AWS GovCloud (US)
User Guide

Amazon Elasticsearch Service

The following list details the differences for using this service in the AWS GovCloud (US) Region compared to other AWS regions:

  • The Amazon Elasticsearch Service endpoint does not yet support FIPS 140-2.

For more information about Amazon Elasticsearch Service, see the documentation.

ITAR Boundary

The ITAR boundary defines where customers are allowed to store ITAR-regulated data for this service in the AWS GovCloud (US) Region. You must comply with the boundaries in order to maintain ITAR compliance. If you do not have any ITAR-regulated data in the AWS GovCloud (US) Region, this section does not apply to you. The following information identifies the ITAR boundary for this service:

ITAR-Regulated Data Permitted

ITAR-Regulated Data Not Permitted

  • All documents entered, stored, and processed in an Elasticsearch cluster can contain ITAR-regulated data.

  • Amazon Elasticsearch Service metadata is not permitted to contain ITAR-regulated data. This metadata includes all configuration data that you specify when creating and maintaining your Elasticsearch clusters and indices, such as index names, alias names, tags, snapshot names, and repository names.

  • Do not enter ITAR-regulated data in the following fields:

    • Domain name

    • Index names

    • Type names

    • Document IDs

    • Snapshot names

    • Resource tags

    • Repository names

    • Alias names

    • CloudWatch log group names

On this page: