An OpenSearch domain delete alarm triggers when an OpenSearch domain is deleted. This alarm can help prevent accidental deletion of critical OpenSearch domains.
When an OpenSearch domain is deleted, all the data and configurations associated with the domain are permanently removed. Therefore, it is important to ensure that the domain is not accidentally deleted. Here are the remediation steps to prevent OpenSearch domain deletion:
- Use AWS Identity and Access Management (IAM) to implement a policy that restricts domain deletion permissions to authorized users or roles only.
- Implement versioning for the OpenSearch domain to maintain a backup of the domain configuration and data.
- Create a backup policy to back up the OpenSearch domain data and configurations to a separate AWS S3 bucket or another location that is independent of the domain.
By implementing these steps, you can prevent accidental deletion of OpenSearch domains and ensure that the domain data and configurations are always backed up and secured.
Note: Remediation steps provided by Lightlytics are meant to be suggestions and guidelines only. It is crucial to thoroughly verify and test any remediation steps before applying them to production environments. Each organization's infrastructure and security needs may differ, and blindly applying suggested remediation steps without proper testing could potentially cause unforeseen issues or vulnerabilities. Therefore, it is strongly recommended that you validate and customize any remediation steps to meet your organization's specific requirements and ensure that they align with your security policies and best practices.
