We recommend new projects start with resources from the AWS provider.
aws-native.opensearchserverless.SecurityConfig
Explore with Pulumi AI
We recommend new projects start with resources from the AWS provider.
Amazon OpenSearchServerless security config resource
Example Usage
Example
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using AwsNative = Pulumi.AwsNative;
return await Deployment.RunAsync(() =>
{
var testSecurityConfig = new AwsNative.OpenSearchServerless.SecurityConfig("testSecurityConfig", new()
{
Name = "my-provider",
Type = AwsNative.OpenSearchServerless.SecurityConfigType.Saml,
Description = "Serverless SAML configuration",
SamlOptions = new AwsNative.OpenSearchServerless.Inputs.SecurityConfigSamlConfigOptionsArgs
{
Metadata = "<?xml version=\"1.0\" encoding=\"UTF-8\"?><md:EntityDescriptor entityID=\"http://www.okta.com/foobar\" xmlns:md=\"urn:oasis:names:tc:SAML:2.0:metadata\"><md:IDPSSODescriptor WantAuthnRequestsSigned=\"false\" protocolSupportEnumeration=\"urn:oasis:names:tc:SAML:2.0:protocol\"><md:KeyDescriptor use=\"signing\"><ds:KeyInfo xmlns:ds=\"http://www.w3.org/2000/09/xmldsig#\"><ds:X509Data><ds:X509Certificate>Mfoobar</ds:X509Certificate></ds:X509Data></ds:KeyInfo></md:KeyDescriptor><md:NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress</md:NameIDFormat><md:SingleSignOnService Binding=\"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST\" Location=\"https://trial-1234567.okta.com/app/trial-1234567_saml2_1/foobar/sso/saml\"/><md:SingleSignOnService Binding=\"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect\" Location=\"https://trial-1234567.okta.com/app/trial-1234567_saml2_1/foobar/sso/saml\"/></md:IDPSSODescriptor></md:EntityDescriptor>",
UserAttribute = "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier",
GroupAttribute = "ALLGroups",
SessionTimeout = 120,
},
});
});
package main
import (
"github.com/pulumi/pulumi-aws-native/sdk/go/aws/opensearchserverless"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := opensearchserverless.NewSecurityConfig(ctx, "testSecurityConfig", &opensearchserverless.SecurityConfigArgs{
Name: pulumi.String("my-provider"),
Type: opensearchserverless.SecurityConfigTypeSaml,
Description: pulumi.String("Serverless SAML configuration"),
SamlOptions: &opensearchserverless.SecurityConfigSamlConfigOptionsArgs{
Metadata: pulumi.String("<?xml version=\"1.0\" encoding=\"UTF-8\"?><md:EntityDescriptor entityID=\"http://www.okta.com/foobar\" xmlns:md=\"urn:oasis:names:tc:SAML:2.0:metadata\"><md:IDPSSODescriptor WantAuthnRequestsSigned=\"false\" protocolSupportEnumeration=\"urn:oasis:names:tc:SAML:2.0:protocol\"><md:KeyDescriptor use=\"signing\"><ds:KeyInfo xmlns:ds=\"http://www.w3.org/2000/09/xmldsig#\"><ds:X509Data><ds:X509Certificate>Mfoobar</ds:X509Certificate></ds:X509Data></ds:KeyInfo></md:KeyDescriptor><md:NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress</md:NameIDFormat><md:SingleSignOnService Binding=\"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST\" Location=\"https://trial-1234567.okta.com/app/trial-1234567_saml2_1/foobar/sso/saml\"/><md:SingleSignOnService Binding=\"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect\" Location=\"https://trial-1234567.okta.com/app/trial-1234567_saml2_1/foobar/sso/saml\"/></md:IDPSSODescriptor></md:EntityDescriptor>"),
UserAttribute: pulumi.String("http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier"),
GroupAttribute: pulumi.String("ALLGroups"),
SessionTimeout: pulumi.Int(120),
},
})
if err != nil {
return err
}
return nil
})
}
Coming soon!
