Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

opensearch-serverless functionality to filter resources that are publicly accessible #9350

Open
areddyn opened this issue Mar 12, 2024 · 2 comments
Assignees

Comments

@areddyn
Copy link

areddyn commented Mar 12, 2024

Describe the feature

For opensearch-serverless service, I am looking for functionality to filter resources that are publicly accessible. this is currently missing.

Extra information or context

get-access-policy has the necessary attributes for this filter

https://docs.aws.amazon.com/cli/latest/reference/opensearchserverless/get-access-policy.html#get-access-policy

@PratMis PratMis self-assigned this Mar 13, 2024
@PratMis
Copy link
Collaborator

PratMis commented Mar 26, 2024

Is the goal to look at network security policy or data access policy
Afaics, the collections are encrypted by default and cannot be created without encryption. For the data to be accessible from outside the kms key would also have to be shared.
re: network security policy might make sense to look at to find out whether it is exposed to the internet or not? Would love some more clarity here. Thanks

@areddyn
Copy link
Author

areddyn commented Mar 27, 2024

When we try to create a collection from the UI

Access type
(You can configure the same or different network settings for your collection endpoint and its corresponding OpenSearch Dashboards endpoint.)

Access collections from
Public
VPC (recommended)

The goal is find out if the Access type (access collections is from Public or VPC)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

No branches or pull requests

2 participants