AWS Config Rule: OpenSearch Audit Logging Enabled
OPENSEARCH_AUDIT_LOGGING_ENABLED
Eduardo Van Cauteren
Last Update 6 months ago
Description: Checks if Amazon OpenSearch Service domains have audit logging enabled. The rule is NON_COMPLIANT if an OpenSearch Service domain does not have audit logging enabled.
Trigger type: Configuration changes
AWS Region: All supported AWS regions except China (Beijing), Asia Pacific (Jakarta), Africa (Cape Town), Middle East (UAE), Asia Pacific (Hyderabad), Asia Pacific (Osaka), Asia Pacific (Melbourne), Europe (Milan), AWS GovCloud (US-East), AWS GovCloud (US-West), Israel (Tel Aviv), Europe (Spain), China (Ningxia), Europe (Zurich) Region
How to Resolve Manually
This Config Rule will be marked as non-compliant if any of your OpenSearch Domains have the audit logs disabled. In order to resolve this manually, you will need to first head over to the Amazon OpenSearch Service within your AWS Console. Ensure to select the correct region for where your OpenSearch domain is located.
Once there, choose the resource you want to enable the logs for and then enable Audit logs from the Logs tab. You can use the following screenshot as reference:
Want to know more about StackZone and how to make your cloud management simple and secure?
Check our how it works section with easy to follow videos or just create your own StackZone Account here
