github.com/khulnasoft-lab/defsec@v1.0.5-0.20230827010352-5e9f46893d95/avd_docs/aws/elasticsearch/AVD-AWS-0126/CloudFormation.md

github.com/khulnasoft-lab/defsec@v1.0.5-0.20230827010352-5e9f46893d95/avd_docs/aws/elasticsearch/AVD-AWS-0126/CloudFormation.md (about)

     1  
     2  Use the most modern TLS/SSL policies available
     3  
     4  ```yaml---
     5  Resources:
     6    GoodExample:
     7      Type: AWS::Elasticsearch::Domain
     8      Properties:
     9        DomainName: 'test'
    10        ElasticsearchVersion: '7.10'
    11        DomainEndpointOptions:
    12          TLSSecurityPolicy: Policy-Min-TLS-1-2-2019-07
    13        EncryptionAtRestOptions:
    14          Enabled: true
    15          KmsKeyId: alias/kmskey
    16        ElasticsearchClusterConfig:
    17          DedicatedMasterEnabled: true
    18          InstanceCount: '2'
    19          ZoneAwarenessEnabled: true
    20          InstanceType: 'm3.medium.elasticsearch'
    21          DedicatedMasterType: 'm3.medium.elasticsearch'
    22          DedicatedMasterCount: '3'
    23        EBSOptions:
    24          EBSEnabled: true
    25          Iops: '0'
    26          VolumeSize: '20'
    27          VolumeType: 'gp2'
    28  
    29  ```
    30  
    31