AwsOpenSearchService resources in ASFF
The following are examples of the AWS Security Finding Format (ASFF) syntax for AwsOpenSearchService
resources.
AWS Security Hub normalizes findings from various sources into ASFF. For background information about ASFF, see AWS Security Finding Format (ASFF).
AwsOpenSearchServiceDomain
The AwsOpenSearchServiceDomain
object contains information about an
Amazon OpenSearch Service domain.
The following example shows the AWS Security Finding Format (ASFF) for the
AwsOpenSearchServiceDomain
object. To view descriptions of
AwsOpenSearchServiceDomain
attributes, see AwsOpenSearchServiceDomainDetails in the
AWS Security Hub API Reference.
Example
"AwsOpenSearchServiceDomain": { "AccessPolicies": "IAM_Id", "AdvancedSecurityOptions": { "Enabled": true, "InternalUserDatabaseEnabled": true, "MasterUserOptions": { "MasterUserArn": "arn:aws:iam::123456789012:user/third-master-use", "MasterUserName": "third-master-use", "MasterUserPassword": "some-password" } }, "Arn": "arn:aws:Opensearch:us-east-1:111122223333:somedomain", "ClusterConfig": { "InstanceType": "c5.large.search", "InstanceCount": 1, "DedicatedMasterEnabled": true, "ZoneAwarenessEnabled": false, "ZoneAwarenessConfig": { "AvailabilityZoneCount": 2 }, "DedicatedMasterType": "c5.large.search", "DedicatedMasterCount": 3, "WarmEnabled": true, "WarmCount": 3, "WarmType": "ultrawarm1.large.search" }, "DomainEndpoint": "https://es-2021-06-23t17-04-qowmgghud5vofgb5e4wmi.eu-central-1.es.amazonaws.com", "DomainEndpointOptions": { "EnforceHTTPS": false, "TLSSecurityPolicy": "Policy-Min-TLS-1-0-2019-07", "CustomEndpointCertificateArn": "arn:aws:acm:us-east-1:111122223333:certificate/bda1bff1-79c0-49d0-abe6-50a15a7477d4", "CustomEndpointEnabled": true, "CustomEndpoint": "example.com" }, "DomainEndpoints": { "vpc": "vpc-endpoint-h2dsd34efgyghrtguk5gt6j2foh4.us-east-1.es.amazonaws.com" }, "DomainName": "my-domain", "EncryptionAtRestOptions": { "Enabled": false, "KmsKeyId": "1a2a3a4-1a2a-3a4a-5a6a-1a2a3a4a5a6a" }, "EngineVersion": "7.1", "Id": "123456789012", "LogPublishingOptions": { "IndexSlowLogs": { "CloudWatchLogsLogGroupArn": "arn:aws:logs:us-east-1:111122223333:log-group:/aws/aes/domains/es-index-slow-logs", "Enabled": true }, "SearchSlowLogs": { "CloudWatchLogsLogGroupArn": "arn:aws:logs:us-east-1:111122223333:log-group:/aws/aes/domains/es-slow-logs", "Enabled": true }, "AuditLogs": { "CloudWatchLogsLogGroupArn": "arn:aws:logs:us-east-1:111122223333:log-group:/aws/aes/domains/es-slow-logs", "Enabled": true } }, "NodeToNodeEncryptionOptions": { "Enabled": true }, "ServiceSoftwareOptions": { "AutomatedUpdateDate": "2022-04-28T14:08:37.000Z", "Cancellable": false, "CurrentVersion": "R20210331", "Description": "There is no software update available for this domain.", "NewVersion": "OpenSearch_1.0", "UpdateAvailable": false, "UpdateStatus": "COMPLETED", "OptionalDeployment": false }, "VpcOptions": { "SecurityGroupIds": [ "sg-2a3a4a5a" ], "SubnetIds": [ "subnet-1a2a3a4a" ], } }