Open menu

AWS ELBv2 Best Practices

Enable AWS ALB (ELBv2) Access Logging
Ensure access logging is enabled for your AWS ALBs to follow security best practices.

Enable Elastic Load Balancing Deletion Protection
Ensure Deletion Protection feature is enabled for your AWS load balancers to follow security best practices.

Idle Elastic Load Balancers (ELBv2)
Find idle Elastic Load Balancers (ELBv2) and terminate them in order to reduce AWS costs.

ELBv2 Instances Distribution Across AZs
Ensure even distribution of AWS ELBv2 backend instances across Availability Zones (AZs).

Review AWS Internet Facing Load Balancers
Ensure internet-facing ELBv2 load balancers are regularly reviewed for security reasons (informational).

AWS ALB (ELBv2) Listener Security
Ensure that your Application Load Balancer (ALB) listeners are using a secure protocol such as HTTPS.

Minimum Number of EC2 Target Instances
Ensure there is a minimum number of two healthy target instances associated with each AWS ELBv2 load balancer.

AWS ELBv2 Security Groups
Ensure that your Amazon ELBv2 load balancers have secure and valid security groups.

AWS ALB (ELBv2) Security Policy
Ensure AWS Application Load Balancers (ALBs) are using the latest predefined security policy.

Unused Elastic Load Balancers (ELBv2)
Identify unused Elastic Load Balancers (ELBv2) and delete them in order to reduce AWS costs.