Back to All Checks
Low Recover Regional

ActiveMQ brokers should use active/standby deployment mode

NIST 800-53

Description

This control checks whether the deployment mode for an Amazon MQ ActiveMQ broker is set to active/standby. The control fails if a single-instance broker (which is enabled by default) is set as the deployment mode. Active/standby deployment provides high availability for Amazon MQ ActiveMQ brokers in an AWS Region. This deployment mode includes two broker instances in two different Availability Zones, configured as a redundant pair. These brokers communicate synchronously with your application, which helps reduce downtime and loss of data in the event of a failure.

Remediation

To remediate ActiveMQ brokers not using active/standby deployment mode, you need to modify the broker to use active/standby deployment mode.

Steps

  1. Navigate to the Amazon MQ console
  2. Select the ActiveMQ broker that needs remediation
  3. Click on 'Edit' or 'Modify' broker
  4. Go to 'Configuration' settings
  5. Change 'Deployment mode' to 'Active/Standby'
  6. Select two different Availability Zones
  7. Configure the standby broker settings
  8. Review the high availability configuration
  9. Apply the changes to the broker
  10. Verify active/standby mode is working

Compliance

NIST 800-53
Start Your Free Security Check