By using at least two subnets in different Availability Zones with the Cross-Zone Load Balancing feature enabled, your ELBs can distribute the traffic evenly across all backend instances. To use Cross-Zone Load Balancing at optimal level, Amazon recommends maintaining an equal EC2 capacity distribution in each of the AZs registered with the load balancer.
This rule can help you with the following compliance standards:
This rule can help you work with the AWS Well-Architected Framework
This rule resolution is part of the Cloud Conformity Security & Compliance tool for AWS
Enabling Cross-Zone Load Balancing makes it easier to deploy and manage applications that run across multiple subnets in different Availability Zones. This would also guarantee better fault tolerance and more consistent traffic flow. If one of the availability zones registered with the ELB fails (as result of network outage or power loss), the load balancer with the Cross-Zone Load Balancing activated would act as a traffic guard, stopping any request being sent to the unhealthy zone and routing it to the other zone(s).
Note: no extra charges — with cross-zone load balancing implemented, Amazon will not charge for data transfer between the load balancer nodes and backend instances.
Audit
To determine if Cross-Zone Load Balancing is enabled, you need to perform the following:
Remediation / Resolution
To enable Cross-Zone Load Balancing with at least two subnets in different AZs, you need to perform the following:
References
- AWS Documentation
- What Is Elastic Load Balancing?
- How Elastic Load Balancing Works
- Configure Cross-Zone Load Balancing for Your Load Balancer
- AWS Command Line Interface (CLI) Documentation
- elb
- describe-load-balancer-attributes
- modify-load-balancer-attributes
- attach-load-balancer-to-subnets
Unlock the Remediation Steps
Gain free unlimited access
to our full Knowledge Base
Over 750 rules & best practices
for and
Get started for FREE
You are auditing:
ELB Cross-Zone Load Balancing Enabled
Risk level: Medium