VPC Security Controls
EC2 Security Controls
IAM Security Controls
S3 Security Controls
RDS Security Controls
OpenSearch/Elasticsearch Security Controls
EFS Security Controls
Route53 Security Controls
DynamoDB Security Controls
ECR Security Controls
EMR Security
Lambda Security
CloudFormation Security
CodeX Security Controls
CloudFront Security
AWS Certificate Manager (ACM) Security
Logging & Monitoring Configurations
Backups & DR
Billing and Cost ManagementA collection of AWS Security controls for Amazon OpenSearch (Formerly Amazon Elasticsearch). Controls include templates to provision Amazon OpenSearch domains, CloudWatch events and alarms for monitoring as well as Config rules. Configuration templates are available in AWS CloudFormation, AWS CLI and Terraform
Configuration template to provision an OpenSearch Domain (formerly Amazon Elasticsearch Domain), with settings such as VPC access, number of master and data nodes, encryption (at-rest and node-to-node), logging settings, and more.
A config rule that checks whether Amazon Elasticsearch Service (Amazon ES) domains have encryption at rest configuration enabled
A config rule that checks whether whether the ElasticSearch Domains are in VPC and not as a public endpoint
A Config rule that checks that Amazon ElasticSearch Service nodes are encrypted end to end. The rule is NON_COMPLIANT if the node-to-node encryption is disabled on the domain.
