nino-filigran
commented
4 months ago @leetn00b thanks for your request. We're not sure yet if we'll tackle it, since we try to remain as much cloud agnostic as we can and supporting specific authentication method for each of their specific services can be cumbersome. As a result, we'll investigate the usage of serverless, the adoption of it in the community among other things before taking a firm decision.
Use case
Support the use of OpenSearch Serverless to decrease the complexity of scaling OpenCTI.
"Amazon OpenSearch Serverless is an on-demand serverless configuration for Amazon OpenSearch Service. Serverless removes the operational complexities of provisioning, configuring, and tuning your OpenSearch clusters."
Current Workaround
No workaround possible, there were many errors I ran into in testing, mainly in
src/database/engine.jsthat will need to be handled in order to support OpenSearch Serverless. Keep in mind that authentication to the OpenSearch Serverless endpoint is controlled via principal ARN in a data access policy, so no API key or username/password can be used, rather the ECS task role ARN is used and given access to various aoss:* permissions for the collection and it's indexes.