AWS opensearch-service documentation change
Summary
Added note about IAM authentication requirement for DirectQuery in Discover
Security assessment
Documents authentication requirements for a security-sensitive feature (DirectQuery) but doesn't address a specific vulnerability. Adds security-related documentation about access controls.
Diff
diff --git a/opensearch-service/latest/developerguide/direct-query-security-lake-configure.md b/opensearch-service/latest/developerguide/direct-query-security-lake-configure.md index 73dac1175..70ce47455 100644 --- a//opensearch-service/latest/developerguide/direct-query-security-lake-configure.md +++ b//opensearch-service/latest/developerguide/direct-query-security-lake-configure.md @@ -12,0 +13,4 @@ Now that you've created your data source, you can set it up in OpenSearch Dashbo +###### Note + +DirectQuery in Discover is only supported when logging into the OpenSearch UI application with IAM authentication. IAM Identity Center (IAM Identity Center) is not supported for DirectQuery. Since DirectQuery Security Lake can only be used from Discover, customers using IAM Identity Center cannot use DirectQuery Security Lake. +