions:
        enabled: true
        idp:
          entityId: https://example.com
          metadataContent:
            fn::readFile: ./saml-metadata.xml

Create DomainSamlOptions Resource

new DomainSamlOptions(name: string, args: DomainSamlOptionsArgs, opts?: CustomResourceOptions);

@overload
def DomainSamlOptions(resource_name: str,
                      opts: Optional[ResourceOptions] = None,
                      domain_name: Optional[str] = None,
                      saml_options: Optional[DomainSamlOptionsSamlOptionsArgs] = None)
@overload
def DomainSamlOptions(resource_name: str,
                      args: DomainSamlOptionsArgs,
                      opts: Optional[ResourceOptions] = None)

func NewDomainSamlOptions(ctx *Context, name string, args DomainSamlOptionsArgs, opts ...ResourceOption) (*DomainSamlOptions, error)

public DomainSamlOptions(string name, DomainSamlOptionsArgs args, CustomResourceOptions? opts = null)

public DomainSamlOptions(String name, DomainSamlOptionsArgs args)
public DomainSamlOptions(String name, DomainSamlOptionsArgs args, CustomResourceOptions options)

type: aws:elasticsearch:DomainSamlOptions
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

name string: The unique name of the resource.
args DomainSamlOptionsArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

resource_name str: The unique name of the resource.
args DomainSamlOptionsArgs: The arguments to resource properties.
opts ResourceOptions: Bag of options to control resource's behavior.

ctx Context: Context object for the current deployment.
name string: The unique name of the resource.
args DomainSamlOptionsArgs: The arguments to resource properties.
opts ResourceOption: Bag of options to control resource's behavior.

name string: The unique name of the resource.
args DomainSamlOptionsArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

name String: The unique name of the resource.
args DomainSamlOptionsArgs: The arguments to resource properties.
options CustomResourceOptions: Bag of options to control resource's behavior.

DomainSamlOptions Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

The DomainSamlOptions resource accepts the following input properties:

DomainName string: Name of the domain.
SamlOptions DomainSamlOptionsSamlOptionsArgs: The SAML authentication options for an AWS Elasticsearch Domain.

DomainName string: Name of the domain.
SamlOptions DomainSamlOptionsSamlOptionsArgs: The SAML authentication options for an AWS Elasticsearch Domain.

domainName String: Name of the domain.
samlOptions DomainSamlOptionsSamlOptionsArgs: The SAML authentication options for an AWS Elasticsearch Domain.

domainName string: Name of the domain.
samlOptions DomainSamlOptionsSamlOptionsArgs: The SAML authentication options for an AWS Elasticsearch Domain.

domain_name str: Name of the domain.
saml_options DomainSamlOptionsSamlOptionsArgs: The SAML authentication options for an AWS Elasticsearch Domain.

domainName String: Name of the domain.
samlOptions Property Map: The SAML authentication options for an AWS Elasticsearch Domain.

Outputs

All input properties are implicitly available as output properties. Additionally, the DomainSamlOptions resource produces the following output properties:

Id string: The provider-assigned unique ID for this managed resource.

Id string: The provider-assigned unique ID for this managed resource.

id String: The provider-assigned unique ID for this managed resource.

id string: The provider-assigned unique ID for this managed resource.

id str: The provider-assigned unique ID for this managed resource.

id String: The provider-assigned unique ID for this managed resource.

Look up Existing DomainSamlOptions Resource

Get an existing DomainSamlOptions resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

public static get(name: string, id: Input<ID>, state?: DomainSamlOptionsState, opts?: CustomResourceOptions): DomainSamlOptions

@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        domain_name: Optional[str] = None,
        saml_options: Optional[DomainSamlOptionsSamlOptionsArgs] = None) -> DomainSamlOptions

func GetDomainSamlOptions(ctx *Context, name string, id IDInput, state *DomainSamlOptionsState, opts ...ResourceOption) (*DomainSamlOptions, error)

public static DomainSamlOptions Get(string name, Input<string> id, DomainSamlOptionsState? state, CustomResourceOptions? opts = null)

public static DomainSamlOptions get(String name, Output<String> id, DomainSamlOptionsState state, CustomResourceOptions options)

Resource lookup is not supported in YAML

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

resource_name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

The following state arguments are supported:

DomainName string: Name of the domain.
SamlOptions DomainSamlOptionsSamlOptionsArgs: The SAML authentication options for an AWS Elasticsearch Domain.

DomainName string: Name of the domain.
SamlOptions DomainSamlOptionsSamlOptionsArgs: The SAML authentication options for an AWS Elasticsearch Domain.

domainName String: Name of the domain.
samlOptions DomainSamlOptionsSamlOptionsArgs: The SAML authentication options for an AWS Elasticsearch Domain.

domainName string: Name of the domain.
samlOptions DomainSamlOptionsSamlOptionsArgs: The SAML authentication options for an AWS Elasticsearch Domain.

domain_name str: Name of the domain.
saml_options DomainSamlOptionsSamlOptionsArgs: The SAML authentication options for an AWS Elasticsearch Domain.

domainName String: Name of the domain.
samlOptions Property Map: The SAML authentication options for an AWS Elasticsearch Domain.

