Ensure AWS MQBroker version is up to date

Error: AWS MQBroker version is not up to date

Bridgecrew Policy ID: BC_AWS_GENERAL_120
Checkov Check ID: CKV_AWS_208
Severity: LOW

AWS MQBroker version is not up to date

Description

This test examines the value of engine version for MQ, and flags if the version is less than the minimum required:

minimumActiveMQ = 5.16
minimumRabbitMQ = 3.8

Current versions supported can be found here:
https://docs.aws.amazon.com/amazon-mq/latest/developer-guide/activemq-version-management.html
https://docs.aws.amazon.com/amazon-mq/latest/developer-guide/rabbitmq-version-management.html

Fix - Runtime

Fix - Buildtime

Terraform

Modify the engine version in either aws_mq_configuration or aws_mq_broker, to be higher or equal to the minimums:

resource "aws_mq_configuration" "example" {
  description    = "Example Configuration"
  name           = "example"
  engine_type    = "ActiveMQ"
 + engine_version = "5.17.1"

  data = <<DATA
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<broker xmlns="http://activemq.apache.org/schema/core">
  <plugins>
    <forcePersistencyModeBrokerPlugin persistenceFlag="true"/>
    <statisticsBrokerPlugin/>
    <timeStampingBrokerPlugin ttlCeiling="86400000" zeroExpirationOverride="86400000"/>
  </plugins>
</broker>
DATA
}

Updated 9 months ago