Ensure your AWS Auto Scaling Group (ASG) health check feature is properly configured to detect whether its registered EC2 instances are healthy or not. If an AWS Elastic Load Balancer (ELB) is being used for distributing traffic across instances within the ASG make sure that the ELB health check is enabled (works at hypervisor and application level). If an Elastic Load Balancer is not being used within your ASG make sure that the EC2 health check is enabled (works at hypervisor level only).
This rule can help you with the following compliance standards:
- NIST 800-53 (Rev. 4)
This rule can help you work with the AWS Well-Architected Framework
This rule resolution is part of the Cloud Conformity Security & Compliance tool for AWS
By using the right health check configuration for your Auto Scaling Groups, you can increase the reliability and availability of the applications deployed within these groups.
To determine if your ASGs are configured properly for using health checks and to verify the health check type used (ELB or EC2-based), perform the following:
Remediation / Resolution
To update your ASGs health check configuration based on whether these are associated with a load balancer, perform the following:
Unlock the Remediation Steps
Gain free unlimited access
to our full Knowledge Base
Over 750 rules & best practices
You are auditing:
Auto Scaling Group Health Check
Risk level: Medium