Ensure Elasticsearch is running the latest version

When running AWS ES clusters with the latest version of Elasticsearch engine you will get the latest features and enhancements as well as have all the bug fixes and security patches for the engine. For this reason it is considered a security best practice to run the latest version of Elasticsearch. Ensuring the latest patched version of Elasticsearch will help you with PCI-DSS compliance.

Audit & Remediation



  • If you are running an a version other than the latest, then doing a backup of the data and restore into a new Domain is suggested.
  • In order to change this feature you will be required to do a manual snapshot of the Elasticsearch domain and restore a to a new Elasticsearch domain.
  • Follow directions located here in order to perform the recreation fo the Elasticsearch domain. https://docs.aws.amazon.com/elasticsearch-service/latest/developerguide/es-managedomains-snapshots.html
  • Select each Elasticsearch cluster and on the main tab look to see if an upgrade is currently available.



  • Select the Update button to initiate the update to the latest version.
  • Repeat the outlined steps in each of your accounts.
See all of your AWS EC2 Instances in a single place!

Do you want to see all of your AWS EC2 Instances in once place for all regions and all accounts?
Login to our online demo to see exactly what this looks like.


Other Key Features


Consolidate your inventory management with consistent and frequent security logs, inventories, and change logs. Dashboard reporting for extensive analytical value.

learn more +

Cost & Usage

Access consolidated capacity, cost, and volume tools in a scaling environment without impacting production or breaking the bank.

learn more +