CloudWiki
Rules
Low

Ensure Amazon MQ brokers are using the active/standby deployment mode

Availability
Description

To achieve high availability for your Amazon MQ brokers, it is essential to configure them to use the active/standby deployment mode. In this mode, two broker instances are set up in a redundant pair, with one instance configured as the active broker and the other as the standby broker. To implement this model, the AWS MQ service deploys one broker instance in one Availability Zone (AZ) and another standby broker instance in a different AZ. These broker instances are set up to communicate with your web application, with each other, and with a shared AWS storage location. By using the active/standby deployment mode, you can achieve high availability for your Amazon MQ brokers, as the service provides automatic failover capability. This is in contrast to the default single-broker mode, which provides no such failover capabilities. Therefore, it is important to ensure that the active/standby deployment mode is enabled for your Amazon MQ brokers to ensure maximum availability and reliability.

Remediation

To ensure that your Amazon MQ brokers are using the active/standby deployment mode for high availability, you can follow these steps:

  1. Sign in to your AWS Management Console and navigate to the Amazon MQ service.
  2. Select the Amazon MQ broker for which you want to enable the active/standby deployment mode.
  3. Under the "Configuration" section, click on the "Edit" button.
  4. In the "Broker" tab, locate the "Deployment mode" field and select "Active/standby" from the dropdown menu.
  5. In the "Redundancy" tab, configure the "Replication" settings to determine how the active and standby brokers replicate data.
  6. Click on the "Save changes" button to apply the changes.
  7. Verify that the active/standby deployment mode is enabled by checking the "Deployment mode" field in the Amazon MQ broker details page.

By following these steps, you can ensure that your Amazon MQ brokers are using the active/standby deployment mode for high availability. This will provide automatic failover capabilities and increase the reliability of your Amazon MQ brokers.

Enforced Resources
Note: Remediation steps provided by Lightlytics are meant to be suggestions and guidelines only. It is crucial to thoroughly verify and test any remediation steps before applying them to production environments. Each organization's infrastructure and security needs may differ, and blindly applying suggested remediation steps without proper testing could potentially cause unforeseen issues or vulnerabilities. Therefore, it is strongly recommended that you validate and customize any remediation steps to meet your organization's specific requirements and ensure that they align with your security policies and best practices.