Open menu
-->

Enable Elastic Beanstalk Enhanced Health Reporting

Cloud Conformity allows you to automate the auditing process of this resolution page. Register for a 14 day evaluation and check your compliance level for free!

Start a Free Trial Product features
Operational
excellence

Risk level: Medium (should be achieved)

Ensure that the Enhanced Health Reporting feature is enabled for all Amazon Elastic Beanstalk (EB) environments provisioned in your AWS account. Enhanced Health Reporting is the AWS Elastic Beanstalk feature that allows the service to gather additional information about the resources available within your EB environments. Once the feature is enabled, the EB service analyzes all the information gathered to provide a better picture of the overall environment health and to help you identify any issues that can cause your web application(s) to become unavailable. Enhanced Health Reporting describes EB environment health using four colors: Green, Yellow, Red and Grey and seven health statuses that provide the best indication of the current state of your environment health: OK – no issues, Warning – moderate number of request failures, Degraded – high number of request failures, Severe – a very high number of request failures, Info – instance operation in progress, Pending – instance operation in progress within command timeout, Unknown – insufficient amount of health data received.

With Enhanced Health Reporting feature enabled you have access to advanced monitoring which is extremely useful for production environments because is crucial to know if your web application is available and is responding to requests.

Audit

To identify AWS EB environments with Enhanced Health Reporting feature disabled, perform the following:

Using AWS Console

01 Sign in to AWS Management Console.

02 Navigate to Elastic Beanstalk (EB) dashboard at https://console.aws.amazon.com/elasticbeanstalk/.

03 Choose the EB application environment that you want to examine.

04 In the left navigation panel choose Configuration to access the environment settings.

05 Inside Web Tier section, within Health configuration box, check Health reporting attribute status. If the configuration attribute status is set to Basic, the Enhanced Health Reporting feature is not currently enabled for the selected AWS Elastic Beanstalk application environment.

06 Repeat steps no. 3 – 5 to check the health reporting configuration for other Amazon EB environments provisioned in the current region.

07 Change the AWS region from the navigation bar and repeat the process for the other regions.

Using AWS CLI

01 Run describe-environments command (OSX/Linux/UNIX) using custom query filters to list the names of the Elastic Beanstalk application environments available in the selected AWS region:

aws elasticbeanstalk describe-environments
  --region us-east-1
  --output table
  --query 'Environments[*].EnvironmentName'

02 The command output should return a table with the requested EB environment names:

----------------------
|DescribeEnvironments|
+--------------------+
|  CcProduction-env  |
|  CcWebAppV8-env    |
|  CcSandBoxV8-env   |
+--------------------+

03 Execute again describe-environments command (OSX/Linux/UNIX) using the name of the EB application environment that you want to examine as identifier to expose the health reporting configuration status set for the selected environment:

aws elasticbeanstalk describe-environments
  --region us-east-1
  --environment-names CcProduction-env
  --query 'Environments[*].HealthStatus'

04 The command output should return the Enhanced Health Reporting status or an empty array if the feature is not enabled:

[]

If the describe-environments command output returns an empty array, i.e. [] (as shown in the output example above), the Enhanced Health Reporting feature is not currently enabled for the selected Amazon Elastic Beanstalk application environment.

05 Repeat step no. 3 and 4 to verify the health reporting configuration for other AWS EB environments created in the current region.

06 Change the AWS region by updating the --region command parameter value and repeat steps no. 1 - 5 to perform the audit process for other regions.

Remediation / Resolution

To enable Enhanced Health Reporting feature for your running Amazon Elastic Beanstalk (EB) application environments, perform the following actions:

Using AWS Console

01 Sign in to AWS Management Console.

02 Navigate to Elastic Beanstalk (EB) dashboard at https://console.aws.amazon.com/elasticbeanstalk/.

03 Choose the EB resource that you want to reconfigure (see Audit section part I to identify the right application environment).

04 In the left navigation panel choose Configuration to access the environment settings.

05 Inside Web Tier section, within Health configuration box, click the edit configuration button to access the environment health monitoring setting page.

06 On the setting page, within Health Reporting section, select Enhanced from the System type dropdown list to enable Enhanced Health Reporting feature. Click Apply to confirm the changes.

07 Once the configuration is successfully updated, the following message will be displayed: "SystemType: Changing health reporting system type setting replaces all of your current instances.". Click Save to apply the changes.

08 Repeat steps no. 3 – 7 to enable Enhanced Health Reporting for other Amazon EB application environments launched in the current region.

09 Change the AWS region from the navigation bar and repeat the process for other regions.

Using AWS CLI

01 Run update-environment command (OSX/Linux/UNIX) using the name of the Elastic Beanstalk environment that you want to reconfigure (see Audit section part II to identify the right EB resource) to enable Enhanced Health Reporting for the selected application environment:

aws elasticbeanstalk update-environment
  --region us-east-1
  --environment-name CcProduction-env
  --option-settings Namespace=aws:elasticbeanstalk:healthreporting:system,OptionName=SystemType,Value=enhanced

02 The command output should return the update-environment command request metadata:

{
    "ApplicationName": "cc-prod-web-app",
    "EnvironmentName": "CcProduction-env",
    "VersionLabel": "Web Application",
    "Status": "Updating",
    "EnvironmentArn": "arn:aws:elasticbeanstalk:us-east-1:123456789012:environment/cc-prod-web-app/CcProduction-env",
    "PlatformArn": "arn:aws:elasticbeanstalk:us-east-1::platform/PHP 7.1 running on 64bit Amazon Linux/2.5.0",
    "SolutionStackName": "64bit Amazon Linux 2017.03 v2.5.0 running PHP 7.1",

    ...

    "AbortableOperationInProgress": true,
    "Tier": {
        "Version": "3",
        "Type": "Standard",
        "Name": "WebServer"
    },
    "Health": "Grey",
    "DateUpdated": "2017-10-22T11:29:31.669Z",
    "DateCreated": "2017-10-22T08:23:52.267Z"
}

03 Repeat step no. 1 and 2 to enable Enhanced Health Reporting for other AWS Elastic Beanstalk environments available in the current region.

04 Change the AWS region by updating the --region command parameter value and repeat steps no. 1 - 3 to perform the entire process for other regions.

References

Publication date Nov 1, 2017