OpenSearch domain connections should be encrypted using the latest TLS security policy

This page is not yet available in Spanish. We are working on its translation.
If you have any questions or feedback about our current translation project, feel free to reach out to us!

Description

This control checks whether an Amazon OpenSearch Service domain endpoint is configured to use the latest TLS security policy, Policy-Min-TLS-1-2-PFS-2023-10. The control fails if the endpoint is not using this policy or if HTTPS is not enabled. Enforcing the latest version of TLS 1.2 helps secure data in transit by preventing eavesdropping and manipulation through man-in-the-middle attacks.

Remediation

To configure your Amazon OpenSearch Service domain endpoint to use the latest TLS security policy, refer to the Requiring HTTPS for Amazon OpenSearch Service Domains section of the Amazon OpenSearch Service Developer Guide.

PREVIEWING: rtrieu/product-analytics-ui-changes