https://avd.aquasec.com/misconfig/aws/es/elasticsearch-iam-authentication/