Back to All Checks
Medium EventBridge Regional

EventBridge global endpoints should have event replication enabled

NIST 800-53

Description

This control checks if event replication is enabled for an Amazon EventBridge global endpoint. The control fails if event replication isn't enabled for a global endpoint. Global endpoints enhance application regional-fault tolerance. They utilize Amazon Route 53 health checks. Upon failover initiation, the health check reports an 'unhealthy' state, and custom events are routed to an event bus in the secondary Region within minutes. When using global endpoints, enabling event replication is possible. This feature sends all custom events to event buses in both the primary and secondary Regions using managed rules. Enabling event replication is recommended during setup to ensure correct configuration. Crucially, event replication is required for automatic recovery from a failover event.

Remediation

To enable event replication for your EventBridge global endpoint, you need to configure the replication settings.

Steps

  1. Navigate to the Amazon EventBridge console
  2. Go to 'Global endpoints' in the left navigation
  3. Select your global endpoint
  4. Choose 'Edit' to modify the endpoint
  5. In the 'Replication' section, enable 'Event replication'
  6. Configure the replication settings for primary and secondary regions
  7. Save the configuration to enable event replication

Compliance

NIST 800-53
Start Your Free Security Check