import pulumi
import pulumi_aws_native as aws_native
test_security_config = aws_native.opensearchserverless.SecurityConfig("testSecurityConfig",
name="my-provider",
type=aws_native.opensearchserverless.SecurityConfigType.SAML,
description="Serverless SAML configuration",
saml_options={
"metadata": "<?xml version=\"1.0\" encoding=\"UTF-8\"?><md:EntityDescriptor entityID=\"http://www.okta.com/foobar\" xmlns:md=\"urn:oasis:names:tc:SAML:2.0:metadata\"><md:IDPSSODescriptor WantAuthnRequestsSigned=\"false\" protocolSupportEnumeration=\"urn:oasis:names:tc:SAML:2.0:protocol\"><md:KeyDescriptor use=\"signing\"><ds:KeyInfo xmlns:ds=\"http://www.w3.org/2000/09/xmldsig#\"><ds:X509Data><ds:X509Certificate>Mfoobar</ds:X509Certificate></ds:X509Data></ds:KeyInfo></md:KeyDescriptor><md:NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress</md:NameIDFormat><md:SingleSignOnService Binding=\"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST\" Location=\"https://trial-1234567.okta.com/app/trial-1234567_saml2_1/foobar/sso/saml\"/><md:SingleSignOnService Binding=\"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect\" Location=\"https://trial-1234567.okta.com/app/trial-1234567_saml2_1/foobar/sso/saml\"/></md:IDPSSODescriptor></md:EntityDescriptor>",
"user_attribute": "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier",
"group_attribute": "ALLGroups",
"session_timeout": 120,
})
import * as pulumi from "@pulumi/pulumi";
import * as aws_native from "@pulumi/aws-native";
const testSecurityConfig = new aws_native.opensearchserverless.SecurityConfig("testSecurityConfig", {
name: "my-provider",
type: aws_native.opensearchserverless.SecurityConfigType.Saml,
description: "Serverless SAML configuration",
samlOptions: {
metadata: "<?xml version=\"1.0\" encoding=\"UTF-8\"?><md:EntityDescriptor entityID=\"http://www.okta.com/foobar\" xmlns:md=\"urn:oasis:names:tc:SAML:2.0:metadata\"><md:IDPSSODescriptor WantAuthnRequestsSigned=\"false\" protocolSupportEnumeration=\"urn:oasis:names:tc:SAML:2.0:protocol\"><md:KeyDescriptor use=\"signing\"><ds:KeyInfo xmlns:ds=\"http://www.w3.org/2000/09/xmldsig#\"><ds:X509Data><ds:X509Certificate>Mfoobar</ds:X509Certificate></ds:X509Data></ds:KeyInfo></md:KeyDescriptor><md:NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress</md:NameIDFormat><md:SingleSignOnService Binding=\"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST\" Location=\"https://trial-1234567.okta.com/app/trial-1234567_saml2_1/foobar/sso/saml\"/><md:SingleSignOnService Binding=\"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect\" Location=\"https://trial-1234567.okta.com/app/trial-1234567_saml2_1/foobar/sso/saml\"/></md:IDPSSODescriptor></md:EntityDescriptor>",
userAttribute: "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier",
groupAttribute: "ALLGroups",
sessionTimeout: 120,
},
});
Coming soon!
Example
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using AwsNative = Pulumi.AwsNative;
return await Deployment.RunAsync(() =>
{
var testSecurityConfig = new AwsNative.OpenSearchServerless.SecurityConfig("testSecurityConfig", new()
{
Name = "my-provider",
Type = AwsNative.OpenSearchServerless.SecurityConfigType.Saml,
Description = "Serverless SAML configuration",
SamlOptions = new AwsNative.OpenSearchServerless.Inputs.SecurityConfigSamlConfigOptionsArgs
{
Metadata = "<?xml version=\"1.0\" encoding=\"UTF-8\"?><md:EntityDescriptor entityID=\"http://www.okta.com/foobar\" xmlns:md=\"urn:oasis:names:tc:SAML:2.0:metadata\"><md:IDPSSODescriptor WantAuthnRequestsSigned=\"false\" protocolSupportEnumeration=\"urn:oasis:names:tc:SAML:2.0:protocol\"><md:KeyDescriptor use=\"signing\"><ds:KeyInfo xmlns:ds=\"http://www.w3.org/2000/09/xmldsig#\"><ds:X509Data><ds:X509Certificate>Mfoobar</ds:X509Certificate></ds:X509Data></ds:KeyInfo></md:KeyDescriptor><md:NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress</md:NameIDFormat><md:SingleSignOnService Binding=\"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST\" Location=\"https://trial-1234567.okta.com/app/trial-1234567_saml2_1/foobar/sso/saml\"/><md:SingleSignOnService Binding=\"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect\" Location=\"https://trial-1234567.okta.com/app/trial-1234567_saml2_1/foobar/sso/saml\"/></md:IDPSSODescriptor></md:EntityDescriptor>",
UserAttribute = "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier",
GroupAttribute = "ALLGroups",
SessionTimeout = 120,
},
});
});
package main
import (
