Ensure that encryption of data at rest is enabled on Elasticsearch domains

The encryption of data at rest is a security feature that helps prevent unauthorized access to your data. When the feature is enabled, it encrypts sensitive information on your Elasticsearch domains and their storage systems such as Indices, Elasticsearch Logs, Swap files, automated snapshots and all other data in the application directory. The ElasticSearch at-rest encryption feature uses AWS KMS service to store and manage the encryption keys.