Optional Readonlyipv4IPv4 CIDR blocks allowed to access the OpenSearch domain.
Use cases: Network-based access control; VPC CIDR allowlisting; Client IP restrictions
AWS: Security group ingress rules with IPv4 CIDR sources
Validation: Optional; array of valid IPv4 CIDR blocks (e.g., '10.0.0.0/16')
Optional ReadonlysgSecurity group IDs allowed to access the OpenSearch domain.
Use cases: Service-to-service access; Application tier connectivity; Security group chaining
AWS: Security group ingress rules with security group sources
Validation: Optional; array of valid security group IDs in the same VPC
Ingress rules for the OpenSearch domain security group. Supports both IPv4 CIDR blocks and security group references.
Use cases: IP-based access control; Security group-based service connectivity
AWS: VPC security group ingress rules for OpenSearch domain
Validation: At least one of ipv4 or sg should be specified