Updated check titles

checks/check_extra715

@@ -11,7 +11,7 @@
 # CONDITIONS OF ANY KIND, either express or implied. See the License for the
 # specific language governing permissions and limitations under the License.
 CHECK_ID_extra715="7.15"
-CHECK_TITLE_extra715="[extra715] Check if Elasticsearch Service domains have logging enabled (Not Scored) (Not part of CIS benchmark)"
+CHECK_TITLE_extra715="[extra715] Check if Amazon Elasticsearch Service (ES) domains have logging enabled"
 CHECK_SCORED_extra715="NOT_SCORED"
 CHECK_TYPE_extra715="EXTRA"
 CHECK_ALTERNATE_check715="extra715"
@@ -23,19 +23,19 @@ extra715(){
       for domain in $LIST_OF_DOMAINS;do
         SEARCH_SLOWLOG_ENABLED=$($AWSCLI es describe-elasticsearch-domain-config --domain-name $domain $PROFILE_OPT --region $regx --query DomainConfig.LogPublishingOptions.Options.SEARCH_SLOW_LOGS.Enabled --output text |grep -v ^None|grep -v ^False)
         if [[ $SEARCH_SLOWLOG_ENABLED ]];then
-          textPass "$regx: ElasticSearch Service domain $domain SEARCH_SLOW_LOGS enabled" "$regx"
+          textPass "$regx: Amazon Elasticsearch Service (ES) domain $domain SEARCH_SLOW_LOGS enabled" "$regx"
         else
-          textFail "$regx: ElasticSearch Service domain $domain SEARCH_SLOW_LOGS disabled!" "$regx"
+          textFail "$regx: Amazon Elasticsearch Service (ES) domain $domain SEARCH_SLOW_LOGS disabled!" "$regx"
         fi
         INDEX_SLOWLOG_ENABLED=$($AWSCLI es describe-elasticsearch-domain-config --domain-name $domain $PROFILE_OPT --region $regx --query DomainConfig.LogPublishingOptions.Options.INDEX_SLOW_LOGS.Enabled --output text |grep -v ^None|grep -v ^False)
         if [[ $INDEX_SLOWLOG_ENABLED ]];then
-          textPass "$regx: ElasticSearch Service domain $domain INDEX_SLOW_LOGS enabled" "$regx"
+          textPass "$regx: Amazon Elasticsearch Service (ES) domain $domain INDEX_SLOW_LOGS enabled" "$regx"
         else
-          textFail "$regx: ElasticSearch Service domain $domain INDEX_SLOW_LOGS disabled!" "$regx"
+          textFail "$regx: Amazon Elasticsearch Service (ES) domain $domain INDEX_SLOW_LOGS disabled!" "$regx"
         fi
       done
     else
-      textInfo "$regx: No Elasticsearch Service domain found" "$regx"
+      textInfo "$regx: No Amazon Elasticsearch Service (ES) domain found" "$regx"
     fi
   done
 }

checks/check_extra716

@@ -11,7 +11,7 @@
 # CONDITIONS OF ANY KIND, either express or implied. See the License for the
 # specific language governing permissions and limitations under the License.
 CHECK_ID_extra716="7.16"
-CHECK_TITLE_extra716="[extra716] Check if Elasticsearch Service domains are set as Public and have cross account access (Not Scored) (Not part of CIS benchmark)"
+CHECK_TITLE_extra716="[extra716] Check if Amazon Elasticsearch Service (ES) domains are set as Public and have cross account access"
 CHECK_SCORED_extra716="NOT_SCORED"
 CHECK_TYPE_extra716="EXTRA"
 CHECK_ALTERNATE_check716="extra716"
@@ -27,14 +27,14 @@ extra716(){
         # check if the policy has Principal as *
         CHECK_ES_DOMAIN_ALLUSERS_POLICY=$(cat $TEMP_POLICY_FILE | jq -r '. | .Statement[] | select(.Effect == "Allow" and (((.Principal|type == "object") and .Principal.AWS == "*") or ((.Principal|type == "string") and .Principal == "*")) and .Condition == null)')
         if [[ $CHECK_ES_DOMAIN_ALLUSERS_POLICY ]];then
-          textFail "$regx: $domain policy allow Anonymous cross account access (Principal: \"*\")" "$regx"
+          textFail "$regx: Amazon Elasticsearch Service (ES) $domain policy allow Anonymous cross account access (Principal: \"*\")" "$regx"
         else
-          textPass "$regx: $domain does not allow Anonymous cross account access" "$regx"
+          textPass "$regx: Amazon Elasticsearch Service (ES) $domain does not allow Anonymous cross account access" "$regx"
         fi
         rm -f $TEMP_POLICY_FILE
       done
     else
-      textInfo "$regx: No Elasticsearch Service domain found" "$regx"
+      textInfo "$regx: No Amazon Elasticsearch Service (ES) domain found" "$regx"
     fi
   done
 }

