OpenSearch domains should encrypt data sent between nodes

opensearch
이 페이지는 아직 영어로 제공되지 않습니다. 번역 작업 중입니다.
현재 번역 프로젝트에 대한 질문이나 피드백이 있으신 경우 언제든지 연락주시기 바랍니다.

Description

This check determines if node-to-node encryption is activated for OpenSearch domains. Using HTTPS (TLS) can help prevent potential attackers from intercepting or altering network traffic through man-in-the-middle or similar attacks. Only secure connections via HTTPS (TLS) should be permitted. Activating node-to-node encryption for OpenSearch domains ensures that intra-cluster communications are securely encrypted while in transit.

Enabling this feature may come with a performance impact. It’s critical to understand and evaluate the performance implications before enabling this option.

Remediation

To activate node-to-node encryption for an OpenSearch domain, refer to Enabling node-to-node encryption in the Amazon OpenSearch Service Developer Guide.

PREVIEWING: brett.blue/embedded-collector-release