Supporting Types

DomainSamlOptionsSamlOptions

Enabled bool: Whether SAML authentication is enabled.
Idp DomainSamlOptionsSamlOptionsIdp: Information from your identity provider.
MasterBackendRole string: This backend role from the SAML IdP receives full permissions to the cluster, equivalent to a new master user.
MasterUserName string: This username from the SAML IdP receives full permissions to the cluster, equivalent to a new master user.
RolesKey string: Element of the SAML assertion to use for backend roles. Default is roles.
SessionTimeoutMinutes int: Duration of a session in minutes after a user logs in. Default is 60. Maximum value is 1,440.
SubjectKey string: Custom SAML attribute to use for user names. Default is an empty string - "". This will cause Elasticsearch to use the NameID element of the Subject, which is the default location for name identifiers in the SAML specification.

Enabled bool: Whether SAML authentication is enabled.
Idp DomainSamlOptionsSamlOptionsIdp: Information from your identity provider.
MasterBackendRole string: This backend role from the SAML IdP receives full permissions to the cluster, equivalent to a new master user.
MasterUserName string: This username from the SAML IdP receives full permissions to the cluster, equivalent to a new master user.
RolesKey string: Element of the SAML assertion to use for backend roles. Default is roles.
SessionTimeoutMinutes int: Duration of a session in minutes after a user logs in. Default is 60. Maximum value is 1,440.
SubjectKey string: Custom SAML attribute to use for user names. Default is an empty string - "". This will cause Elasticsearch to use the NameID element of the Subject, which is the default location for name identifiers in the SAML specification.

enabled Boolean: Whether SAML authentication is enabled.
idp DomainSamlOptionsSamlOptionsIdp: Information from your identity provider.
masterBackendRole String: This backend role from the SAML IdP receives full permissions to the cluster, equivalent to a new master user.
masterUserName String: This username from the SAML IdP receives full permissions to the cluster, equivalent to a new master user.
rolesKey String: Element of the SAML assertion to use for backend roles. Default is roles.
sessionTimeoutMinutes Integer: Duration of a session in minutes after a user logs in. Default is 60. Maximum value is 1,440.
subjectKey String: Custom SAML attribute to use for user names. Default is an empty string - "". This will cause Elasticsearch to use the NameID element of the Subject, which is the default location for name identifiers in the SAML specification.

enabled boolean: Whether SAML authentication is enabled.
idp DomainSamlOptionsSamlOptionsIdp: Information from your identity provider.
masterBackendRole string: This backend role from the SAML IdP receives full permissions to the cluster, equivalent to a new master user.
masterUserName string: This username from the SAML IdP receives full permissions to the cluster, equivalent to a new master user.
rolesKey string: Element of the SAML assertion to use for backend roles. Default is roles.
sessionTimeoutMinutes number: Duration of a session in minutes after a user logs in. Default is 60. Maximum value is 1,440.
subjectKey string: Custom SAML attribute to use for user names. Default is an empty string - "". This will cause Elasticsearch to use the NameID element of the Subject, which is the default location for name identifiers in the SAML specification.

enabled bool: Whether SAML authentication is enabled.
idp DomainSamlOptionsSamlOptionsIdp: Information from your identity provider.
master_backend_role str: This backend role from the SAML IdP receives full permissions to the cluster, equivalent to a new master user.
master_user_name str: This username from the SAML IdP receives full permissions to the cluster, equivalent to a new master user.
roles_key str: Element of the SAML assertion to use for backend roles. Default is roles.
session_timeout_minutes int: Duration of a session in minutes after a user logs in. Default is 60. Maximum value is 1,440.
subject_key str: Custom SAML attribute to use for user names. Default is an empty string - "". This will cause Elasticsearch to use the NameID element of the Subject, which is the default location for name identifiers in the SAML specification.

enabled Boolean: Whether SAML authentication is enabled.
idp Property Map: Information from your identity provider.
masterBackendRole String: This backend role from the SAML IdP receives full permissions to the cluster, equivalent to a new master user.
masterUserName String: This username from the SAML IdP receives full permissions to the cluster, equivalent to a new master user.
rolesKey String: Element of the SAML assertion to use for backend roles. Default is roles.
sessionTimeoutMinutes Number: Duration of a session in minutes after a user logs in. Default is 60. Maximum value is 1,440.
subjectKey String: Custom SAML attribute to use for user names. Default is an empty string - "". This will cause Elasticsearch to use the NameID element of the Subject, which is the default location for name identifiers in the SAML specification.

DomainSamlOptionsSamlOptionsIdp

EntityId string: The unique Entity ID of the application in SAML Identity Provider.
MetadataContent string: The Metadata of the SAML application in xml format.

EntityId string: The unique Entity ID of the application in SAML Identity Provider.
MetadataContent string: The Metadata of the SAML application in xml format.

entityId String: The unique Entity ID of the application in SAML Identity Provider.
metadataContent String: The Metadata of the SAML application in xml format.

entityId string: The unique Entity ID of the application in SAML Identity Provider.
metadataContent string: The Metadata of the SAML application in xml format.

entity_id str: The unique Entity ID of the application in SAML Identity Provider.
metadata_content str: The Metadata of the SAML application in xml format.

entityId String: The unique Entity ID of the application in SAML Identity Provider.
metadataContent String: The Metadata of the SAML application in xml format.

Import

Elasticsearch domains can be imported using the domain_name, e.g.,

 $ pulumi import aws:elasticsearch/domainSamlOptions:DomainSamlOptions example domain_name

Package Details

Repository: AWS Classic pulumi/pulumi-aws
License: Apache-2.0
Notes: This Pulumi package is based on the aws Terraform Provider.