# elasticsearch-encrypted-at-rest
<a name="elasticsearch-encrypted-at-rest"></a>

Checks if Amazon OpenSearch Service (previously called Elasticsearch) domains have encryption at rest configuration enabled. The rule is NON\$1COMPLIANT if the EncryptionAtRestOptions field is not enabled. 



**Identifier:** ELASTICSEARCH\$1ENCRYPTED\$1AT\$1REST

**Resource Types:** AWS::Elasticsearch::Domain

**Trigger type:** Periodic

**AWS Region:** All supported AWS regions

**Parameters:**

None  

## AWS CloudFormation template
<a name="w2aac20c16c17b7d753c19"></a>

To create AWS Config managed rules with AWS CloudFormation templates, see [Creating AWS Config Managed Rules With AWS CloudFormation Templates](aws-config-managed-rules-cloudformation-templates.md).