Detections
Analytics

Ensure Azure services are zone redundant for Azure Eventhub Namespace

MEDIUM

Description

Services that are not zone redundant in Azure Eventhub Namespace tend to have a single points of failure.

Remediation

In Azure Console -

  1. Open the Azure Portal and go to Event Hubs.
  2. Select the Event Hubs Namespace you wish to edit.
  3. Under Settings, choose Geo-Recover.
  4. Select Initiate Pairing.
  5. If a second Event Hub Namespace hasn't already been created, you will have the option to do so here.
  6. Configure as needed.

In Terraform -

  1. In the azurerm_eventhub_namespace resource, set zone_redundant to true.
    Note: This will create a new resource. See the Terraform documentation for more information.

References:
https://learn.microsoft.com/en-us/azure/event-hubs/event-hubs-geo-dr?tabs=portal
https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/eventhub_namespace#zone_redundant

Policy Details

Rule Reference ID: AC_AZURE_0181
CSP: Azure
Remediation Available: Yes
Domain: Resilience
Resource: azurerm_eventhub_namespace
Resource Category: Messaging
Resource Type: Event Hub

Frameworks