Detections
Analytics

Ensure ElasticSearch Zone Awareness is enabled

MEDIUM

Description

Disabling the Zone Awareness feature may lead to less resilient ElasticSearch clusters.

Remediation

Zone awareness applies only to multi-az configurations.

In AWS Console -

  1. Sign in to AWS Console and go to the Elasticsearch (ES) dashboard.
  2. Click on the ES domain.
  3. Open the cluster configuration page.
  4. In the Node configuration section verify if zone awareness is enabled.

In Terraform -

  1. In the aws_elasticsearch_domain resource, set the cluster_config.zone_awareness_enabled field to true.
  2. Configure a zone_awareness_config block with the availability_zone_count field set to the value representing the number of zones.

References:
https://docs.aws.amazon.com/opensearch-service/latest/developerguide/managedomains-multiaz.html
https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/elasticsearch_domain#zone_awareness_enabled

Policy Details

Rule Reference ID: AC_AWS_0110
CSP: AWS
Remediation Available: Yes
Domain: Resilience
Resource: aws_elasticsearch_domain
Resource Category: Analytics
Resource Type: ElasticSearch Service

Frameworks