From my previous experience with using database encryption, this really affects the speed of receiving data (as we can only say if the record meets the condition after reading and decrypting).
This will be the case if each value of each record was encrypted before being inserted into the database. This is not how RDS encryption works. RDS encryption works by enabling encryption of EBS volumes (s) that are stored in the database. For the RDS database engine, data is not displayed in encrypted form. This is the same as enabling encryption on the EBS volume that is connected to your EC2 server.
In terms of performance, I did not notice a decrease in performance when encryption was enabled in RDS and EBS. In the AWS documentation here :
you can expect the same level of IOPS performance on encrypted volumes as you would with unencrypted volumes with minimal effect on latency.
Please note that this is “encryption at rest”. If you also need data that will be “encrypted in transit,” you will need to study the use of SSL connections for all database connections and possibly enable the setting in your database to force SSL connections.
As for your second question, AWS does not seem to support resting encryption for ElasticSearch. For encryption in transit, you can use HTTPS connections in accordance with AWS Support's answer to this question :
You can use https for encrypted communication with your domain.
Communication between nodes is not encrypted. The nodes themselves are located in our VPC, and all communications between the nodes remain inside it.