[Contribution] 2018 Duo Security - ElasticSearch index name disclosure

[ramimac]

Summary (give a brief description of the issue)

These issues include fixing the information disclosure of the index names for private AWS-managed ElasticSearch clusters, enforcing host header authentication to make the public clusters more difficult to access, and AWS has taken steps to reach out to customers with public ElasticSearch clusters.

References (provide links to blogposts, etc.)

https://duo.com/blog/beyond-s3-exposed-resources-on-aws