# elasticsearch-encrypted-at-rest
<a name="elasticsearch-encrypted-at-rest"></a>

Checks if Amazon OpenSearch Service (previously called Elasticsearch) domains have encryption at rest configuration enabled. The rule is NON\$1COMPLIANT if the EncryptionAtRestOptions field is not enabled. 



**Identifier:** ELASTICSEARCH\$1ENCRYPTED\$1AT\$1REST

**Resource Types:** AWS::Elasticsearch::Domain

**Trigger type:** Periodic

**Amazon Web Services Region:** All supported Amazon regions

**Parameters:**

None  

## Amazon CloudFormation template
<a name="w2aac20c16c17b7d753c19"></a>

To create Amazon Config managed rules with Amazon CloudFormation templates, see [Creating Amazon Config Managed Rules With Amazon CloudFormation Templates](aws-config-managed-rules-cloudformation-templates.md).