AWS Elasticsearch enable “HTTPS for all traffic” via CloudFormation

As feature was recently released, it is not yet available in CloudFormation or Terraform, but it could be done via CLI after Domain will be provisioned:

aws es update-elasticsearch-domain-config --domain-name <name> \
  --domain-endpoint-options EnforceHTTPS=true,TLSSecurityPolicy=Policy-Min-TLS-1-2-2019-07

This feature has been released to Cloudformation August 11th 2020 and is now available both in Cloudformation as well as Terraform:

Cloudformation: https://docs.aws.amazon.com/elasticsearch-service/latest/developerguide/es-configuration-api.html#es-configuration-api-datatypes-domainendpointoptions

Terraform: https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/elasticsearch_domain#enforce_https