"github.com/pulumi/pulumi-aws-native/sdk/go/aws/opensearchserverless"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := opensearchserverless.NewSecurityConfig(ctx, "testSecurityConfig", &opensearchserverless.SecurityConfigArgs{
Name: pulumi.String("my-provider"),
Type: opensearchserverless.SecurityConfigTypeSaml,
Description: pulumi.String("Serverless SAML configuration"),
SamlOptions: &opensearchserverless.SecurityConfigSamlConfigOptionsArgs{
Metadata: pulumi.String("<?xml version=\"1.0\" encoding=\"UTF-8\"?><md:EntityDescriptor entityID=\"http://www.okta.com/foobar\" xmlns:md=\"urn:oasis:names:tc:SAML:2.0:metadata\"><md:IDPSSODescriptor WantAuthnRequestsSigned=\"false\" protocolSupportEnumeration=\"urn:oasis:names:tc:SAML:2.0:protocol\"><md:KeyDescriptor use=\"signing\"><ds:KeyInfo xmlns:ds=\"http://www.w3.org/2000/09/xmldsig#\"><ds:X509Data><ds:X509Certificate>Mfoobar</ds:X509Certificate></ds:X509Data></ds:KeyInfo></md:KeyDescriptor><md:NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress</md:NameIDFormat><md:SingleSignOnService Binding=\"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST\" Location=\"https://trial-1234567.okta.com/app/trial-1234567_saml2_1/foobar/sso/saml\"/><md:SingleSignOnService Binding=\"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect\" Location=\"https://trial-1234567.okta.com/app/trial-1234567_saml2_1/foobar/sso/saml\"/></md:IDPSSODescriptor></md:EntityDescriptor>"),
UserAttribute: pulumi.String("http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier"),
GroupAttribute: pulumi.String("ALLGroups"),
SessionTimeout: pulumi.Int(120),
},
})
if err != nil {
return err
}
return nil
})
}
Coming soon!
import pulumi
import pulumi_aws_native as aws_native
test_security_config = aws_native.opensearchserverless.SecurityConfig("testSecurityConfig",
name="my-provider",
type=aws_native.opensearchserverless.SecurityConfigType.SAML,
description="Serverless SAML configuration",
saml_options={
"metadata": "<?xml version=\"1.0\" encoding=\"UTF-8\"?><md:EntityDescriptor entityID=\"http://www.okta.com/foobar\" xmlns:md=\"urn:oasis:names:tc:SAML:2.0:metadata\"><md:IDPSSODescriptor WantAuthnRequestsSigned=\"false\" protocolSupportEnumeration=\"urn:oasis:names:tc:SAML:2.0:protocol\"><md:KeyDescriptor use=\"signing\"><ds:KeyInfo xmlns:ds=\"http://www.w3.org/2000/09/xmldsig#\"><ds:X509Data><ds:X509Certificate>Mfoobar</ds:X509Certificate></ds:X509Data></ds:KeyInfo></md:KeyDescriptor><md:NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress</md:NameIDFormat><md:SingleSignOnService Binding=\"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST\" Location=\"https://trial-1234567.okta.com/app/trial-1234567_saml2_1/foobar/sso/saml\"/><md:SingleSignOnService Binding=\"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect\" Location=\"https://trial-1234567.okta.com/app/trial-1234567_saml2_1/foobar/sso/saml\"/></md:IDPSSODescriptor></md:EntityDescriptor>",
"user_attribute": "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier",
"group_attribute": "ALLGroups",
"session_timeout": 120,
})
import * as pulumi from "@pulumi/pulumi";
import * as aws_native from "@pulumi/aws-native";
const testSecurityConfig = new aws_native.opensearchserverless.SecurityConfig("testSecurityConfig", {
name: "my-provider",
type: aws_native.opensearchserverless.SecurityConfigType.Saml,
description: "Serverless SAML configuration",
samlOptions: {
metadata: "<?xml version=\"1.0\" encoding=\"UTF-8\"?><md:EntityDescriptor entityID=\"http://www.okta.com/foobar\" xmlns:md=\"urn:oasis:names:tc:SAML:2.0:metadata\"><md:IDPSSODescriptor WantAuthnRequestsSigned=\"false\" protocolSupportEnumeration=\"urn:oasis:names:tc:SAML:2.0:protocol\"><md:KeyDescriptor use=\"signing\"><ds:KeyInfo xmlns:ds=\"http://www.w3.org/2000/09/xmldsig#\"><ds:X509Data><ds:X509Certificate>Mfoobar</ds:X509Certificate></ds:X509Data></ds:KeyInfo></md:KeyDescriptor><md:NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress</md:NameIDFormat><md:SingleSignOnService Binding=\"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST\" Location=\"https://trial-1234567.okta.com/app/trial-1234567_saml2_1/foobar/sso/saml\"/><md:SingleSignOnService Binding=\"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect\" Location=\"https://trial-1234567.okta.com/app/trial-1234567_saml2_1/foobar/sso/saml\"/></md:IDPSSODescriptor></md:EntityDescriptor>",
userAttribute: "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier",
groupAttribute: "ALLGroups",
sessionTimeout: 120,
},
});
Coming soon!
