Ensure that your Amazon Database Migration Service (DMS) replication instances are using Multi-AZ deployment configurations to provide High Availability (HA) through automatic failover to standby replicas in the event of a failure such as an Availability Zone (AZ) outage, an internal hardware or network outage, a software failure or in case of a planned maintenance session.
This rule can help you with the following compliance standards:
- NIST4
For further details on compliance standards supported by Conformity, see here.
This rule resolution is part of the Conformity Security & Compliance tool for AWS.
With Multi-AZ feature enabled, AWS DMS service creates and maintains synchronous replicas across different Availability Zones to provide data redundancy, eliminate I/O freeze-ups and minimize latency spikes. Running a replication instance with Multi-AZ deployment enabled will improve availability during system maintenance, help protect the instance against failure and Availability Zone disruption, and provide redundant replication stream during ongoing replications and long database migrations.
Audit
To determine if your Amazon DMS replication instances are using Multi-AZ configurations, perform the following actions:
Remediation / Resolution
To update your Amazon DMS replication instances configuration in order to enable Multi-AZ deployment, perform the following actions:
References
- AWS Documentation
- AWS Database Migration Service FAQs
- How AWS Database Migration Service Works
- Working with an AWS DMS Replication Instance
- Best Practices for AWS Database Migration Service
- AWS Command Line Interface (CLI) Documentation
- dms
- describe-replication-instances
- modify-replication-instance