opensearch-https-required
Checks whether connections to OpenSearch domains are using HTTPS. The rule is NON_COMPLIANT if the Amazon OpenSearch domain 'EnforceHTTPS' is not 'true' or is 'true' and 'TLSSecurityPolicy' is not in 'tlsPolicies
'.
Identifier: OPENSEARCH_HTTPS_REQUIRED
Resource Types: AWS::OpenSearch::Domain
Trigger type: Configuration changes
AWS Region: All supported AWS regions
Parameters:
- tlsPolicies (Optional)
- Type: CSV
-
Comma-separated list of TLS security policies to check against the Amazon OpensSearch domain.
AWS CloudFormation template
To create AWS Config managed rules with AWS CloudFormation templates, see Creating AWS Config Managed Rules With AWS CloudFormation Templates.