About encryption at rest of a OpenSearch domain

Dengke · August 1, 2022, 5:17pm

I have a general question regarding the domain encryption. Currently, I know that it is an option to turn on the data encryption at rest and provide a KMS key ID when creating a OpenSearch domain.

Now I am dealing with a scenario which pushes me to explore using different KMS key IDs for different datasets (which will be indexed separately) in same domain. Does anyone know whether it is something in OpenSearch roadmap already or we don’t expect the support for that in near future.

nateynate · August 1, 2022, 9:56pm

Hi @Dengke - thanks for bringing your question here.

If you’re referring to the managed service, I don’t think there’s a roadmap that is publicly available.

However, OpenSearch the community-driven, Apache 2.0-licensed open source search and analytics suite has a roadmap that anyone can view and ask questions about available here:

I’ll see if I can find someone who can help you regardless.

Nate

Topic		Replies	Views
Ooensearch encryption/tokenization of data at rest Security feature-request	4	755	July 5, 2022
Encryption at Rest? Security feature-request	3	2416	February 23, 2022
What is the encryption at rest? Security discuss	3	443	February 16, 2023
Node level routing OpenDistro	1	268	February 7, 2023
Encrypted Repository Plugin for OpenSearch OpenDistro releases	1	526	February 7, 2023

About encryption at rest of a OpenSearch domain

Related topics