Skip to main content

lacework-global-123

OpenSearch Domain should be in Virtual Private Cloud (VPC)

Description

OpenSearch should be placed in a VPC. This will enable more security to OpenSearch Domain with the help of subnets and security-groups. There is currently no way that to switch from Public Access to VPC Access.

Remediation

  1. Log in to the AWS Management Console.

  2. Click Services.

  3. Select OpenSearch.

  4. Click Create Domain.

  5. In the Network section, select VPC access, choose a VPC, Subnets, and Security groups.

  6. In a separate tab, follow steps 1-3.

  7. Select the OpenSearch domain that is shown as violated.

  8. Apply the settings from the violated OpenSearch domain to the newly created domain.

  9. Once completed, click delete to remove the violated OpenSearch domain.

  10. Repeat steps 1-9 for each violated OpenSearch domain.