Control: AWS > NIST 800-53 > Elasticsearch > Elasticsearch domain node-to-node encryption should be enabled

Ensure node-to-node encryption for Amazon Elasticsearch Service is enabled. Node-to-node encryption enables TLS 1.2 encryption for all communications within the Amazon Virtual Private Cloud (Amazon VPC).

Resource Types

This control targets the following resource types:

AWS > Elasticsearch > Domain

In Your Workspace

Developers

Control Type URI

tmod:@turbot/aws-nist-800-53#/control/types/esDomainNodeToNodeEncryptionEnabled

Category URI

tmod:@turbot/turbot#/control/categories/complianceNist80053

GraphQL

query controlType(id: "tmod:@turbot/aws-nist-800-53#/control/types/esDomainNodeToNodeEncryptionEnabled") { … }

query controls(filter: "controlTypeId:'tmod:@turbot/aws-nist-800-53#/control/types/esDomainNodeToNodeEncryptionEnabled'") { … }

CLI

Get Controls

turbot graphql controls --filter "controlTypeId:tmod:@turbot/aws-nist-800-53#/control/types/esDomainNodeToNodeEncryptionEnabled"