Allowing unrestricted, public access to cloud services could open an application up to external attack. Disallowing this access is typically considered best practice.
AWS OpenSearch (formerly ElasticSearch) can be configured to use IAM policies similar to most other Amazon services. To learn more about how to configure IAM policies to use with OpenSearch, see the AWS documentation (below).
In Terraform -
References:
https://docs.aws.amazon.com/opensearch-service/latest/developerguide/ac-managed.html
https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/elasticsearch_domain