Medium

Ensure OpenSearch has at least 3 dedicated master nodes

Availability
Description

Amazon OpenSearch Service is a fully managed search and analytics service that enables you to search, analyze, and visualize your data. Master nodes in OpenSearch perform cluster-wide management and state changes, such as creating or deleting indices, tracking node availability, and monitoring health.Ensuring that OpenSearch has at least three dedicated master nodes will provide the ability to have a highly available and reliable cluster. This ensures that if one master node fails, the other two can continue to perform cluster-wide management functions and state changes.Note: Amazon Elasticsearch Service (Amazon ES) has been renamed to Amazon OpenSearch Service.‍

Remediation

To ensure OpenSearch has at least 3 dedicated master nodes, you can follow these remediation steps:

  1. Navigate to the Amazon OpenSearch service console.
  2. Select the domain for which you want to configure dedicated master nodes.
  3. In the navigation pane, choose "Configure cluster."
  4. In the "Master nodes" section, select the "Dedicated master nodes" radio button.
  5. Enter "3" for the number of dedicated master nodes.
  6. Click "Save changes" to apply the changes to the OpenSearch cluster.

Note: Adding dedicated master nodes to an existing OpenSearch cluster may cause a brief period of cluster unavailability. It is recommended to schedule this change during off-peak hours.

Enforced Resources
Note: Remediation steps provided by Lightlytics are meant to be suggestions and guidelines only. It is crucial to thoroughly verify and test any remediation steps before applying them to production environments. Each organization's infrastructure and security needs may differ, and blindly applying suggested remediation steps without proper testing could potentially cause unforeseen issues or vulnerabilities. Therefore, it is strongly recommended that you validate and customize any remediation steps to meet your organization's specific requirements and ensure that they align with your security policies and best practices.