Best practice rules for Amazon MQ
Trend Micro Cloud One™ – Conformity monitors Amazon MQ with the following rules:
- MQ Auto Minor Version Upgrade
Ensure AWS MQ brokers have the Auto Minor Version Upgrade feature enabled.
- MQ Deployment Mode
Ensure that your Amazon MQ brokers are using the active/standby deployment mode.
- MQ Desired Broker Instance Type
Ensure that all your Amazon MQ broker instances are of a given type.
- MQ Engine Version
Ensure that the latest version of Apache ActiveMQ engine is used for your AWS MQ brokers.
- MQ Log Exports
Ensure Log Exports feature is enabled for your Amazon MQ brokers.
- MQ Network of Brokers
Ensure that Amazon MQ brokers are using the network of brokers configuration.
- Publicly Accessible MQ Brokers
Ensure Amazon MQ brokers are not publicly accessible and prone to security risks.