AWS Config Rule: OpenSearch Access Control Enabled
OPENSEARCH_ACCESS_CONTROL_ENABLED
Ryan Ware
Last Update 6 ay önce
Description: Checks if Amazon OpenSearch Service domains have fine-grained access control enabled. The rule is NON_COMPLIANT if AdvancedSecurityOptions is not enabled for the OpenSearch Service domain.
Trigger type: Configuration changes
AWS Region: All supported AWS regions except China (Beijing), Asia Pacific (Jakarta), Africa (Cape Town), Middle East (UAE), Asia Pacific (Hyderabad), Asia Pacific (Osaka), Asia Pacific (Melbourne), Europe (Milan), AWS GovCloud (US-East), AWS GovCloud (US-West), Israel (Tel Aviv), Europe (Spain), China (Ningxia), Europe (Zurich) Region
How to Resolve Manually
Fine-grained access control provides numerous features to help you keep your data secure. Features include document-level security, field-level security, read-only users, and OpenSearch Dashboards/Kibana tenants. Fine-grained access control requires a master user.
To Resolve this manually, you will need to first head to your OpenSearch dashboard in the AWS Console and choose OpenSearch Domains.
We want to focus on the section called Fine-grained access control. This needs to be enabled and you will need to set an IAM User by full arn as the Master User for your OpenSearch Domain.
Want to know more about StackZone and how to make your cloud management simple and secure?
Check our how it works section with easy to follow videos or just create your own StackZone Account here
