Configure At Least Three Dedicated Master Nodes for Elasticsearch Domains

Ensures that Elasticsearch domains have a minimum of three dedicated master nodes to manage cluster operations efficiently and handle node failures.

Rule	Elasticsearch domains should be configured with at least three dedicated master nodes
Framework	AWS Foundational Security Best Practices
Severity	✔ Medium

Rule Description:

Elasticsearch domains should be configured with a minimum of three dedicated master nodes for AWS Foundational Security Best Practices. Having three dedicated master nodes improves fault tolerance and availability by ensuring that a majority of nodes are available to perform cluster coordination and election of a new master node in case of node failures.

Troubleshooting Steps:

If the Elasticsearch domain is not configured with at least three dedicated master nodes, follow these troubleshooting steps:

1.
Check the current configuration of the Elasticsearch domain to determine the number of master-eligible nodes.

2.
Update the configuration to add additional dedicated master nodes if needed.

Necessary Codes:

To configure dedicated master nodes in an Elasticsearch domain, you can use the AWS CLI or the AWS Management Console.

Step-by-Step Guide for Remediation:

1.
Open the AWS Management Console and navigate to the Amazon Elasticsearch Service (ES) dashboard.

2.
Select the Elasticsearch domain that needs to be updated with dedicated master nodes.

3.
In the domain configuration, locate the "Instance settings" or "Master settings" section.

4.
Update the "Dedicated master nodes" setting to specify at least three instance types that will serve as dedicated master nodes.

5.
Save the configuration changes and wait for the Elasticsearch domain to apply the new settings.

6.
Verify that the Elasticsearch domain now has three dedicated master nodes for improved fault tolerance and availability.

By following these steps, you can ensure that your Elasticsearch domain meets the AWS Foundational Security Best Practice of configuring at least three dedicated master nodes.

Configure At Least Three Dedicated Master Nodes for Elasticsearch Domains

.css-doq6ia{margin:0;font-family:Inter;font-weight:400;font-size:1.2857142857142858rem;line-height:1.5;color:#161857;text-align:left;font-size:26px;font-weight:700;margin-top:1rem;}Troubleshooting Steps:

.css-doq6ia{margin:0;font-family:Inter;font-weight:400;font-size:1.2857142857142858rem;line-height:1.5;color:#161857;text-align:left;font-size:26px;font-weight:700;margin-top:1rem;}Necessary Codes:

.css-doq6ia{margin:0;font-family:Inter;font-weight:400;font-size:1.2857142857142858rem;line-height:1.5;color:#161857;text-align:left;font-size:26px;font-weight:700;margin-top:1rem;}Step-by-Step Guide for Remediation:

Is your System Free of Underlying Vulnerabilities? Find Out Now

Troubleshooting Steps:

Necessary Codes:

Step-by-Step Guide for Remediation:

Is your System Free of Underlying Vulnerabilities?
Find Out Now