Checks whether the disk encryption feature is enabled for the data nodes of each Elasticsearch instance. If so, the evaluation result is Compliant.
Scenarios
This rule applies when you need to store data as ciphertext on disks. This way, the system automatically encrypts data when the data is written to the disk and decrypts data when the data is read from the disk. This helps improve the security of data storage.
Risk level
Default risk level: medium.
When you configure this rule, you can change the risk level based on your business requirements.
Compliance evaluation logic
- If the disk encryption feature is enabled for the data nodes of each Elasticsearch instance, the evaluation result is Compliant.
- If the disk encryption feature is disabled for the data nodes of an Elasticsearch instance, the evaluation result is Incompliant.
Rule details
| Item | Description |
|---|---|
| Rule name | elasticsearch-instance-enabled-data-node-encryption |
| Rule identifier | elasticsearch-instance-enabled-data-node-encryption |
| Tag | Elasticsearch and Instance |
| Automatic remediation | Not supported |
| Trigger type | Periodic execution |
| Evaluation frequency | Interval of 24 hours |
| Supported resource type | Elasticsearch instances |
| Input parameter | None |