Workload misconfigurations

Elasticsearch domain has less than three data nodes

Risk Level

Informational (4)

Platform(s)
Compliance Frameworks

Description

Amazon OpenSearch Service (Amazon Elasticsearch Service successor) is a managed service that simplifies the deployment, operation, and scaling of OpenSearch clusters in AWS Cloud. It was found that the Elasticsearch domain {AwsElasticSearch} is configured with less than three data nodes or has 'ZoneAwarenessEnabled' disabled. The data nodes store and perform operations related to the query requests. An Elasticsearch domain requires at least three data nodes for high availability and fault tolerance in case a node fails.

  • Recommended Mitigation

    For high availability and fault-tolerance it is recommended to configure at least 3 data nodes and enable ZoneAwarenessEnabled at the Elasticsearch domain {AwsElasticSearch}.

Need help?

Get a free Security Risk Assessment. Start today

Orca Security Demo Demo the Orca Platform-> In just 10 minutes, you’ll see how Orca Security can revolutionize your cloud security strategy. Watch a recorded demo from a cloud security expert now.