Detections
Analytics

Ensure load balancer health checks are used for AWS Auto Scaling Groups

MEDIUM

Description

Load balancer health checks are not used for AWS Auto Scaling Groups may lead to performance issues and unavailability of applications.

Remediation

In AWS Console -

  1. Sign in to the AWS Console and go to the EC2 console.
  2. In the navigation pane, under Auto Scaling, choose Auto Scaling Groups.
  3. Select the check box for your group.
  4. Select Edit.
  5. Under Health checks, for Health check type, choose ELB.
  6. For Health check grace period, enter 300.
  7. At the bottom of the page, choose Update.

In Terraform -

  1. Create an 'aws_autoscaling_attachment' resource with an 'elb' linked using the name of the elb.
  2. Set 'autoscaling_group_name' as the Auto Scaling Group having 'health_check_type' set to 'ELB'.

References:
https://docs.aws.amazon.com/autoscaling/application/userguide/what-is-application-auto-scaling.html
https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/autoscaling_attachment

Policy Details

Rule Reference ID: AC_AWS_0546
CSP: AWS
Remediation Available: Yes
Domain: Security Best Practices
Resource: aws_autoscaling_attachment
Resource Category: Compute
Resource Type: Auto Scaling

Frameworks