Checks whether disk encryption is enabled for the data nodes of an Elasticsearch instance.
Scenarios
Disk encryption stores data as ciphertext on disk. Data is automatically encrypted on write and decrypted on read, enhancing data storage security.
Risk level
Default risk level: Medium.
You can change the risk level of this rule as needed.
Detection logic
- Compliant: Disk encryption is enabled for the data nodes of the Elasticsearch instance.
- Non-compliant: Disk encryption is not enabled for the data nodes of the Elasticsearch instance. For more information, see Remediation.
Rule details
| Parameter | Description |
| Rule name | Disk encryption is enabled for data nodes of Elasticsearch instances |
| Rule identifier | elasticsearch-instance-enabled-data-node-encryption |
| Tags | Elasticsearch, Instance |
| Automatic remediation | Not supported |
| Trigger mechanism | Periodic Execution |
| Trigger frequency | 24 hours |
| Supported resource types | Elasticsearch instance |
| Input parameters | None |
Remediation
Enable disk encryption for the data nodes of the Elasticsearch instance. For more information, see Parameters on the purchase page.