CloudWiki
Rules
Medium

Ensure Database Migration Service (DMS) replication instances are using Multi-AZ deployment configurations

Availability
Description

To ensure High Availability (HA) and minimize downtime due to failures, it is essential to enable Multi-AZ deployment configurations for your Amazon Database Migration Service (DMS) replication instances. This feature provides automatic failover to standby replicas in case of failures such as an Availability Zone (AZ) outage, internal hardware or network issues, or software failure, as well as during planned maintenance sessions. Enabling the Multi-AZ feature in AWS DMS creates and maintains synchronous replicas across different Availability Zones, providing data redundancy, eliminating I/O freeze-ups, and reducing latency spikes. Using Multi-AZ deployment improves availability during system maintenance, protects the instance against failures and disruptions in an Availability Zone, and provides a redundant replication stream during ongoing replications and long database migrations.

Remediation

To ensure that your Amazon Database Migration Service (DMS) replication instances are using Multi-AZ deployment configurations, you can follow these remediation steps:

  1. Launch Replication Instance with Multi-AZ Enabled: When creating or modifying your DMS replication instance, ensure that the "Multi-AZ" option is enabled. This will create and maintain synchronous replicas across different Availability Zones, providing data redundancy and improving availability during system maintenance.
  2. Configure Security Groups: Ensure that the security group associated with your DMS replication instance allows traffic to and from the replication instance and its replicas across different Availability Zones.
  3. Monitor Replication Status: Monitor the replication status of your DMS replication instance to ensure that the replicas are up to date and in sync. You can use AWS CloudWatch to monitor replication status and set up alarms for events that require attention.
  4. Test Failover: Test the failover process to ensure that it works correctly. You can do this by intentionally causing a failure on the primary instance and verifying that the replica instance takes over and becomes the new primary instance.

By implementing these remediation steps, you can ensure that your DMS replication instances are using Multi-AZ deployment configurations to provide High Availability (HA) and minimize downtime due to failures. This will help to protect your data from loss and ensure that your replication instances are always available and operational.

Enforced Resources
Note: Remediation steps provided by Lightlytics are meant to be suggestions and guidelines only. It is crucial to thoroughly verify and test any remediation steps before applying them to production environments. Each organization's infrastructure and security needs may differ, and blindly applying suggested remediation steps without proper testing could potentially cause unforeseen issues or vulnerabilities. Therefore, it is strongly recommended that you validate and customize any remediation steps to meet your organization's specific requirements and ensure that they align with your security policies and best practices.