top of page
ES.1
Elasticsearch domains should have encryption at-rest enabled
Severity
Cloud Platforms
Resources
Related Standards
Automated
MEDIUM
AWS
Amazon Elasticsearch
AWS Foundational Best Practice, AWS Foundational Technical Review, CIS v8, PCI DSS v3.2.1, CDR, ISO27001, SOC2, NIST CSF, NIST.800-53.r5,
This AWS control checks whether Elasticsearch domains have encryption at rest configuration enabled. This check fails if the EncryptionAtRestOptions field is not enabled.
bottom of page