Ensure that your AWS Auto Scaling Groups (ASGs) are configured to use a cooldown period to temporarily suspend any scaling activities in order to allow the newly launched EC2 instance(s) some time to start handling the application traffic.
This rule resolution is part of the Conformity Security & Compliance tool for AWS.
If the cooldown period is set to 0, the AWS ASG service can initiate another scaling event before the effects of a previous event become evident. Since a newly launched EC2 instance need time for booting and initial software configuration before it can take some of the application workload, implementing a proper cooldown period to temporarily suspend any scaling actions is strongly recommended.
Note 1: Cooldown periods are not supported by step scaling or scheduled scaling policies.
Note 2: The "Default Cooldown" value is set to 300 seconds, however, you can change the default threshold for this rule on Cloud Conformity console and set your own value for the cooldown period based on your requirements.
To identify any AWS ASGs that are not using appropriate cooldown periods, perform the following actions:
Remediation / Resolution
To implement an appropriate cooldown period for your Amazon Auto Scaling Groups, perform the following:
Unlock the Remediation Steps
Free 30-day Trial
Automatically audit your configurations with Conformity
and gain access to our cloud security platform.
You are auditing:
Auto Scaling Group Cooldown Period
Risk level: High