OpenSearch domains should have fine-grained access control enabled

opensearch
This page is not yet available in Spanish. We are working on its translation.
If you have any questions or feedback about our current translation project, feel free to reach out to us!

Description

This control checks whether Amazon OpenSearch Service domains have fine-grained access control (FGAC) enabled. Fine-grained access control provides granular permissions management, including index-level, document-level, and field-level security. The control fails if FGAC is not enabled, as it is required through the advanced-security-options in the OpenSearch parameter update-domain-config. Enabling FGAC enhances data security by offering additional methods to control access to your data on Amazon OpenSearch Service.

Remediation

To enable fine-grained access control for an Amazon OpenSearch Service domain, refer to the Fine-Grained Access Control in Amazon OpenSearch Service section of the Amazon OpenSearch Service Developer Guide.

PREVIEWING: mcretzman/DOCS-9337-add-cloud-info-byoti