Workload misconfigurations

Elasticsearch domain has less than three data nodes

Risk Level

Informational (4)

Platform(s)
Compliance Frameworks

AWS Foundational Security Best Practices Controls

Description

Amazon OpenSearch Service (Amazon Elasticsearch Service successor) is a managed service that simplifies the deployment, operation, and scaling of OpenSearch clusters in AWS Cloud. It was found that the Elasticsearch domain {AwsElasticSearch} is configured with less than three data nodes or has 'ZoneAwarenessEnabled' disabled. The data nodes store and perform operations related to the query requests. An Elasticsearch domain requires at least three data nodes for high availability and fault tolerance in case a node fails.
  • Recommend icon

    Recommended Mitigation

    For high availability and fault-tolerance it is recommended to configure at least 3 data nodes and enable ZoneAwarenessEnabled at the Elasticsearch domain {AwsElasticSearch}.

Need help?

Get a free Security Risk Assessment. Start today

A screenshot of the Orca platform dashboard summarizing all of your cloud security risks

Personalized Demo

See Orca Security in Action

Gain visibility, achieve compliance, and prioritize risks with the Orca Cloud Security Platform.

Get a Demo