Control: AWS > NIST 800-53 > Elasticsearch > ES domain encryption at rest should be enabled

Because sensitive data can exist and to help protect data at rest, ensure encryption is enabled for your Amazon Elasticsearch Service (Amazon ES) domains

Resource Types

This control targets the following resource types:

AWS > Elasticsearch > Domain

In Your Workspace

Controls by Resource report
Controls by Control Type report

Developers

Control Type URI

tmod:@turbot/aws-nist-800-53#/control/types/esDomainEncryptionAtRestEnabled

Category URI

tmod:@turbot/turbot#/control/categories/complianceNist80053

GraphQL

query controlType(id: "tmod:@turbot/aws-nist-800-53#/control/types/esDomainEncryptionAtRestEnabled") { … }

query controls(filter: "controlTypeId:'tmod:@turbot/aws-nist-800-53#/control/types/esDomainEncryptionAtRestEnabled'") { … }

CLI

Get Controls

turbot graphql controls --filter "controlTypeId:tmod:@turbot/aws-nist-800-53#/control/types/esDomainEncryptionAtRestEnabled"