checks/check_extra781

@@ -11,7 +11,7 @@
 # CONDITIONS OF ANY KIND, either express or implied. See the License for the
 # specific language governing permissions and limitations under the License.
 CHECK_ID_extra781="7.81"
-CHECK_TITLE_extra781="[extra781] Check if Elasticsearch Service domains has encryption at-rest enabled (Not Scored) (Not part of CIS benchmark)"
+CHECK_TITLE_extra781="[extra781] Check if Amazon Elasticsearch Service (ES) domains has encryption at-rest enabled (Not Scored) (Not part of CIS benchmark)"
 CHECK_SCORED_extra781="NOT_SCORED"
 CHECK_TYPE_extra781="EXTRA"
 CHECK_ALTERNATE_check781="extra781"
@@ -23,13 +23,13 @@ extra781(){
       for domain in $LIST_OF_DOMAINS;do
         CHECK_IF_ENCREST_ENABLED=$($AWSCLI es describe-elasticsearch-domain --domain-name $domain $PROFILE_OPT --region $regx --query 'DomainStatus.EncryptionAtRestOptions.Enabled' --output text|grep -i true)
         if [[ $CHECK_IF_ENCREST_ENABLED ]];then
-          textPass "$regx: $domain has encryption at-rest enabled" "$regx"
+          textPass "$regx: Amazon Elasticsearch Service (ES) $domain has encryption at-rest enabled" "$regx"
         else 
-          textFail "$regx: $domain does not have encryption at-rest enabled" "$regx"
+          textFail "$regx: Amazon Elasticsearch Service (ES) $domain does not have encryption at-rest enabled" "$regx"
         fi
       done
     else
-      textInfo "$regx: No Elasticsearch Service domains found" "$regx"
+      textInfo "$regx: No Amazon Elasticsearch Service (ES) domains found" "$regx"
     fi
   done
 }

checks/check_extra782

@@ -11,7 +11,7 @@
 # CONDITIONS OF ANY KIND, either express or implied. See the License for the
 # specific language governing permissions and limitations under the License.
 CHECK_ID_extra782="7.82"
-CHECK_TITLE_extra782="[extra782] Check if Elasticsearch Service domains has node-to-node encryption enabled (Not Scored) (Not part of CIS benchmark)"
+CHECK_TITLE_extra782="[extra782] Check if Amazon Elasticsearch Service (ES) domains has node-to-node encryption enabled (Not Scored) (Not part of CIS benchmark)"
 CHECK_SCORED_extra782="NOT_SCORED"
 CHECK_TYPE_extra782="EXTRA"
 CHECK_ALTERNATE_check782="extra782"
@@ -23,13 +23,13 @@ extra782(){
       for domain in $LIST_OF_DOMAINS;do
         CHECK_IF_NODETOENCR_ENABLED=$($AWSCLI es describe-elasticsearch-domain --domain-name $domain $PROFILE_OPT --region $regx --query 'DomainStatus.NodeToNodeEncryptionOptions.Enabled' --output text|grep -i true)
         if [[ $CHECK_IF_NODETOENCR_ENABLED ]];then
-          textPass "$regx: $domain has node-to-node encryption enabled" "$regx"
+          textPass "$regx: Amazon Elasticsearch Service (ES) $domain has node-to-node encryption enabled" "$regx"
         else 
-          textFail "$regx: $domain does not have node-to-node encryption enabled" "$regx"
+          textFail "$regx: Amazon Elasticsearch Service (ES) $domain does not have node-to-node encryption enabled" "$regx"
         fi
       done
     else
-      textInfo "$regx: No Elasticsearch Service domains found" "$regx"
+      textInfo "$regx: No Amazon Elasticsearch Service (ES) domains found" "$regx"
     fi
   done
 }

checks/check_extra783

@@ -11,7 +11,7 @@
 # CONDITIONS OF ANY KIND, either express or implied. See the License for the
 # specific language governing permissions and limitations under the License.
 CHECK_ID_extra783="7.83"
-CHECK_TITLE_extra783="[extra783] Check if Elasticsearch Service domains has enforce HTTPS enabled (Not Scored) (Not part of CIS benchmark)"
+CHECK_TITLE_extra783="[extra783] Check if Amazon Elasticsearch Service (ES) domains has enforce HTTPS enabled"
 CHECK_SCORED_extra783="NOT_SCORED"
 CHECK_TYPE_extra783="EXTRA"
 CHECK_ALTERNATE_check783="extra783"
@@ -23,13 +23,13 @@ extra783(){
       for domain in $LIST_OF_DOMAINS;do
         CHECK_IF_ENFORCEHTTPS_ENABLED=$($AWSCLI es describe-elasticsearch-domain --domain-name $domain $PROFILE_OPT --region $regx --query 'DomainStatus.DomainEndpointOptions.EnforceHTTPS' --output text|grep -i true)
         if [[ $CHECK_IF_ENFORCEHTTPS_ENABLED ]];then
-          textPass "$regx: $domain has enforce HTTPS enabled" "$regx"
+          textPass "$regx: Amazon Elasticsearch Service (ES) $domain has enforce HTTPS enabled" "$regx"
         else 
-          textFail "$regx: $domain does not have enforce HTTPS enabled" "$regx"
+          textFail "$regx: Amazon Elasticsearch Service (ES) $domain does not have enforce HTTPS enabled" "$regx"
         fi
       done
     else
-      textInfo "$regx: No Elasticsearch Service domains found" "$regx"
+      textInfo "$regx: No Amazon Elasticsearch Service (ES) domains found" "$regx"
     fi
   done
 }

