OpenSearch domain connections should be encrypted using the latest TLS security policy

opensearch
이 페이지는 아직 한국어로 제공되지 않으며 번역 작업 중입니다. 번역에 관한 질문이나 의견이 있으시면 언제든지 저희에게 연락해 주십시오.

Description

This control checks whether an Amazon OpenSearch Service domain endpoint is configured to use the latest TLS security policy, Policy-Min-TLS-1-2-PFS-2023-10. The control fails if the endpoint is not using this policy or if HTTPS is not enabled. Enforcing the latest version of TLS 1.2 helps secure data in transit by preventing eavesdropping and manipulation through man-in-the-middle attacks.

Remediation

To configure your Amazon OpenSearch Service domain endpoint to use the latest TLS security policy, refer to the Requiring HTTPS for Amazon OpenSearch Service Domains section of the Amazon OpenSearch Service Developer Guide.