Skip to main content

lacework-global-124

OpenSearch Domain should have Encryption At Rest enabled

Description

OpenSearch Domain can contain important data that should not be accessible to unauthorized users. Encrypting the data can provide an extra level of security to the data in OpenSearch domain.

Remediation

  1. Log in to the AWS Management Console.

  2. Click Services.

  3. Select OpenSearch.

  4. Select the violating OpenSearch domain.

  5. Select the Security configuration tab.

  6. Click Edit.

  7. Under Encryption, select Enable encryption of data at rest.

  8. Choose an AWS Key Management Service (KMS) key.

  9. Click Save changes.

Last updated on