Amazon OpenSearch Service now supports enabling SAML during domain creation

Posted On: Feb 1, 2023

Amazon OpenSearch Service now supports enabling Security Assertion Markup Language (SAML) authentication for OpenSearch Dashboards during domain creation. SAML authentication for OpenSearch Dashboards enables users to integrate directly with identity providers (IDPs) such as Okta, Ping Identity, OneLogin, Auth0, Active Directory Federation Services (ADFS) and Azure Active Directory.

Previously this authentication method could be configured only after domain creation. Now, this feature can be enabled at domain creation using AWS Console/SDK or using AWS CloudFormation templates, giving you the ability to enable programmatically in fewer steps. With this feature, users can leverage their existing usernames and passwords to log in to OpenSearch Dashboards, and roles from your IDP can be used for controlling privileges, including what operations they can perform and what data they can search and visualize.

SAML authentication for OpenSearch Dashboards is available on any Amazon OpenSearch Service domain with fine-grained access control enabled. To learn more, please see the documentation.

This feature can be enabled on Amazon OpenSearch Service domains with Elasticsearch version 6.7 or higher and OpenSearch version 1.0 or higher across 31 regions globally: US East (N. Virginia), US East (Ohio), US West (Oregon), US West (N. California), AWS GovCloud (US-East), AWS GovCloud (US-West), Canada (Central), South America (Sao Paulo), Africa (Cape Town), Middle East (Bahrain), Middle East (UAE), Europe (Ireland), Europe (London), Europe (Frankfurt), Europe (Paris), Europe (Stockholm), Europe (Milan), Europe (Zurich), Europe (Spain), Asia Pacific (Jakarta), Asia Pacific (Singapore), Asia Pacific (Sydney), Asia Pacific (Tokyo), Asia Pacific (Osaka), Asia Pacific (Seoul), Asia Pacific (Mumbai), Asia Pacific (Hong Kong), Asia Pacific (Hyderabad), Asia Pacific (Melbourne), and China (Beijing – operated by Sinnet, Ningxia – operated by NWCD). Please refer to the AWS Region Table for more information about Amazon OpenSearch Service availability.