AWS maps OpenSearch connectivity patterns

Part 2 of the AWS Big Data Blog series on OpenSearch Serverless was published March 24, 2026 and lists Ankush Goyal and Salman Ahmed as authors. (aws.amazon.com) The post prescribes a central networking account that maintains a self-managed private hosted zone (PHZ) populated with CNAME records that map each collection endpoint to the regional DNS name of that collection’s VPC endpoint. (aws.amazon.com) That PHZ is shared to consumer/spoke accounts using an Amazon Route 53 Profile and AWS Resource Access Manager (AWS RAM) so DNS records propagate without requiring each business unit to associate their PHZs with every consumer VPC. (aws.amazon.com) AWS calls out DNS fragmentation as the core operational problem—OpenSearch Serverless VPC endpoints create per-account private hosted zones that only resolve inside their owning VPCs, which prevents on‑prem and cross‑account consumers from resolving collection endpoints without extra DNS plumbing. (aws.amazon.com) The blog presents two concrete patterns: “Pattern 1” that routes on‑premises resolution through a Route 53 Resolver inbound endpoint in the central networking VPC, and “Pattern 2” that enables spoke-account resolution against the same central PHZ. (aws.amazon.com) Part 1 of the series (also published March 24, 2026) contrasts this distributed-DNS approach with a centralized model where a single account hosts multiple collections behind a shared interface VPC endpoint and uses Route 53 Profiles for DNS propagation. (aws.amazon.com) AWS published supporting artifacts and examples in its community repos and modules, including an opensearch-serverless common-usage-patterns GitHub repo and an AWS-IA Terraform module for OpenSearch Serverless infrastructure. (github.com)