Ensure that your AWS MQ brokers are using the active/standby deployment mode for high availability. The MQ active/standby deployment mode includes two broker instances configured in a redundant pair. To implement this model, AWS MQ service creates a single broker instance in one Availability Zone (AZ) and another standby broker instance in a different AZ. The broker instances communicate with your web application, with each other, and with a shared AWS storage location.
This rule can help you with the following compliance standards:
This rule can help you work with the AWS Well-Architected Framework
This rule resolution is part of the Cloud Conformity Security & Compliance tool for AWS
With the active/standby deployment mode enabled, as opposed to the single-broker mode (enabled by default), you can achieve high availability for your Amazon MQ brokers as the service provides automatic failover capability.
To determine the deployment mode for your AWS MQ brokers, perform the following:
Remediation / Resolution
To enable active/standby deployment mode for your existing Amazon MQ brokers, you must re-create them with the necessary high availability configuration. To relaunch the required MQ brokers, perform the following:
- AWS Documentation
- Amazon MQ
- Amazon MQ Basic Elements
- Getting Started with Amazon MQ
- Amazon MQ Broker Architecture
- Tutorial: Creating and Configuring an Amazon MQ Broker
- Tutorial: Deleting an Amazon MQ Broker
Unlock the Remediation Steps
Free 30-day Trial
Automatically audit your configurations with Conformity
and gain access to our cloud security platform.
You are auditing:
MQ Deployment Mode
Risk level: Low