Query: Elasticsearch domain node-to-node encryption should be enabled

Description

Ensure node-to-node encryption for AWS Elasticsearch Service is enabled. Node-to-node encryption enables TLS 1.2 encryption for all communications within the AWS Virtual Private Cloud (AWS VPC).

Query

Tables used in this query:

• aws_elasticsearch_domain

Controls using this query:

• 3 Amazon Elasticsearch Service domains should encrypt data sent between nodes
• Elasticsearch domain node-to-node encryption should be enabled

SQL