MDAA TS Docs
    Preparing search index...

    Interface OpensearchDomainProps

    interface OpensearchDomainProps {
        accessPolicies: PolicyStatementProps[];
        automatedSnapshotStartHour: number;
        capacity: CapacityConfig;
        customEndpoint?: CustomEndpointConfig;
        dataAdminRole: MdaaRoleRef;
        ebs: EbsOptions;
        enableVersionUpgrade: boolean;
        eventNotifications?: EventNotificationsProps;
        opensearchDomainName: string;
        opensearchEngineVersion: string;
        samlAuthentication?: SamlAuthenticationConfig;
        securityGroupIngress: SecurityGroupIngressProps;
        subnets: SubnetConfig[];
        vpcId: string;
        zoneAwareness?: ZoneAwarenessConfig;
    }
    Index

    Properties

    accessPolicies automatedSnapshotStartHour capacity customEndpoint? dataAdminRole ebs enableVersionUpgrade eventNotifications? opensearchDomainName opensearchEngineVersion samlAuthentication? securityGroupIngress subnets vpcId zoneAwareness?

    Properties

    accessPolicies: PolicyStatementProps[]

    IAM policy statements defining domain access control. Note: IP-based policies cannot be applied to VPC-bound domains.

    Use cases: Fine-grained access control; Resource-based permissions; Domain security

    AWS: OpenSearch domain access policies

    Validation: Required; array of valid PolicyStatementProps

    automatedSnapshotStartHour: number

    Hour of day (0-23 UTC) when automated snapshot creation begins.

    Use cases: Backup scheduling; Data protection; Recovery point management

    AWS: OpenSearch automated snapshot configuration

    Validation: Required; integer 0-23

    capacity: CapacityConfig

    Cluster capacity configuration defining master nodes, data nodes, and warm nodes.

    Use cases: Performance sizing; Cost management; Workload-specific capacity

    AWS: OpenSearch cluster node types and counts

    Validation: Required; valid CapacityConfig

    customEndpoint?: CustomEndpointConfig

    Custom endpoint configuration for branded domain access with SSL and optional Route53 DNS.

    Use cases: Branded domain access; Custom SSL certificates; Automated DNS management

    AWS: OpenSearch custom endpoint with ACM and Route53

    Validation: Optional; valid CustomEndpointConfig

    dataAdminRole: MdaaRoleRef

    IAM role granted admin access to OpenSearch Dashboard for SAML configuration and domain management.

    Use cases: Domain administration; Dashboard SAML setup; Security configuration

    AWS: IAM role with OpenSearch admin permissions

    Validation: Required; valid MdaaRoleRef

    ebs: EbsOptions

    EBS storage configuration for cluster data nodes (volume type, size, IOPS).

    Use cases: Storage sizing; I/O performance tuning; Data retention capacity

    AWS: EBS volumes attached to OpenSearch data nodes

    Validation: Required; valid EbsOptions

    enableVersionUpgrade: boolean

    Allow automatic OpenSearch engine version upgrades for security patches and features.

    Use cases: Automated maintenance; Security patching; Version management

    AWS: OpenSearch automatic version upgrade setting

    Validation: Required; boolean

    eventNotifications?: EventNotificationsProps

    Event notification configuration for domain monitoring via SNS email subscriptions.

    Use cases: Operational alerting; Domain health monitoring; Event tracking

    AWS: SNS topic with email subscriptions for OpenSearch domain events

    Validation: Optional; valid EventNotificationsProps

    opensearchDomainName: string

    Functional name for the OpenSearch domain. Processed through MDAA naming conventions; if the resulting name exceeds 28 characters, a random ID suffix is appended to a truncated name.

    Use cases: Domain identification; MDAA naming convention compliance

    AWS: OpenSearch domain name

    Validation: Required; string

    opensearchEngineVersion: string

    OpenSearch engine version in x.y format (e.g., '2.3').

    Use cases: Version-specific features; Compatibility control; Engine selection

    AWS: OpenSearch engine version

    Validation: Required; supported OpenSearch version string

    samlAuthentication?: SamlAuthenticationConfig

    SAML authentication configuration for SSO integration with corporate identity providers (e.g., Okta, Azure AD, AWS IAM Identity Center).

    Use cases: Single Sign-On; Corporate identity integration; Centralized authentication

    AWS: OpenSearch SAML authentication for Dashboard SSO

    Validation: Optional; valid SamlAuthenticationConfig with idpEntityId and idpMetadataXml

    securityGroupIngress: SecurityGroupIngressProps

    Security group ingress rules controlling network access to the domain. All egress is permitted by default; no ingress is permitted by default.

    Use cases: Network access control; IP and security group-based restrictions

    AWS: VPC security group for OpenSearch domain

    Validation: Required; valid SecurityGroupIngressProps

    subnets: SubnetConfig[]

    Subnet configurations for domain node placement. Number of subnets must match or exceed the zoneAwareness availabilityZoneCount.

    Use cases: Multi-AZ deployment; High availability; Fault tolerance

    AWS: VPC subnets for OpenSearch domain nodes

    Validation: Required; array of SubnetConfig with matching AZs

    vpcId: string

    VPC ID for OpenSearch domain deployment. The domain is VPC-bound without public addresses.

    Use cases: Network isolation; Private domain deployment; VPC security

    AWS: VPC for OpenSearch domain network configuration

    Validation: Required; valid VPC ID

    zoneAwareness?: ZoneAwarenessConfig

    Zone awareness configuration for shard distribution across 2 or 3 availability zones.

    Use cases: Multi-AZ fault tolerance; Shard distribution; High availability

    AWS: OpenSearch zone awareness for cross-AZ shard replication

    Validation: Optional; valid ZoneAwarenessConfig

    Settings

    Member Visibility

    On This Page

    Properties