AWS OpenSearch Terraform module
Upstream version 2.9.0
6 controls from NIST SP 800-171 Rev 2 requirements
Terraform Module Source
nist800171.compliance.tf/terraform-aws-modules/opensearch/awsLog group retention period should be at least 365 days
cloudwatch_log_group_retention_period_365
Framework requirement
Log group encryption at rest should be enabled
log_group_encryption_at_rest_enabled
Framework requirement
OpenSearch domains should have encryption at rest enabled
opensearch_domain_encryption_at_rest_enabled
Framework requirement
OpenSearch domains should be in a VPC
opensearch_domain_in_vpc
Framework requirement
OpenSearch domains node-to-node encryption should be enabled
opensearch_domain_node_to_node_encryption_enabled
Framework requirement
VPC Security groups should only allow unrestricted incoming traffic for authorized ports
vpc_security_group_allows_ingress_authorized_ports3.13.1
Framework requirement