OpenSearchServiceServerless / Client / create_security_config

create_security_config

OpenSearchServiceServerless.Client.create_security_config(**kwargs)

Specifies a security configuration for OpenSearch Serverless. For more information, see SAML authentication for Amazon OpenSearch Serverless.

See also: AWS API Documentation

Request Syntax

response = client.create_security_config(
    clientToken='string',
    description='string',
    iamIdentityCenterOptions={
        'groupAttribute': 'GroupId'|'GroupName',
        'instanceArn': 'string',
        'userAttribute': 'UserId'|'UserName'|'Email'
    },
    name='string',
    samlOptions={
        'groupAttribute': 'string',
        'metadata': 'string',
        'sessionTimeout': 123,
        'userAttribute': 'string'
    },
    type='saml'|'iamidentitycenter'
)

Parameters:

• clientToken (string) –

  Unique, case-sensitive identifier to ensure idempotency of the request.

  This field is autopopulated if not provided.

• description (string) – A description of the security configuration.

• iamIdentityCenterOptions (dict) –

  Describes IAM Identity Center options in the form of a key-value map. This field is required if you specify iamidentitycenter for the type parameter.

  • groupAttribute (string) –

    The group attribute for this IAM Identity Center integration. Defaults to GroupId.

  • instanceArn (string) – [REQUIRED]

    The ARN of the IAM Identity Center instance used to integrate with OpenSearch Serverless.

  • userAttribute (string) –

    The user attribute for this IAM Identity Center integration. Defaults to UserId.

• name (string) –

  [REQUIRED]

  The name of the security configuration.

• samlOptions (dict) –

  Describes SAML options in in the form of a key-value map. This field is required if you specify saml for the type parameter.

  • groupAttribute (string) –

    The group attribute for this SAML integration.

  • metadata (string) – [REQUIRED]

    The XML IdP metadata file generated from your identity provider.

  • sessionTimeout (integer) –

    The session timeout, in minutes. Default is 60 minutes (12 hours).

  • userAttribute (string) –

    A user attribute for this SAML integration.

• type (string) –

  [REQUIRED]

  The type of security configuration.

Return type:

dict

Returns:

Response Syntax

{
    'securityConfigDetail': {
        'configVersion': 'string',
        'createdDate': 123,
        'description': 'string',
        'iamIdentityCenterOptions': {
            'applicationArn': 'string',
            'applicationDescription': 'string',
            'applicationName': 'string',
            'groupAttribute': 'GroupId'|'GroupName',
            'instanceArn': 'string',
            'userAttribute': 'UserId'|'UserName'|'Email'
        },
        'id': 'string',
        'lastModifiedDate': 123,
        'samlOptions': {
            'groupAttribute': 'string',
            'metadata': 'string',
            'sessionTimeout': 123,
            'userAttribute': 'string'
        },
        'type': 'saml'|'iamidentitycenter'
    }
}

Response Structure

• (dict) –

  • securityConfigDetail (dict) –

    Details about the created security configuration.

    • configVersion (string) –

      The version of the security configuration.

    • createdDate (integer) –

      The date the configuration was created.

    • description (string) –

      The description of the security configuration.

    • iamIdentityCenterOptions (dict) –

      Describes IAM Identity Center options in the form of a key-value map.

      • applicationArn (string) –

        The ARN of the IAM Identity Center application used to integrate with OpenSearch Serverless.

      • applicationDescription (string) –

        The description of the IAM Identity Center application used to integrate with OpenSearch Serverless.

      • applicationName (string) –

        The name of the IAM Identity Center application used to integrate with OpenSearch Serverless.

      • groupAttribute (string) –

        The group attribute for this IAM Identity Center integration. Defaults to GroupId.

      • instanceArn (string) –

        The ARN of the IAM Identity Center instance used to integrate with OpenSearch Serverless.

      • userAttribute (string) –

        The user attribute for this IAM Identity Center integration. Defaults to UserId

    • id (string) –

      The unique identifier of the security configuration.

    • lastModifiedDate (integer) –

      The timestamp of when the configuration was last modified.

    • samlOptions (dict) –

      SAML options for the security configuration in the form of a key-value map.

      • groupAttribute (string) –

        The group attribute for this SAML integration.

      • metadata (string) –

        The XML IdP metadata file generated from your identity provider.

      • sessionTimeout (integer) –

        The session timeout, in minutes. Default is 60 minutes (12 hours).

      • userAttribute (string) –

        A user attribute for this SAML integration.

    • type (string) –

      The type of security configuration.

Exceptions

• OpenSearchServiceServerless.Client.exceptions.InternalServerException

• OpenSearchServiceServerless.Client.exceptions.ConflictException

• OpenSearchServiceServerless.Client.exceptions.ValidationException

• OpenSearchServiceServerless.Client.exceptions.ServiceQuotaExceededException