More Info:

ElasticSearch domains should be running the latest service software. ElasticSearch domains should be configured to run the latest service software which often contains security updates.

Risk Level

Low

Address

Security, Operational Maturity

Compliance Standards

AWSWAF, SOC2, NISTCSF

Remediation

How to ensure ElasticSearch Domains use latest service software

Using AWS Console

  1. Sign in to the AWS Management Console.
  2. Navigate to the Amazon Elasticsearch service. (In the Cloudanix Console, navigate to “Misconfig” page and look for Affected Assets for “ElasticSearch Domains Should Use The Latest Service Software” Policy.)
  3. Select the Elasticsearch domain for which you want to ensure the latest service software.
  4. In the domain details page, click on the “Configure” button.
  5. Under the “Version” section, check the current version of the Elasticsearch service software.
  6. Compare the current version with the latest available version. You can refer to the AWS Elasticsearch release notes or the AWS Management Console for the latest version information.
  7. If the current version is not the latest, you can proceed with the update process.
  8. Click on the “Modify” button to update the domain configuration.
  9. In the “Version” section, select the latest version from the dropdown list.
  10. Review and adjust any other configuration settings if needed.
  11. Click on the “Next” button.
  12. Review the summary of the changes and click on the “Modify Elasticsearch Domain” button to start the update process.
  13. The update process may take some time to complete. You can monitor the progress in the domain details page.

Additional Reading: