OpenSearchServiceServerless / Client / update_security_config
update_security_config¶
- OpenSearchServiceServerless.Client.update_security_config(**kwargs)¶
Updates a security configuration for OpenSearch Serverless. For more information, see SAML authentication for Amazon OpenSearch Serverless.
See also: AWS API Documentation
Request Syntax
response = client.update_security_config( id='string', configVersion='string', description='string', samlOptions={ 'metadata': 'string', 'userAttribute': 'string', 'groupAttribute': 'string', 'openSearchServerlessEntityId': 'string', 'sessionTimeout': 123 }, iamIdentityCenterOptionsUpdates={ 'userAttribute': 'UserId'|'UserName'|'Email', 'groupAttribute': 'GroupId'|'GroupName' }, iamFederationOptions={ 'groupAttribute': 'string', 'userAttribute': 'string' }, clientToken='string' )
- Parameters:
id (string) –
[REQUIRED]
The security configuration identifier. For SAML the ID will be
saml/<accountId>/<idpProviderName>. For example,saml/123456789123/OKTADev.configVersion (string) –
[REQUIRED]
The version of the security configuration to be updated. You can find the most recent version of a security configuration using the
GetSecurityPolicycommand.description (string) – A description of the security configuration.
samlOptions (dict) –
SAML options in in the form of a key-value map.
metadata (string) – [REQUIRED]
The XML IdP metadata file generated from your identity provider.
userAttribute (string) –
A user attribute for this SAML integration.
groupAttribute (string) –
The group attribute for this SAML integration.
openSearchServerlessEntityId (string) –
Custom entity ID attribute to override the default entity ID for this SAML integration.
sessionTimeout (integer) –
The session timeout, in minutes. Default is 60 minutes (12 hours).
iamIdentityCenterOptionsUpdates (dict) –
Describes IAM Identity Center options in the form of a key-value map.
userAttribute (string) –
The user attribute for this IAM Identity Center integration. Defaults to
UserId.groupAttribute (string) –
The group attribute for this IAM Identity Center integration. Defaults to
GroupId.
iamFederationOptions (dict) –
Describes IAM federation options in the form of a key-value map for updating an existing security configuration. Use this field to modify IAM federation settings for the security configuration.
groupAttribute (string) –
The group attribute for this IAM federation integration. This attribute is used to map identity provider groups to OpenSearch Serverless permissions.
userAttribute (string) –
The user attribute for this IAM federation integration. This attribute is used to identify users in the federated authentication process.
clientToken (string) –
Unique, case-sensitive identifier to ensure idempotency of the request.
This field is autopopulated if not provided.
- Return type:
dict
- Returns:
Response Syntax
{ 'securityConfigDetail': { 'id': 'string', 'type': 'saml'|'iamidentitycenter'|'iamfederation', 'configVersion': 'string', 'description': 'string', 'samlOptions': { 'metadata': 'string', 'userAttribute': 'string', 'groupAttribute': 'string', 'openSearchServerlessEntityId': 'string', 'sessionTimeout': 123 }, 'iamIdentityCenterOptions': { 'instanceArn': 'string', 'applicationArn': 'string', 'applicationName': 'string', 'applicationDescription': 'string', 'userAttribute': 'UserId'|'UserName'|'Email', 'groupAttribute': 'GroupId'|'GroupName' }, 'iamFederationOptions': { 'groupAttribute': 'string', 'userAttribute': 'string' }, 'createdDate': 123, 'lastModifiedDate': 123 } }
Response Structure
(dict) –
securityConfigDetail (dict) –
Details about the updated security configuration.
id (string) –
The unique identifier of the security configuration.
type (string) –
The type of security configuration.
configVersion (string) –
The version of the security configuration.
description (string) –
The description of the security configuration.
samlOptions (dict) –
SAML options for the security configuration in the form of a key-value map.
metadata (string) –
The XML IdP metadata file generated from your identity provider.
userAttribute (string) –
A user attribute for this SAML integration.
groupAttribute (string) –
The group attribute for this SAML integration.
openSearchServerlessEntityId (string) –
Custom entity ID attribute to override the default entity ID for this SAML integration.
sessionTimeout (integer) –
The session timeout, in minutes. Default is 60 minutes (12 hours).
iamIdentityCenterOptions (dict) –
Describes IAM Identity Center options in the form of a key-value map.
instanceArn (string) –
The ARN of the IAM Identity Center instance used to integrate with OpenSearch Serverless.
applicationArn (string) –
The ARN of the IAM Identity Center application used to integrate with OpenSearch Serverless.
applicationName (string) –
The name of the IAM Identity Center application used to integrate with OpenSearch Serverless.
applicationDescription (string) –
The description of the IAM Identity Center application used to integrate with OpenSearch Serverless.
userAttribute (string) –
The user attribute for this IAM Identity Center integration. Defaults to
UserIdgroupAttribute (string) –
The group attribute for this IAM Identity Center integration. Defaults to
GroupId.
iamFederationOptions (dict) –
Describes IAM federation options in the form of a key-value map. Contains configuration details about how OpenSearch Serverless integrates with external identity providers through federation.
groupAttribute (string) –
The group attribute for this IAM federation integration. This attribute is used to map identity provider groups to OpenSearch Serverless permissions.
userAttribute (string) –
The user attribute for this IAM federation integration. This attribute is used to identify users in the federated authentication process.
createdDate (integer) –
The date the configuration was created.
lastModifiedDate (integer) –
The timestamp of when the configuration was last modified.
Exceptions