AWS Misconfigurations
Elastic Search Audit
Checks performed
- Elastic Cache Encrypted at Rest and in Transit
- Elastic Cache Encrypted at Rest and in Transit
- Elasticache RBAC Authentication Enabled
- Elasticache Clusters Automatic Backup Enabled
- Elasticache Automatic Failover Enabled
- Auth Enabled for ElastiCache Replication Groups
- Elasticsearch Cluster Status Should Be Healthy
- Elasticsearch Domains Should Not Allow Cross Account Access
- Elasticsearch Clusters Should Have Dedicated Master Enabled
- Elasticsearch Should Use The Desired Instance Type
- Elasticsearch Domains Should Not Be Publicly Exposed
- ElasticSearch Domains Should Be Encrypted
- Elasticsearch Domain Should Be Encrypted with KMS CMKs
- Elasticsearch Should Have Free Storage Space
- Elasticsearch Should Use General Purpose SSD
- ElasticSearch Should Use HTTPS Only
- Elasticsearch Clusters Should Not Be Idle
- Elasticsearch Instance Count
- ElasticSearch Domains Should Use The Latest Service Software
- ElasticSearch Should Have Logging Enabled
- ElasticSearch Domains Should Have Node To Node Encryption
- ElasticSearch Domains Should Be Launched With Private VPC Endpoints
- Elasticsearch Reserved Instance Lease Expiration In The Next 7 Days
- Elasticsearch Reserved Instance Lease Expiration In The Next 30 Days
- Elasticsearch Reserved Instance Should Not Have Status - Payment Failed
- Elasticsearch Reserved Instance Should Not Have Status - Payment Pending
- Elasticsearch Reserved Instance Recent Purchases Should Be Reviewed
- ElasticSearch Domains Should Use The Latest Service Software
- Elasticsearch Domains Should Be Accessible Only From Whitelisted IP Addresses
- Elasticsearch Should Have Zone Awareness Enabled