AWS Elasticsearch should not be publicly accessible from the internet to protect data from unauthorized user access, data loss and possible leakage of sensitive data.
- Make necessary changes to the access control policy and security groups to make the ES endpoint private.
- Allow only a specific list of IP addresses.
- Once the ElasticSearch endpoint is not publicly accessible Bridgecrew will automatically close the issue.
- You can also request exception from the policy violation details page.
- SecOps will review and involve DSO if required and grant exception; Bridgecrew will automatically ignore this resource until the expiry of exception.
Updated over 1 year ago