Detections
Analytics

Ensure dedicated master nodes are enabled for AWS ElasticSearch Domains

MEDIUM

Description

Disabled dedicated master nodes in AWS ElasticSearch clusters may lead to decreased production environment stability.

Remediation

In AWS Console -

  1. Sign in to the AWS Console and open the OpenSearch Console.
  2. Under Managed clusters in the navigation bar, select Domains.
  3. Choose the domain to edit, and under the Actions drop-down, select Edit cluster configuration.
  4. Under Dedicated master nodes, check the box for Enable dedicated master nodes.
  5. Select the size and number of master nodes to configure.
  6. Select Save Changes.

In Terraform -

  1. In the aws_elasticsearch_domain resource, set the dedicated_master_enabled field to true.
  2. Set the dedicated_master_type field to the type of instance.
  3. Set the dedicated_master_count to the number of instances.

References:
https://docs.aws.amazon.com/opensearch-service/latest/developerguide/managedomains-dedicatedmasternodes.html
https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/elasticsearch_domain#dedicated_master_enabled

Policy Details

Rule Reference ID: AC_AWS_0107
CSP: AWS
Remediation Available: Yes
Domain: Logging and Monitoring
Resource: aws_elasticsearch_domain
Resource Category: Analytics
Resource Type: ElasticSearch Service

Frameworks