Skip to main content
All CollectionsControl Tests
Test: Availability Zones Used
Test: Availability Zones Used

Drata inspects your company infrastructure configurations to determine if multiple availability zones (AZs) are utilized.

Ashley Hyman avatar
Written by Ashley Hyman
Updated over a week ago

ASSOCIATED DRATA CONTROL

This test is part of the Multiple Availability Zones control that ensures your company utilizes multiple availability zones (AZs) to replicate production data across different zones.

WHAT TO DO IF A TEST FAILS

If Drata finds database systems that are not configured to utilize multiple AZs the test will fail. With a failed test you will receive a list of database systems lacking AZ configuration.

To remediate a failed test, you will need to ensure that all production databases have multiple AZ replication enabled.

STEPS FOR PASSING

To ensure a validated state when testing for Availability Zones, please follow the steps listed in the table below. Once the provider steps have been completed, navigate back to Drata and execute the test.

Provider / Technology

Provider Steps

Atlas

  1. Create an organization project, if none currently exist

  2. Click New Project and make sure to give it a unique name

  3. On a project, click Create a New Cluster

    1. Any pricing tier / configuration will pass this test

  4. Click Create

AWS - DocDB

  1. Go to DocDB service

  2. Create a DocDB cluster

AWS - DynamoDB

By default, DynamoDB is replicated. There should be no additional configuration needed.

AWS - Elasticache

  1. Navigate to the ElastiCache service

  2. Click on Redis

  3. Click on the Create button

    1. Cluster Engine - Redis

    2. Location - Amazon Cloud

    3. Enter a name

    4. Set a Node type

    5. Click on Multi-AZ

  4. Click on Create button

AWS - Elasticsearch

  1. Choose deployment type

    1. Go to Elasticsearch service

    2. Click on 'Create a new domain'

    3. Choose deployment type

      1. (Development and Testing) [One availability zone ]

    4. Choose latest Version under 'Elasticsearch Version'

    5. Choose a name for 'Elasticsearch domain name'

    6. Custom endpoint - leave blank

  2. Configure domain

    1. Set Data Nodes

    2. Set Number of Nodes: 2

    3. Data nodes storage: leave everything as is

    4. Dedicated master nodes: leave everything as is

  3. Configure access and security

    1. Select VPC Access:

    2. Uncheck Enable fine-grained access control

    3. Access Policy: Domain access policy - Allow open access to the domain

  4. Click submit

AWS - RDS

  1. Go to RDS service

  2. Click on Create database button

  3. Click on Standard create

    1. Engine options - any

    2. Templates - Dev/test

    3. DB instance identifier - enter a name

    4. Credentials Settings - click on "Auto generate a password"

    5. DB instance size - smallest one

    6. Availability & durability - Multi-AZ deployment - Create a standby instance (recommended for production usage)

  4. Click on Create database button

AWS - S3

We do not check - S3 since AWS does not replicate to different AZ,

GCP - Memcache

  1. GCP Menu -> Databases -> Memorystore -> Memcached

  2. Create Instance

    1. Set Instance ID

    2. Set Region

    3. Set Zone

    4. Set Nodes: 1

    5. Set Memory per node

    6. Set Cores per Node

GCP - Redis

  1. GCP Menu -> Databases -> Memorystore -> Redis

  2. Create Instance

    1. Set Instance ID

    2. Set Tier

    3. Set Location

    4. Set Capacity

  3. Click Save

GCP - MySQL

  1. GCP Menu -> Databases -> SQL

  2. Create Instance

  3. Select MySQL

    1. Set Instance ID

    2. Set Region

    3. Set Zone

    4. Set Database Version

  4. Open 'Show Configuration Options'

  5. Open 'Backups, recovery, and high availability'

    1. Under Availability: Select 'High Availability (regional)'

HELPFUL RESOURCES

Did this answer your question?