Prerequisites Create a FIPS-compliant VPC endpoint for OpenSearch Serverless

Create FIPS-compliant VPC endpoints for OpenSearch Serverless

When you create a VPC endpoint for OpenSearch Serverless, you can configure it to use FIPS-compliant cryptographic algorithms. This section describes how to create and configure FIPS-compliant VPC endpoints for OpenSearch Serverless.

Prerequisites

Before you begin, make sure that you have an AWS account with appropriate permissions to create Amazon VPC endpoints, an Amazon VPC where you want to create the endpoint, subnets within the Amazon VPC where the endpoint will be available, and security groups that allow traffic to and from the endpoint.

Create a FIPS-compliant VPC endpoint for OpenSearch Serverless

To create a FIPS-compliant VPC endpoint

Sign in to the AWS Management Console and open the Amazon VPC console at https://console.aws.amazon.com/vpc/.
In the navigation pane, choose Endpoints.
Choose Create endpoint.
For Service category, choose AWS services.
In the Service Name search box, enter opensearchserverless and select the FIPS endpoint option with the following format: com.amazonaws.region.aoss-fips

For example: com.amazonaws.us-east-1.aoss-fips
Choose the Amazon VPC where you want to create the endpoint.
Select the subnets where you want to create endpoint network interfaces.
For Security groups, select the security groups to associate with the endpoint network interfaces.
For Policy, you can choose Full access to allow all operations by all principals on all resources through this endpoint, or choose Custom to attach a custom endpoint policy that restricts access.
Choose Create endpoint.

Warning Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Document Conventions

FIPS compliance

Troubleshoot FIPS Private Hosted Zones