Ensure that your Amazon Elasticsearch (ES) clusters are using the latest version of Elasticsearch engine in order to adhere to AWS best practices and receive the newest Elasticsearch features, benefit from better performance and security and get the latest bug fixes. Elasticsearch is a full-text search engine based on Lucene. Amazon Elasticsearch (ES) is a managed service designed to help you deploy, operate, and scale Elasticsearch clusters within the AWS Cloud.
This rule can help you with the following compliance standards:
This rule resolution is part of the Cloud Conformity Security & Compliance tool for AWS
When running your AWS ES clusters with the latest version of Elasticsearch engine you will benefit from new features and enhancements, better performance, better memory management and resource utilization, bug fixes and security patches for the engine. For example, upgrading your AWS Elasticsearch clusters (domains) version to 6.x will get you all the improvements that come with Elasticsearch 6 (better indexing performance, new data structures, instant aggregations, automatic parallel tasking of reindex, etc) plus the new ones added by AWS such as: support for newer instance types, higher number of supported APIs that can give you finer control over your clusters, and an improved visualization engine (powered by Kibana 5).
To determine the current version of your Elasticsearch (ES) domains, perform the following:
Remediation / Resolution
To upgrade the Elasticsearch engine version for your AWS ES domain, you must unload the existing data from the cluster to Amazon S3 then upload this data in a new AWS ES cluster, created using the latest version of the Elasticsearch engine. To launch and configure a new Amazon Elasticsearch cluster (domain) with the latest search engine version, perform the following:
- AWS Documentation
- What Is Amazon Elasticsearch Service?
- Supported Elasticsearch Operations
- Creating and Configuring Amazon Elasticsearch Service Domains
- Step 4: Uploading Data to an Amazon ES Domain for Indexing
- AWS Command Line Interface (CLI) Documentation
Unlock the Remediation Steps
Gain free unlimited access
to our full Knowledge Base
Over 750 rules & best practices
Get started for FREE
You are auditing:
Risk level: Medium