Ensure Auto Scaling group have scaling cooldown configured

Scaling cooldown prevents your ASG from executing scaling activity before other scaling activity ends. You should not set the cooldown to be less than one minute.

Risk Level: Low
Cloud Entity: EC2 Auto Scaling Group
CloudGuard Rule ID: D9.TF.AWS.OPE.21
Covered by Spectral: No
Category: Compute

GSL LOGIC

aws_autoscaling_group should have default_cooldown>=60

REMEDIATION

In order to set scaling cooldown, use to following CLI command:
aws autoscaling update-auto-scaling-group --auto-scaling-group-name <ASG Name> --default-cooldown <NumberOfSeconds>
NumberOfSeconds should be >= 60

For more information: https://docs.aws.amazon.com/autoscaling/ec2/userguide/Cooldown.html
CLI: https://docs.aws.amazon.com/cli/latest/reference/autoscaling/update-auto-scaling-group.html

EC2 Auto Scaling Group

An Auto Scaling group contains a collection of Amazon EC2 instances that are treated as a logical grouping for the purposes of automatic scaling and management. An Auto Scaling group also enables you to use Amazon EC2 Auto Scaling features such as health check replacements and scaling policies. Both maintaining the number of instances in an Auto Scaling group and automatic scaling are the core functionality of the Amazon EC2 Auto Scaling service.

Compliance Frameworks

  • Terraform AWS CIS Foundations