You should ensure your Elasticsearch data is encrypted at rest to help prevent sensitive information from being read by unauthorised users.
Data will be readable if compromised
Enable ElasticSearch domain encryption
The following example will fail the aws-elastic-service-enable-domain-encryption check.
The following example will pass the aws-elastic-service-enable-domain-encryption check.