Create SecurityConfig Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new SecurityConfig(name: string, args?: SecurityConfigArgs, opts?: CustomResourceOptions);
@overload
def SecurityConfig(resource_name: str,
args: Optional[SecurityConfigArgs] = None,
opts: Optional[ResourceOptions] = None)
@overload
def SecurityConfig(resource_name: str,
opts: Optional[ResourceOptions] = None,
description: Optional[str] = None,
name: Optional[str] = None,
saml_options: Optional[SecurityConfigSamlConfigOptionsArgs] = None,
type: Optional[SecurityConfigType] = None)
func NewSecurityConfig(ctx *Context, name string, args *SecurityConfigArgs, opts ...ResourceOption) (*SecurityConfig, error)
public SecurityConfig(string name, SecurityConfigArgs? args = null, CustomResourceOptions? opts = null)
public SecurityConfig(String name, SecurityConfigArgs args)
public SecurityConfig(String name, SecurityConfigArgs args, CustomResourceOptions options)
type: aws-native:opensearchserverless:SecurityConfig
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args SecurityConfigArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args SecurityConfigArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args SecurityConfigArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args SecurityConfigArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args SecurityConfigArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
SecurityConfig Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The SecurityConfig resource accepts the following input properties:
- Description string
- Security config description
- Name string
- The friendly name of the security config
- Saml
Options Pulumi.Aws Native. Open Search Serverless. Inputs. Security Config Saml Config Options - SAML options for the security configuration in the form of a key-value map.
- Type
Pulumi.
Aws Native. Open Search Serverless. Security Config Type - The type of security configuration. Currently the only option is
saml
.
- Description string
- Security config description
- Name string
- The friendly name of the security config
- Saml
Options SecurityConfig Saml Config Options Args - SAML options for the security configuration in the form of a key-value map.
- Type
Security
Config Type - The type of security configuration. Currently the only option is
saml
.
- description String
- Security config description
- name String
- The friendly name of the security config
- saml
Options SecurityConfig Saml Config Options - SAML options for the security configuration in the form of a key-value map.
- type
Security
Config Type - The type of security configuration. Currently the only option is
saml
.
- description string
- Security config description
- name string
- The friendly name of the security config
- saml
Options SecurityConfig Saml Config Options - SAML options for the security configuration in the form of a key-value map.
- type
Security
Config Type - The type of security configuration. Currently the only option is
saml
.
- description str
- Security config description
- name str
- The friendly name of the security config
- saml_
options SecurityConfig Saml Config Options Args - SAML options for the security configuration in the form of a key-value map.
- type
Security
Config Type - The type of security configuration. Currently the only option is
saml
.
- description String
- Security config description
- name String
- The friendly name of the security config
- saml
Options Property Map - SAML options for the security configuration in the form of a key-value map.
- type "saml"
- The type of security configuration. Currently the only option is
saml
.
Outputs
All input properties are implicitly available as output properties. Additionally, the SecurityConfig resource produces the following output properties:
Supporting Types
SecurityConfigSamlConfigOptions, SecurityConfigSamlConfigOptionsArgs
- Metadata string
- The XML saml provider metadata document that you want to use
- Group
Attribute string - Group attribute for this saml integration
- Session
Timeout int - Defines the session timeout in minutes
- User
Attribute string - Custom attribute for this saml integration
- Metadata string
- The XML saml provider metadata document that you want to use
- Group
Attribute string - Group attribute for this saml integration
- Session
Timeout int - Defines the session timeout in minutes
- User
Attribute string - Custom attribute for this saml integration
- metadata String
- The XML saml provider metadata document that you want to use
- group
Attribute String - Group attribute for this saml integration
- session
Timeout Integer - Defines the session timeout in minutes
- user
Attribute String - Custom attribute for this saml integration
- metadata string
- The XML saml provider metadata document that you want to use
- group
Attribute string - Group attribute for this saml integration
- session
Timeout number - Defines the session timeout in minutes
- user
Attribute string - Custom attribute for this saml integration
- metadata str
- The XML saml provider metadata document that you want to use
- group_
attribute str - Group attribute for this saml integration
- session_
timeout int - Defines the session timeout in minutes
- user_
attribute str - Custom attribute for this saml integration
- metadata String
- The XML saml provider metadata document that you want to use
- group
Attribute String - Group attribute for this saml integration
- session
Timeout Number - Defines the session timeout in minutes
- user
Attribute String - Custom attribute for this saml integration
SecurityConfigType, SecurityConfigTypeArgs
- Saml
- saml
- Security
Config Type Saml - saml
- Saml
- saml
- Saml
- saml
- SAML
- saml
- "saml"
- saml
Package Details
- Repository
- AWS Native pulumi/pulumi-aws-native
- License
- Apache-2.0
We recommend new projects start with resources from the AWS provider.