Back to All Checks
Medium FSx Regional

FSx for Windows File Server file systems should be configured for Multi-AZ deployment

NIST 800-53

Description

This control checks whether an Amazon FSx for Windows File Server file system is configured to use the Multi-AZ (multiple Availability Zones) deployment type. The control fails if the file system is not configured for Multi-AZ deployment. Amazon FSx for Windows File Server supports two deployment types: Single-AZ composed of a single Windows file server instance and storage volumes within a single Availability Zone, and Multi-AZ composed of a high-availability cluster of Windows file servers spread across two Availability Zones. The Multi-AZ deployment type is recommended for most production workloads due to the high availability and durability model it provides.

Remediation

To configure your FSx Windows File Server file system for Multi-AZ deployment, you need to create a new file system with Multi-AZ deployment type.

Steps

  1. Navigate to the Amazon FSx console
  2. Choose 'Create file system'
  3. Select 'Windows File Server' as the file system type
  4. In the 'Deployment type' section, select 'Multi-AZ'
  5. Configure other settings as needed
  6. Create the file system with Multi-AZ deployment
  7. Migrate your data from the single-AZ file system to the new Multi-AZ file system
  8. Update your applications to use the new Multi-AZ file system
  9. Delete the old single-AZ file system once migration is complete

Compliance

NIST 800-53
Start Your Free Security Check