Ensure AWS MQBroker version is up to date
Error: AWS MQBroker version is not up to date
Bridgecrew Policy ID: BC_AWS_GENERAL_120
Checkov Check ID: CKV_AWS_208
Severity: LOW
AWS MQBroker version is not up to date
Description
This test examines the value of engine version for MQ, and flags if the version is less than the minimum required:
minimumActiveMQ = 5.16
minimumRabbitMQ = 3.8
Current versions supported can be found here:
https://docs.aws.amazon.com/amazon-mq/latest/developer-guide/activemq-version-management.html
https://docs.aws.amazon.com/amazon-mq/latest/developer-guide/rabbitmq-version-management.html
Fix - Runtime
Fix - Buildtime
Terraform
Modify the engine version in either aws_mq_configuration or aws_mq_broker, to be higher or equal to the minimums:
resource "aws_mq_configuration" "example" {
description = "Example Configuration"
name = "example"
engine_type = "ActiveMQ"
+ engine_version = "5.17.1"
data = <<DATA
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<broker xmlns="http://activemq.apache.org/schema/core">
<plugins>
<forcePersistencyModeBrokerPlugin persistenceFlag="true"/>
<statisticsBrokerPlugin/>
<timeStampingBrokerPlugin ttlCeiling="86400000" zeroExpirationOverride="86400000"/>
</plugins>
</broker>
DATA
}
Updated 3 months ago