An Elasticsearch cluster that has HTTPS enabled is evaluated as Compliant.
Scenarios
Use this rule to verify that HTTPS is enabled for Elasticsearch clusters, improving data security, integrity, and compliance.
Risk level
Default risk level: medium.
You can change the risk level based on your business requirements when you apply this rule.
Compliance evaluation logic
-
If HTTPS is enabled for an Elasticsearch cluster, the evaluation result is Compliant.
-
If HTTPS is not enabled for an Elasticsearch cluster, the evaluation result is Non-compliant.
Rule details
|
Item |
Description |
|
Rule name |
elasticsearch-instance-used-https-protocol |
|
Rule identifier |
|
|
Tag |
Elasticsearch and Instance |
|
Automatic remediation |
Not supported |
|
Trigger type |
Periodic execution |
|
Evaluation frequency |
Every 24 hours |
|
Supported resource type |
Elasticsearch cluster |
|
Input parameter |
None |
Non-compliance remediation
Enable HTTPS for the Elasticsearch cluster and use HTTP over SSL to secure data transmission. For more information, see Enable HTTPS.