Aqua CSPM

ElasticSearch IAM Authentication

Quick Info

Plugin TitleElasticSearch IAM Authentication
CloudAWS
CategoryES
DescriptionEnsures ElasticSearch domains require IAM Authentication
More InfoElasticSearch domains can allow access without IAM authentication by having a policy that does not specify the principal or has a wildcard principal
AWS Linkhttps://docs.aws.amazon.com/elasticsearch-service/latest/developerguide/es-ac.html
Recommended ActionConfigure the ElasticSearch domain to have an access policy without a global principal or no principal

Detailed Remediation Steps