Rule: Auto Scaling groups associated with a load balancer
Guideline ensuring Auto Scaling groups use load balancer health checks
| Rule | Auto Scaling groups associated with a load balancer should use load balancer health checks |
| Framework | AWS Foundational Security Best Practices |
| Severity | ✔ Low |
Rule Description
According to the AWS Foundational Security Best Practices, Auto Scaling groups associated with a load balancer should use load balancer health checks. This ensures that instances in the Auto Scaling group are only considered healthy if they pass the health checks performed by the load balancer. By following this rule, you enhance the resiliency and availability of your application.
Troubleshooting Steps
If there are issues with load balancer health checks or instances failing the checks, you may encounter the following scenarios:
- 1.
Instances failing load balancer health checks: If instances in your Auto Scaling group are continuously failing the load balancer health checks, there might be a problem with the application or services running on those instances. You should investigate and identify the cause of the failures.
- 2.
Inconsistent health check results: In some cases, you may experience inconsistent health check results, where instances intermittently fail and then pass the health checks. This might indicate intermittent issues with the application or network connectivity. Troubleshoot these intermittent health check failures to ensure the stability of your environment.
Necessary Codes
There are no specific codes associated with this rule. However, you may need to make changes to your Auto Scaling group and load balancer configurations.
Step-by-Step Guide for Remediation
To ensure that your Auto Scaling groups associated with a load balancer are using load balancer health checks, follow these step-by-step instructions:
- 1.
Identify the load balancer: Determine the load balancer associated with your Auto Scaling group. You can find this information in the AWS Management Console or by using the AWS Command Line Interface (CLI).
- 2.
Configure load balancer health checks: Access the load balancer configuration and specify the health check settings. This includes defining the target, protocol, port, and other parameters for the health checks. Ensure that these settings are aligned with your application's requirements.
- 3.
Update Auto Scaling group configuration: Modify the Auto Scaling group configuration to use the load balancer health checks. Ensure that the health check type is set to "ELB" or "ELB-EC2" depending on the type of load balancer you are using.
- 4.
Test the health checks: Validate that the instances in your Auto Scaling group are passing the load balancer health checks. Monitor the health check results to ensure there are no failures.
- 5.
Investigate and troubleshoot failures: If any instances fail the load balancer health checks or exhibit intermittent failures, investigate and troubleshoot the underlying cause. This may involve reviewing application logs, checking network connectivity, or analyzing system metrics.
- 6.
Implement remediation steps: Once you have identified the cause of any failures, apply necessary fixes or optimizations to ensure that instances consistently pass the load balancer health checks.
By following these steps, you can ensure that your Auto Scaling groups are using load balancer health checks effectively, enhancing the reliability and availability of your application.