Ensure that your HTTP/HTTPS applications (monolithic or containerized) are using the Application Load Balancer (ALB) instead of Classic Load Balancer (ELB) for enhanced incoming traffic distribution, better performance and lower costs. Cloud Conformity recommends migrating the HTTP/HTTPS web apps and websites currently running behind an AWS Classic Load Balancer to a new Application Load Balancer.
This rule can help you work with the AWS Well-Architected Framework
This rule resolution is part of the Cloud Conformity Security & Compliance tool for AWS
Running your HTTP/HTTPS applications behind an AWS ALB will provide a number of advantages over the classic AWS ELB such as enhanced web traffic distribution, better flexibility over routing, improved health checks, monitoring and access logging, support for HTTP/2 and WebSocket protocols and deletion protection.
To determine the load balancer type currently used by your HTTP/HTTPS applications, perform the following:Note: Verifying the load balancer type (ELB or ALB) using AWS Command Line Interface (CLI) is not currently supported.
Remediation / Resolution
Option 1: migrate your HTTP/HTTPS web application(s) from a Classic Load Balancer (ELB) to an Application Load Balancer (ALB) using the AWS Management Console and AWS CLI. To move your application(s) instances to the ALB, redirect the traffic and remove the ELB, perform the following:
Option 2: migrate automatically your HTTP/HTTPS web application(s) from an AWS ELB to a new AWS ALB using the Classic Load Balancer to Application Load Balancer Copy Utility developed by Amazon. With this utility tool you can copy the configuration of your existing ELB to create a new ALB with the same configuration and register the existing backend EC2 instances with the newly created Application Load Balancer. All the necessary instructions to install, configure and use the Copy Utility tool can be found at this URL.
- AWS Documentation
- Classic Load Balancer FAQs
- What Is Elastic Load Balancing?
- Migrate from a Classic Load Balancer to an Application Load Balancer
Unlock the Remediation Steps
Free 30-day Trial
Automatically audit your configurations with Conformity
and gain access to our cloud security platform.
You are auditing:
Classic Load Balancer
Risk level: Medium