lacework-global-124
OpenSearch Domain should have Encryption At Rest enabled
Description
OpenSearch Domain can contain important data that should not be accessible to unauthorized users. Encrypting the data can provide an extra level of security to the data in OpenSearch domain.
Remediation
Log in to the AWS Management Console.
Click Services.
Select OpenSearch.
Select the OpenSearch domain that is shown as violated.
Select the Security configuration tab.
Click Edit.
Under Encryption, select Enable encryption of data at rest.
Choose an AWS KMS key.
Click Save changes.