Workload misconfigurations

Elasticsearch domain has less than three data nodes

Risk Level

Informational (4)

Platform(s)
Compliance Frameworks

Description

Amazon OpenSearch Service (Amazon Elasticsearch Service successor) is a managed service that simplifies the deployment, operation, and scaling of OpenSearch clusters in AWS Cloud. It was found that the Elasticsearch domain {AwsElasticSearch} is configured with less than three data nodes or has 'ZoneAwarenessEnabled' disabled. The data nodes store and perform operations related to the query requests. An Elasticsearch domain requires at least three data nodes for high availability and fault tolerance in case a node fails.

  • Recommended Mitigation

    For high availability and fault-tolerance it is recommended to configure at least 3 data nodes and enable ZoneAwarenessEnabled at the Elasticsearch domain {AwsElasticSearch}.

Need help?

Get a free Security Risk Assessment. Start today

See Orca in action See Orca in action-> View a 10 minute recorded demo or sign up for a personalized one-on-one walk-through.