Ensure that your AWS Elasticsearch Service (ES) clusters are using dedicated master nodes to improve their environmental stability by offloading all the management tasks from the cluster data nodes.
This rule resolution is part of the Cloud Conformity Security & Compliance tool for AWS
Using Elasticsearch dedicated master nodes to separate management tasks from index and search requests will improve the clusters ability to manage easily different types of workload and make them more resilient in production.
Note 1: Because ES dedicated master nodes do not process search and query requests nor hold any data, the node type chosen for this role typically does not require a large amount of CPU or RAM memory. Cloud Conformity recommends starting with the m3.medium.elasticsearch node type then adjust as necessary.
Note 2: Ensure you allocate at least 3 dedicated master nodes for each Elasticsearch domain (cluster) running in production. The default value for the number of master nodes is set to 3 but this value can be adjusted in the rule settings on the Cloud Conformity console.
Audit
To determine if your Elasticsearch clusters are using dedicated master nodes, perform the following:
Remediation / Resolution
To enable dedicated master nodes for your Amazon Elasticsearch clusters, perform the following:
References
- AWS Documentation
- Amazon Elasticsearch Service FAQs
- Managing Amazon Elasticsearch Service Domains
- Creating and Configuring Amazon Elasticsearch Service Domains
- AWS Command Line Interface (CLI) Documentation
- es
- list-domain-names
- describe-elasticsearch-domain
- update-elasticsearch-domain-config
Unlock the Remediation Steps
Gain free unlimited access
to our full Knowledge Base
Over 750 rules & best practices
for and
Get started for FREE
You are auditing:
Elasticsearch Dedicated Master Enabled
Risk level: Medium