Amazon OpenSearch Service: Confused Deputy Prevention Update

AI Impact Summary

Amazon OpenSearch Service now supports using condition context keys in IAM resource policies to prevent the confused deputy problem, a critical security vulnerability. This update, effective with R20211203 or later software, requires careful configuration to avoid potential issues with data access and routing, particularly for cross-service traffic. Organizations should review their OpenSearch deployments and implement these condition keys to mitigate this risk.