top of page

ES.1

Elasticsearch domains should have encryption at-rest enabled

Severity

Cloud Platforms

Resources

Related Standards

Automated

MEDIUM

AWS

Amazon Elasticsearch

AWS Foundational Best Practice, AWS Foundational Technical Review, CIS v8, PCI DSS v3.2.1, CDR, ISO27001, SOC2, NIST CSF, NIST.800-53.r5,

This AWS control checks whether Elasticsearch domains have encryption at rest configuration enabled. This check fails if the EncryptionAtRestOptions field is not enabled.

bottom of page