Low

Ensure Auto-Tune feature is enabled in OpenSearch clusters

Other
No items found.
Description

AWS OpenSearch Auto-Tune feature helps optimize the performance of your OpenSearch cluster by automatically adjusting its configuration settings based on the usage patterns and workload characteristics of your data. This means that your OpenSearch cluster can be more efficiently configured to meet the specific needs of your application without requiring manual configuration changes.Auto-Tune can help minimize the risk of performance bottlenecks, reduce costs by optimizing resource usage, and improve the overall efficiency of your OpenSearch deployment.

Remediation

To ensure that AWS OpenSearch Auto-Tune feature is enabled, you can take the following remediation steps:

  1. Verify that your OpenSearch cluster is running on a supported version that includes Auto-Tune. You can check the list of supported versions in the AWS documentation.
  2. Verify that your OpenSearch cluster is running in a dedicated VPC with the correct security group settings. The VPC should have an internet gateway and a route table that allows outbound traffic to the internet.
  3. Make sure that the IAM roles and policies associated with your OpenSearch cluster have the necessary permissions to use Auto-Tune. The required permissions are listed in the AWS documentation.
  4. Verify that your OpenSearch cluster has the required level of data ingestion and search traffic to trigger Auto-Tune. You can monitor this using the OpenSearch console or APIs.
  5. Enable Auto-Tune in your OpenSearch cluster settings. You can do this through the OpenSearch console or APIs.
  6. Monitor the performance of your OpenSearch cluster to ensure that Auto-Tune is working as expected. You can use the OpenSearch console or APIs to view the Auto-Tune logs and metrics.

By following these remediation steps, you can ensure that AWS OpenSearch Auto-Tune feature is enabled and working properly to optimize the performance of your OpenSearch cluster.

Enforced Resources
Note: Remediation steps provided by Lightlytics are meant to be suggestions and guidelines only. It is crucial to thoroughly verify and test any remediation steps before applying them to production environments. Each organization's infrastructure and security needs may differ, and blindly applying suggested remediation steps without proper testing could potentially cause unforeseen issues or vulnerabilities. Therefore, it is strongly recommended that you validate and customize any remediation steps to meet your organization's specific requirements and ensure that they align with your security policies and best practices.