All Products
Search
Document Center

Cloud Config:Enable disk encryption for elastic data nodes of Elasticsearch instances

Last Updated:Jun 22, 2026

Checks that disk encryption is enabled for elastic data nodes of Elasticsearch instances. Instances without elastic data nodes are evaluated as not applicable.

Risk level

The default risk level is Medium.

You can change the risk level based on your business requirements.

Detection logic

  • An Elasticsearch instance is compliant if disk encryption is enabled for its elastic data nodes. This rule does not apply to Elasticsearch instances that do not have elastic data nodes.

Rule details

Parameter

Description

Rule name

Enable disk encryption for elastic data nodes of Elasticsearch instances

Rule identifier

elasticsearch-instance-enabled-node-config-disk-encryption

Tag

Elasticsearch

Automatic remediation

Not supported

Rule trigger

Configuration change

Supported resource types

ACS::Elasticsearch::Instance

Input parameters

None

Remediation

To remediate a non-compliant resource, see ES instance node configurations.