Checks whether the disk encryption feature is enabled for the data nodes of each Elasticsearch instance. If so, the evaluation result is Compliant.

Scenarios

This rule applies when you need to store data as ciphertext on disks. This way, the system automatically encrypts data when the data is written to the disk and decrypts data when the data is read from the disk. This helps improve the security of data storage.

Risk level

Default risk level: medium.

When you configure this rule, you can change the risk level based on your business requirements.

Compliance evaluation logic

  • If the disk encryption feature is enabled for the data nodes of each Elasticsearch instance, the evaluation result is Compliant.
  • If the disk encryption feature is disabled for the data nodes of an Elasticsearch instance, the evaluation result is Incompliant.

Rule details

ItemDescription
Rule nameelasticsearch-instance-enabled-data-node-encryption
Rule identifierelasticsearch-instance-enabled-data-node-encryption
TagElasticsearch and Instance
Automatic remediationNot supported
Trigger typePeriodic execution
Evaluation frequencyInterval of 24 hours
Supported resource typeElasticsearch instances
Input parameterNone