Ensure that your web-tier Auto Scaling Groups (ASGs) have associated Elastic Load Balancers (ELBs) to equally distribute incoming traffic across all EC2 instances available within the ASG and help provide high availability for your web applications. This conformity rule assumes that all AWS resources (including AWS ASGs) created for your web tier are tagged with <web_tier_tag>:<web_tier_tag_value>, where <web_tier_tag> is the tag name and <web_tier_tag_value> is the tag value. Prior to running this rule by the Cloud Conformity engine, the web-tier tags must be well known and configured in the rule settings, on your Cloud Conformity account dashboard.
This rule can help you with the following compliance standards:
- APRA
This rule resolution is part of the Cloud Conformity Security & Compliance tool for AWS
Attaching AWS Elastic Load Balancers (ELBs) to your web-tier Auto Scaling Groups (ASGs) can help you maintain the availability of the EC2 compute resources in the event of a failure and improve scaling for the instances behind the load balancers (also known as backend instances).
Audit
To determine if your web-tier ASGs have associated ELBs, perform the following:
Remediation / Resolution
To create an AWS Elastic Load Balancer (ELB) and associate it with your web-tier Auto Scaling Group (ASG), perform the following actions:
References
- AWS Documentation
- Auto Scaling Groups
- Troubleshooting Amazon EC2 Auto Scaling: Load Balancer Issues
- Attaching a Load Balancer to Your Auto Scaling Group
- CIS Amazon Web Services Foundations
- AWS Command Line Interface (CLI) Documentation
- autoscaling
- describe-auto-scaling-groups
- attach-load-balancers
- elb
- create-load-balancer
- ec2
- create-security-group
- authorize-security-group-ingress
- authorize-security-group-egress
Unlock the Remediation Steps
Gain free unlimited access
to our full Knowledge Base
Over 750 rules & best practices
for and
Get started for FREE
You are auditing:
Web-Tier Auto Scaling Group associated ELB
Risk level: Medium