opensearch-https-required - AWS Config

opensearch-https-required

Checks whether connections to OpenSearch domains are using HTTPS. The rule is NON_COMPLIANT if the Amazon OpenSearch domain 'EnforceHTTPS' is not 'true' or is 'true' and 'TLSSecurityPolicy' is not in 'tlsPolicies'.

Identifier: OPENSEARCH_HTTPS_REQUIRED

Resource Types: AWS::OpenSearch::Domain

Trigger type: Configuration changes

AWS Region: All supported AWS regions

Parameters:

tlsPolicies (Optional)
Type: CSV

Comma-separated list of TLS security policies to check against the Amazon OpensSearch domain.

AWS CloudFormation template

To create AWS Config managed rules with AWS CloudFormation templates, see Creating AWS Config Managed Rules With AWS CloudFormation Templates.