elasticsearch-encrypted-at-rest
Checks if Amazon OpenSearch Service (previously called Elasticsearch) domains have encryption at rest configuration enabled. The rule is NON_COMPLIANT if the EncryptionAtRestOptions field is not enabled.
Identifier: ELASTICSEARCH_ENCRYPTED_AT_REST
Resource Types: AWS::Elasticsearch::Domain
Trigger type: Periodic
Amazon Web Services Region: All supported Amazon regions
Parameters:
- None
Amazon CloudFormation template
To create Amazon Config managed rules with Amazon CloudFormation templates, see Creating Amazon Config Managed Rules With Amazon CloudFormation Templates.