Elasticsearch without at least three dedicated master nodes

Workload misconfigurations

Elasticsearch without at least three dedicated master nodes

Risk Level

Informational (4)

Platform(s)

Compliance Frameworks

AWS Foundational Security Best Practices Controls
Brazilian General Data Protection (LGPD)
CCPA
CPRA
ISO/IEC 27001
New Zealand Information Security Manual
NIST 800-171
NIST 800-53
PDPA
UK Cyber Essentials

Description

Amazon OpenSearch Service (Amazon Elasticsearch Service successor) is a managed service that simplifies the deployment, operation, and scaling of OpenSearch clusters in AWS Cloud. It was found that the Elasticsearch domain {AwsElasticSearch} is configured with less than three master nodes or has 'DedicatedMasterEnabled' disabled. The master nodes are responsible for managing and orchestrating the cluster and its nodes. An Elasticsearch domain requires at least three master nodes for high availability and fault tolerance in case a node fails.

Recommended Mitigation

For high availability and fault-tolerance it is recommended to configure at least 3 master nodes at the Elasticsearch domain {AwsElasticSearch}.

Elasticsearch without at least three dedicated master nodes

Description

Need help?

CLOUD SECURITY PLATFORM

TECHNOLOGY ECOSYSTEM

By Solution

By Industry

COMPARISONS