All Products
Search
Document Center

Cloud Config:elasticsearch-instance-used-https-protocol

Last Updated:Jun 23, 2026

An Elasticsearch cluster that has HTTPS enabled is evaluated as Compliant.

Scenarios

Use this rule to verify that HTTPS is enabled for Elasticsearch clusters, improving data security, integrity, and compliance.

Risk level

Default risk level: medium.

You can change the risk level based on your business requirements when you apply this rule.

Compliance evaluation logic

  • If HTTPS is enabled for an Elasticsearch cluster, the evaluation result is Compliant.

  • If HTTPS is not enabled for an Elasticsearch cluster, the evaluation result is Non-compliant.

Rule details

Item

Description

Rule name

elasticsearch-instance-used-https-protocol

Rule identifier

elasticsearch-instance-used-https-protocol

Tag

Elasticsearch and Instance

Automatic remediation

Not supported

Trigger type

Periodic execution

Evaluation frequency

Every 24 hours

Supported resource type

Elasticsearch cluster

Input parameter

None

Non-compliance remediation

Enable HTTPS for the Elasticsearch cluster and use HTTP over SSL to secure data transmission. For more information, see Enable HTTPS.