2025 11 18

AWS – Amazon OpenSearch Serverless now adds audit logs for data plane APIs

Amazon OpenSearch Serverless now supports detailed audit logging of data plane requests via AWS CloudTrail. This feature enables customers to record user actions on their collections, helping meet compliance regulations, improve security posture, and provide evidence for security investigations. Customers can now track user activities such as authorization attempts, index modifications, and search queries.

Customers can use CloudTrail to configure filters for OpenSearch Serverless collections with read-only and write-only options, or use advanced event selectors for more granular control over logged data events. All OpenSearch Serverless data events are delivered to an Amazon S3 bucket and optionally to Amazon CloudWatch Events, creating a comprehensive audit trail. This enhanced visibility into when and who made API calls helps security and operations teams monitor data access and respond to events in real-time.

Once configured with CloudTrail, audit logs will be continuously streamed with no additional customer action required. Audit Logs will be continuously streamed to CloudTrail and can be further analyzed there.

Please refer to the AWS Regional Services List for more information about Amazon OpenSearch Service availability. To learn more about OpenSearch Serverless, see the documentation.

AWS – Amazon OpenSearch Serverless now adds audit logs for data plane APIs

Related Posts

AWS – Amazon EC2 P6-B300 instances with NVIDIA Blackwell Ultra GPUs are now available

AWS – EC2 Auto Scaling now offers a synchronous API to launch instances inside an Auto Scaling group

AWS – Amazon Bedrock introduces Priority and Flex inference service tiers