- 필수 기능
- 시작하기
- Glossary
- 표준 속성
- Guides
- Agent
- 통합
- 개방형텔레메트리
- 개발자
- API
- Datadog Mobile App
- CoScreen
- Cloudcraft
- 앱 내
- 서비스 관리
- 인프라스트럭처
- 애플리케이션 성능
- APM
- Continuous Profiler
- 스팬 시각화
- 데이터 스트림 모니터링
- 데이터 작업 모니터링
- 디지털 경험
- 소프트웨어 제공
- 보안
- AI Observability
- 로그 관리
- 관리
This control verifies if node-to-node encryption is enabled for an Elasticsearch domain. The control will not pass if the Elasticsearch domain lacks node-to-node encryption. Additionally, it will generate failed findings if the Elasticsearch version does not support node-to-node encryption checks.
Using HTTPS (TLS) is recommended to prevent attackers from intercepting or altering network traffic through person-in-the-middle or similar attacks. Only encrypted connections via HTTPS (TLS) should be permitted. Enabling node-to-node encryption for Elasticsearch domains ensures that communication within the cluster is encrypted during transit.
There may be performance costs associated with this configuration. It is advisable to be aware of and evaluate the performance trade-offs before enabling this feature.
For details on how to enable node-to-node encryption for both new and existing domains, refer to the section Enabling node-to-node encryption in the Amazon OpenSearch Service Developer Guide.