Back to All Checks
Medium FSx Regional

FSx for OpenZFS file systems should be configured for Multi-AZ deployment

NIST 800-53

Description

This control checks whether an Amazon FSx for OpenZFS file system is configured to use the multiple Availability Zones (Multi-AZ) deployment type. The control fails if the OpenZFS file system isn't configured for Multi-AZ deployment. Amazon FSx for OpenZFS offers several deployment types: Multi-AZ (HA) provides high availability by using a pair of file servers spread across two Availability Zones, Single-AZ (HA) is a single Availability Zone deployment with high availability, and Single-AZ (non-HA) is a single Availability Zone deployment without high availability. The Multi-AZ (HA) deployment type is recommended for most production workloads due to its superior availability and durability model.

Remediation

To configure your FSx OpenZFS file system for Multi-AZ deployment, you need to create a new file system with Multi-AZ deployment type.

Steps

  1. Navigate to the Amazon FSx console
  2. Choose 'Create file system'
  3. Select 'OpenZFS' as the file system type
  4. In the 'Deployment type' section, select 'Multi-AZ (HA)'
  5. Configure other settings as needed
  6. Create the file system with Multi-AZ deployment
  7. Migrate your data from the single-AZ file system to the new Multi-AZ file system
  8. Update your applications to use the new Multi-AZ file system
  9. Delete the old single-AZ file system once migration is complete

Compliance

NIST 800-53
Start Your Free Security Check