CloudWiki
Rules
Critical

Ensure OpenSearch clusters are using dedicated master nodes

Availability
No items found.
Description

To enhance a cluster's ability to handle various workloads and increase its resilience in a production environment, it is recommended to use OpenSearch dedicated master nodes to segregate management tasks from index and search requests. It is important to confirm that dedicated master nodes are being utilized in AWS OpenSearch clusters to promote environmental stability by eliminating management tasks from the cluster data nodes.

Remediation

To ensure that AWS OpenSearch clusters are using dedicated master nodes, you can take the following remediation steps:

  1. Verify that your OpenSearch cluster is running on a version that supports dedicated master nodes. You can check the list of supported versions in the AWS documentation.
  2. Create a dedicated master node instance group and configure it to run on separate instances from your data nodes.
  3. Ensure that the dedicated master nodes are in a separate subnet from the data nodes, with appropriate security group settings and access to necessary resources such as the OpenSearch API.
  4. Configure the cluster to use the dedicated master nodes by updating the cluster configuration settings. This can be done through the OpenSearch console or APIs.
  5. Monitor the performance and health of the dedicated master nodes to ensure they are functioning properly. You can use the OpenSearch console or APIs to view the logs and metrics.

By following these remediation steps, you can ensure that AWS OpenSearch clusters are using dedicated master nodes to improve their stability and resilience by separating management tasks from data nodes.

Enforced Resources
Note: Remediation steps provided by Lightlytics are meant to be suggestions and guidelines only. It is crucial to thoroughly verify and test any remediation steps before applying them to production environments. Each organization's infrastructure and security needs may differ, and blindly applying suggested remediation steps without proper testing could potentially cause unforeseen issues or vulnerabilities. Therefore, it is strongly recommended that you validate and customize any remediation steps to meet your organization's specific requirements and ensure that they align with your security policies and best practices.