checks/check_extra784

@@ -11,7 +11,7 @@
 # CONDITIONS OF ANY KIND, either express or implied. See the License for the
 # specific language governing permissions and limitations under the License.
 CHECK_ID_extra784="7.84"
-CHECK_TITLE_extra784="[extra784] Check if Elasticsearch Service domains internal user database enabled (Not Scored) (Not part of CIS benchmark)"
+CHECK_TITLE_extra784="[extra784] Check if Amazon Elasticsearch Service (ES) domains internal user database enabled"
 CHECK_SCORED_extra784="NOT_SCORED"
 CHECK_TYPE_extra784="EXTRA"
 CHECK_ALTERNATE_check784="extra784"
@@ -23,13 +23,13 @@ extra784(){
       for domain in $LIST_OF_DOMAINS;do
         CHECK_IF_INTERNALDB_ENABLED=$($AWSCLI es describe-elasticsearch-domain --domain-name $domain $PROFILE_OPT --region $regx --query 'DomainStatus.AdvancedSecurityOptions.InternalUserDatabaseEnabled' --output text|grep -i true)
         if [[ $CHECK_IF_INTERNALDB_ENABLED ]];then
-          textPass "$regx: $domain has internal user database enabled" "$regx"
+          textPass "$regx: Amazon Elasticsearch Service (ES) $domain has internal user database enabled" "$regx"
         else 
-          textFail "$regx: $domain does not have internal user database enabled" "$regx"
+          textFail "$regx: Amazon Elasticsearch Service (ES) $domain does not have internal user database enabled" "$regx"
         fi
       done
     else
-      textInfo "$regx: No Elasticsearch Service domains found" "$regx"
+      textInfo "$regx: No Amazon Elasticsearch Service (ES) domains found" "$regx"
     fi
   done
 }

checks/check_extra785

@@ -11,7 +11,7 @@
 # CONDITIONS OF ANY KIND, either express or implied. See the License for the
 # specific language governing permissions and limitations under the License.
 CHECK_ID_extra785="7.85"
-CHECK_TITLE_extra785="[extra785] Check if Elasticsearch Service domains have updates available (Not Scored) (Not part of CIS benchmark)"
+CHECK_TITLE_extra785="[extra785] Check if Amazon Elasticsearch Service (ES) domains have updates available"
 CHECK_SCORED_extra785="NOT_SCORED"
 CHECK_TYPE_extra785="EXTRA"
 CHECK_ALTERNATE_check785="extra785"
@@ -23,13 +23,13 @@ extra785(){
       for domain in $LIST_OF_DOMAINS;do
         CHECK_IF_UPDATE_AVAILABLE=$($AWSCLI es describe-elasticsearch-domain --domain-name $domain $PROFILE_OPT --region $regx --query 'DomainStatus.ServiceSoftwareOptions.UpdateAvailable' --output text|grep -i true)
         if [[ $CHECK_IF_UPDATE_AVAILABLE ]];then
-          textInfo "$regx: $domain has updates available" "$regx"
+          textInfo "$regx: Amazon Elasticsearch Service (ES) $domain has updates available" "$regx"
         else 
-          textPass "$regx: $domain does not have have updates available" "$regx"
+          textPass "$regx: Amazon Elasticsearch Service (ES) $domain does not have have updates available" "$regx"
         fi
       done
     else
-      textInfo "$regx: No Elasticsearch Service domains found" "$regx"
+      textInfo "$regx: No Amazon Elasticsearch Service (ES) domains found" "$regx"
     fi
   done
 }

groups/group14_elasticsearch

@@ -13,6 +13,6 @@
 
 GROUP_ID[14]='elasticsearch'
 GROUP_NUMBER[14]='14.0'
-GROUP_TITLE[14]='Elasticsearch security checks - [elasticsearch] ***************'
+GROUP_TITLE[14]='Elasticsearch related security checks - [elasticsearch] ***************'
 GROUP_RUN_BY_DEFAULT[14]='N' # run it when execute_all is called
 GROUP_CHECKS[14]='extra715,extra716,extra779,extra780,extra781,extra782,extra783,extra784,extra785'