Risk Level: Low
Cloud Entity: EC2 Auto Scaling Group
CloudGuard Rule ID: D9.TF.AWS.OPE.20
Covered by Spectral: No
Category: Compute

GSL LOGIC

aws_autoscaling_group should not have suspended_processes

REMEDIATION

In order to resume all process, use to following CLI command:
aws autoscaling resume-processes --auto-scaling-group-name <ASG Name>

It's possible to resume a specific process with the tag: --scaling-processes <Process Name>

suspendable process Names are: [AZRebalance, AddToLoadBalancer, AlarmNotification, HealthCheck, InstanceRefresh, Launch, ReplaceUnhealthy, ScheduledActions, Terminate].
For more information: https://docs.aws.amazon.com/autoscaling/ec2/userguide/as-suspend-resume-processes.html

EC2 Auto Scaling Group

An Auto Scaling group contains a collection of Amazon EC2 instances that are treated as a logical grouping for the purposes of automatic scaling and management. An Auto Scaling group also enables you to use Amazon EC2 Auto Scaling features such as health check replacements and scaling policies. Both maintaining the number of instances in an Auto Scaling group and automatic scaling are the core functionality of the Amazon EC2 Auto Scaling service.

Compliance Frameworks

Terraform AWS CIS Foundations