Skip to main content

🔌 AWS OpenSearch Domain - object.extracts.yaml

  • Contextual name: 🔌 object.extracts.yaml
  • ID: /types/CA10__CaAwsElasticsearchDomain__c/object.extracts.yaml

Used In

LogicPolicyFlags
🧠 prod.logic.yaml🟢🛡️ AWS OpenSearch Domain audit logging is not enabled🟢🟢 x3
🧠 prod.logic.yaml🟢🛡️ AWS OpenSearch Domain Dedicated Master Count is fewer than three🟢🟢 x3
🧠 prod.logic.yaml🟢🛡️ AWS OpenSearch Domain error logging is not enabled🟢🟢 x3
🧠 prod.logic.yaml🟢🛡️ AWS OpenSearch Domain fine-grained access control is not enabled🟢🟢 x3
🧠 prod.logic.yaml🟢🛡️ AWS OpenSearch Domain has a public endpoint🟢🟢 x3
🧠 prod.logic.yaml🟢🛡️ AWS OpenSearch Domain is not encrypted at rest🟢🟢 x3
🧠 prod.logic.yaml🟢🛡️ AWS OpenSearch Domain is not encrypted with the latest TLS policy🟢🟢 x3
🧠 prod.logic.yaml🟢🛡️ AWS OpenSearch Domain Instance Count is fewer than three🟢🟢 x3
🧠 prod.logic.yaml🟢🛡️ AWS OpenSearch Domain latest Service Software Update is not installed🟢🟢 x3
🧠 prod.logic.yaml🟢🛡️ AWS OpenSearch Domain Node To Node Encryption is not enabled🟢🟢 x3

Content

Open File

---
extracts:
# Values: true | false (TEXT). Not nullable. Can't have no access retrieved via es:DescribeDomains
  - name: "CA10__created__c"
    value:
      FIELD:
        path: "CA10__created__c"
# Values: true | false (TEXT). Not nullable. Can't have no access retrieved via es:DescribeDomains
  - name: "CA10__serviceSoftwareUpdateAvailable__c"
    value:
      FIELD:
        path: "CA10__serviceSoftwareUpdateAvailable__c"
        undeterminedIf:
          isEmpty: "The service software update status is not populated in the CMDB."
# Values: true | false (TEXT). Not nullable. Can't have no access retrieved via es:DescribeDomains
  - name: "CA10__advancedSecurityEnabled__c"
    value:
      FIELD:
        path: "CA10__advancedSecurityEnabled__c"
        undeterminedIf:
          isEmpty: "The fine-grained access control setting is not populated in the CMDB."
# Checkbox
  - name: "CA10__encryptionAtRestEnabled__c"
    value:
      FIELD:
        path: "CA10__encryptionAtRestEnabled__c"
# Nullable. Can't have no access retrieved via es:DescribeDomains
  - name: "CA10__endpoint__c"
    value:
      FIELD:
        path: "CA10__endpoint__c"
# Nullable. Can't have no access retrieved via es:DescribeDomains
  - name: "CA10__vpcEndpoints__c"
    value:
      FIELD:
        path: "CA10__vpcEndpoints__c"
# Checkbox
  - name: "CA10__nodeToNodeEncryptionEnabled__c"
    value:
      FIELD:
        path: "CA10__nodeToNodeEncryptionEnabled__c"
# Nullable. Can't have no access retrieved via es:DescribeDomains
  - name: "CA10__logPublishingOptionsJson__c"
    value:
      FIELD:
        returnType: "BYTES"
        path: "CA10__logPublishingOptionsJson__c"
  - name: "caJsonFrom__logPublishingOptionsJson__c"
    value:
      JSON_FROM:
        arg:
          EXTRACT: "CA10__logPublishingOptionsJson__c"
        undeterminedIf:
          isInvalid: "Log Publishing Options JSON is invalid."
# Not nullable. Can't have no access retrieved via es:DescribeDomains
  - name: "CA10__clusterConfigInstanceCount__c"
    value:
      FIELD:
        path: "CA10__clusterConfigInstanceCount__c"
# Not nullable. Can't have no access retrieved via es:DescribeDomains
  - name: "CA10__clusterConfigZoneAwarenessEnabled__c"
    value:
      FIELD:
        path: "CA10__clusterConfigZoneAwarenessEnabled__c"
# Nullable. Can't have no access retrieved via es:DescribeDomains
  - name: "CA10__clusterConfigDedicatedMasterEnabled__c"
    value:
      FIELD:
        path: "CA10__clusterConfigDedicatedMasterEnabled__c"
# Nullable. Can't have no access retrieved via es:DescribeDomains
  - name: "CA10__clusterConfigDedicatedMasterCount__c"
    value:
      FIELD:
        path: "CA10__clusterConfigDedicatedMasterCount__c"
# Nullable. Can't have no access retrieved via es:DescribeDomains
  - name: "CA10__endpointOptionsEnforceHttps__c"
    value:
      FIELD:
        path: "CA10__endpointOptionsEnforceHttps__c"
# Nullable. Can't have no access retrieved via es:DescribeDomains
  - name: "CA10__endpointOptionsTlsSecurityPolicy__c"
    value:
      FIELD:
        path: "CA10__endpointOptionsTlsSecurityPolicy__c"