AWS Security ChangesHomeSearch

AWS opensearch-service documentation change

Service: opensearch-service · 2026-01-25 · Documentation low

File: opensearch-service/latest/developerguide/application-getting-started.md

Summary

Added new step for configuring encryption with customer managed keys (CMK)

Security assessment

Documents new encryption capability using customer-managed keys. Enhances security documentation but doesn't address a specific vulnerability.

Diff

diff --git a/opensearch-service/latest/developerguide/application-getting-started.md b/opensearch-service/latest/developerguide/application-getting-started.md
index fe95bf915..a8ad8a988 100644
--- a//opensearch-service/latest/developerguide/application-getting-started.md
+++ b//opensearch-service/latest/developerguide/application-getting-started.md
@@ -207 +207,3 @@ To grant administrator permissions to other users, choose one of the following:
-  7. (Optional) In the **Tags** area, apply one or more tag key name/value pairs to the application.
+  7. (Optional) Configure encryption settings. By default, OpenSearch UI metadata is encrypted with AWS owned keys. To use your own customer managed key (CMK) for encryption, see [Encrypting OpenSearch UI application metadata with customer managed keys](./application-encryption-cmk.html).
+
+  8. (Optional) In the **Tags** area, apply one or more tag key name/value pairs to the application.
@@ -211 +213 @@ Tags are optional metadata that you assign to a resource. Tags allow you to cate
-  8. Choose **Create**.
+  9. Choose **Create**.
@@ -529 +531 @@ Release history
-Enabling SAML federation with IAM
+Encryption and Customer Managed Key