OpenSearch domains should have encryption at rest enabled

opensearch
이 페이지는 아직 영어로 제공되지 않습니다. 번역 작업 중입니다.
현재 번역 프로젝트에 대한 질문이나 피드백이 있으신 경우 언제든지 연락주시기 바랍니다.

Description

This check ensures an OpenSearch domain has encryption-at-rest enabled. To enhance security for sensitive information, it’s important to configure your OpenSearch Service domain for encryption at rest. With this setup, AWS Key Management Service (KMS) stores and manages your encryption keys, utilizing the Advanced Encryption Standard 256-bit algorithm (AES-256) for encryption. For additional details, refer to the section on data encryption at rest for Amazon OpenSearch Service in the Amazon OpenSearch Service Developer Guide.

Remediation

For a guide on enabling encryption at rest for both new and existing OpenSearch domains, please refer to the Enabling encryption of data at rest section in the Amazon OpenSearch Service Developer Guide.

PREVIEWING: brett.blue/embedded-collector-release