Ensure that access logging is enabled for the ELB v2

Elastic Load Balancing provides access logs that capture detailed information about requests sent to your load balancer. Each log contains information such as the time the request was received, the client's IP address, latencies, request paths, and server responses. You can use these access logs to analyze traffic patterns and troubleshoot issues.

Risk Level: Low
Cloud Entity: AWS ElasticLoadBalancingV2 LoadBalancer
CloudGuard Rule ID: D9.CFT.LOG.06
Covered by Spectral: Yes
Category: Compute

GSL LOGIC

AWS_ElasticLoadBalancingV2_LoadBalancer should have LoadBalancerAttributes contain [ Key='access_logs.s3.enabled' and Value='true' ]

REMEDIATION

From CFT
Set AWS::ElasticLoadBalancingV2::LoadBalancer LoadBalancerAttribute property to Key=access_logs.s3.enabled and Value=true

References

  1. https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-loadbalancer-loadbalancerattributes.html
  2. https://docs.aws.amazon.com/elasticloadbalancing/latest/application/load-balancer-access-logs.html

AWS ElasticLoadBalancingV2 LoadBalancer

Elastic Load Balancing automatically distributes your incoming traffic across multiple targets, such as EC2 instances, containers, and IP addresses, in one or more Availability Zones. It monitors the health of its registered targets, and routes traffic only to the healthy targets. Elastic Load Balancing scales your load balancer as your incoming traffic changes over time. It can automatically scale to the vast majority of workloads. AWS::ElasticLoadBalancingV2::LoadBalancer Specifies an Application Load Balancer, a Network Load Balancer, or a Gateway Load Balancer.

Compliance Frameworks

  • AWS CloudFormation ruleset