AWS Elasticsearch
Best practices and references below are based on published guidance from the cloud service provider and may reference native capabilities the cloud service provider offers. If you are not using the native security capabilities, the same security requirement can be met using other security capabilities your organization utilizes
Design Guidance:
Access Policies | ||
Advanced Security Options-Enabled | ||
Cognito Options-Role Arn |
Design Guidance:
Advanced Security Options-Internal User Database Enabled | ||
Master User Options-Master User Arn | ||
Master User Options-Master User Name | ||
Master User Options-Master User Password | ||
Cognito Options-Enabled | ||
Cognito Options-Identity Pool Id | ||
Cognito Options-User Pool Id |
SAMLoptions-Enabled | |
Idp-Entity Id | |
Idp-Metadata Content | |
SAMLoptions-Subject Key |
Design Guidance:
Domain Endpoint Options-Enforce HTTPS | ||
Node To Node Encryption Options-Enabled | ||
Domain Endpoint Options-TLSsecurity Policy |
Design Guidance:
Ebsoptions-Ebsenabled | ||
Ebsoptions-Iops | ||
Ebsoptions-Volume Size | ||
Ebsoptions-Volume Type | ||
Zone Awareness Config-Availability Zone Count |