ElasticSearch Not Encrypted At Rest
- Query id: 24e16922-4330-4e9d-be8a-caa90299466a
- Query name: ElasticSearch Not Encrypted At Rest
- Platform: Terraform
- Severity: High
- Category: Encryption
- CWE: 311
- URL: Github
Description¶
Check if ElasticSearch encryption is disabled at Rest
Documentation
Code samples¶
Code samples with security vulnerabilities¶
Positive test num. 1 - tf file
resource "aws_elasticsearch_domain" "positive1" {
domain_name = "example"
elasticsearch_version = "1.5"
}
resource "aws_elasticsearch_domain" "positive2" {
domain_name = "example"
elasticsearch_version = "1.5"
encrypt_at_rest {
enabled = false
}
}