Detections
Analytics

Ensure cross-zone load balancing is enabled for AWS LB (Load Balancer)

MEDIUM

Description

AWS Load Balancer has cross-zone load balancing disabled. This will prevent movement of traffic to registered targets outside the availability zone.

Remediation

In AWS Console -

  1. Sign in to AWS Console and open EC2 console.
  2. On the navigation pane, under LOAD BALANCING, choose Load Balancers.
  3. Select your load balancer.
  4. On the Description tab, choose Change cross-zone load balancing setting.
  5. On the Configure Cross-Zone Load Balancing page, select Enable.
  6. Select Save.

In Terraform -

  1. In the aws_lb resource, set the enable_cross_zone_load_balancing field to true.

References:
https://docs.aws.amazon.com/elasticloadbalancing/latest/application/load-balancer-subnets.html
https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/lb#enable_cross_zone_load_balancing

Policy Details

Rule Reference ID: AC_AWS_0156
CSP: AWS
Remediation Available: Yes
Domain: Resilience
Resource: aws_lb
Resource Category: Virtual Network
Resource Type: Load Balancer

Frameworks