OpenSearch Domain Has Internal User Database Disabled

Overview

Check whether Amazon OpenSearch Service domains have activated the internal user database. The Internal User Database serves well for demonstrations; for operational environments, prefer the adoption of Federated authentication. Transition from utilizing the internal user database by eliminating its users and transitioning to the utilization of Amazon Cognito for this purpose.

Vendor

AWS

Cloud Service

OpenSearch

References

https://docs.aws.amazon.com/opensearch-service/latest/developerguide/fgac.html#:~:text=with%20OpenSearch%20Service.-,Enabling%20fine%2Dgrained%20access%20control,-Enable%20fine%2Dgrained, https://docs.aws.amazon.com/opensearch-service/latest/APIReference/API_AdvancedSecurityOptions.html

Severity

Item Types

AWS::OpenSearch::Domain

Overview​

Vendor​

Cloud Service​

References​

Severity​

Item Types​