Workload misconfigurations

Elasticsearch domain has less than three data nodes

Risk Level

Informational (4)

Compliance Frameworks
  • AWS Foundational Security Best Practices Controls


Amazon OpenSearch Service (Amazon Elasticsearch Service successor) is a managed service that simplifies the deployment, operation, and scaling of OpenSearch clusters in AWS Cloud. It was found that the Elasticsearch domain {AwsElasticSearch} is configured with less than three data nodes or has 'ZoneAwarenessEnabled' disabled. The data nodes store and perform operations related to the query requests. An Elasticsearch domain requires at least three data nodes for high availability and fault tolerance in case a node fails.
  • Recommend icon

    Recommended Mitigation

    For high availability and fault-tolerance it is recommended to configure at least 3 data nodes and enable ZoneAwarenessEnabled at the Elasticsearch domain {AwsElasticSearch}.