Ensure that EC2Fleet of type maintain has ReplaceUnhealthyInstances set to true

EC2 Fleet checks the health status of the instances in the fleet every two minutes. After setting ReplaceUnhealthyInstances to true, a Spot Instance is replaced when it is reported as unhealthy.

Suggest Edits

Risk Level: Low
Cloud Entity: Amazon EC2 Instance
CloudGuard Rule ID: D9.CFT.OPE.05
Covered by Spectral: Yes
Category: Compute

GSL LOGIC

AWS_EC2_EC2Fleet where type='maintain' should have ReplaceUnhealthyInstances=true

REMEDIATION

From CFT
Set AWS::EC2::EC2Fleet ReplaceUnhealthyInstances property to true

References

https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/manage-ec2-fleet.html#ec2-fleet-health-checks

Amazon EC2 Instance

Amazon Elastic Compute Cloud (Amazon EC2) is a web service that provides secure, resizable compute capacity in the cloud. It is designed to make web-scale cloud computing easier for developers.

Compliance Frameworks

AWS CloudFormation ruleset

Updated 7 months ago