Ensure that all active Amazon Elasticsearch (ES) Reserved Instance purchases are reviewed every 7 days to make sure that no unwanted RI purchase has been placed recently.
This rule can help you work with the AWS Well-Architected Framework.
This rule resolution is part of the Conformity Security & Compliance tool for AWS.
By verifying your Elasticsearch Reserved Instance purchases on a regular basis you can detect and cancel any unwanted purchases placed accidentally or intentionally within your AWS account in order to avoid unexpected charges on your AWS bill.
Note: You can change the default threshold value (i.e. 7 days) set for the review time frame within the conformity rule settings, on your Cloud Conformity account console.
To identify the active Elasticsearch Reserved Instance purchases placed recently within your AWS account for review purposes, perform the following:
Remediation / Resolution
Case A: Verify Amazon CloudTrail logs from the date when the Elasticsearch RI purchase request was placed to determine the request origin and context. To find and analyze the necessary API logging data, perform the following actions:
Case B: To mitigate unwanted AWS Elasticsearch Reserved Instance purchase requests you can contact Amazon Web Services and request the RI purchase cancellation. To create the necessary case using the AWS Support Center console, perform the following:Note: Requesting Amazon to cancel unwanted Elasticsearch Reserved Instance purchase requests using AWS Management Console or AWS API via Command Line Interface (CLI) is not currently supported.
Unlock the Remediation Steps
Free 30-day Trial
Automatically audit your configurations with Conformity
and gain access to our cloud security platform.
You are auditing:
Elasticsearch Reserved Instance Recent Purchases
Risk level: Low