Ensure that ELB has a health check setup
When the health check is setup, the load balancer performs health checks on all registered instances, whether the instance is in a healthy state or an unhealthy state. The load balancer routes requests only to the healthy instances. When the load balancer determines that an instance is unhealthy, it stops routing requests to that instance.
Risk Level: Low
Cloud Entity: AWS ElasticLoadBalancing LoadBalancer
CloudGuard Rule ID: D9.CFT.NET.11
Covered by Spectral: Yes
Category: Compute
GSL LOGIC
AWS_ElasticLoadBalancing_LoadBalancer should have HealthCheck
REMEDIATION
From CFT
Configure AWS::ElasticLoadBalancing::LoadBalancer HealthCheck options to appropriate values.
References
- https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-elb-health-check.html
- https://docs.aws.amazon.com/elasticloadbalancing/latest/classic/elb-healthchecks.html
AWS ElasticLoadBalancing LoadBalancer
AWS::ElasticLoadBalancing::LoadBalancer Specifies a Classic Load Balancer.You can specify the AvailabilityZones or Subnets property, but not both.If this resource has a public IP address and is also in a VPC that is defined in the same template, you must use the DependsOn attribute to declare a dependency on the VPC-gateway attachment.
Compliance Frameworks
- AWS CloudFormation ruleset
Updated about 1 year ago