AWS-ES-ElasticSearch-Upgrade-Available

Severity: Medium

Description: This Control ensures that Elasticsearch Service domains are using the latest version of the Elasticsearch engine. AWS Elasticsearch Service domain gives the flexibility to choose the Elasticsearch engine version at the time of creation and upgrade option after creation. Using the latest version for the Elasticsearch engine ensures regular security patches.

Remediation Steps:

Perform following to enable latest version updates for ES:

1. Login to the AWS Management Console at https://console.aws.amazon.com.

2. Navigate to ES console.

3. In the navigation pane, under My domains, choose the domain that you want to upgrade the engine version. 

4. In the Actions, dropdown chooses the Upgrade domain option.

5. In the Version to upgrade to field choose the latest version from the dropdown. 

6. Click Submit.

Important:

AWS Elasticsearch Service does not support in-place Elasticsearch upgrades For Elasticsearch engine versions 1.5 and 2.3. To upgrade these versions refer https://docs.aws.amazon.com/elasticsearch-service/latest/developerguide/es-version-migration.html .

Reference:

• https://docs.aws.amazon.com/elasticsearch-service/latest/developerguide/es-version-migration.htm