Identify any publicly accessible AWS Elasticsearch domains and update their access policy in order to stop any unsigned requests made to these resources (ES clusters).
This rule can help you with the following compliance standards:
This rule can help you work with the AWS Well-Architected Framework
This rule resolution is part of the Cloud Conformity Security & Compliance tool for AWS
Allowing anonymous access to your ES domains is not recommended and is considered bad practice. To protect your domains against unauthorized access, Amazon ElasticSearch Service provides preconfigured access policies (resource-based, IP-based and IAM user/role-based policies) that you can customize as needed, as well as the ability to import access policies from other AWS ES domains.
To determine if your Elasticsearch domains are opened to the world, perform the following:
To block anonymous access to your Amazon ElasticSearch domains, perform the following actions: