Ensure that your AWS Elastic Load Balancers have at least two healthy EC2 backend instances assigned, in order to provide a better fault-tolerant load balancing configuration.
This rule can help you with the following compliance standards:
For further details on compliance standards supported by Conformity, see here.
This rule can help you work with the AWS Well-Architected Framework.
This rule resolution is part of the Conformity Security & Compliance tool for AWS.
Having just one EC2 instance behind your Elastic Load Balancer (ELB), even if the ELB is associated with an Auto Scaling Group (ASG) that can add instances automatically, increases the risk of downtime. To achieve fault tolerance with zero downtime, always register at least two EC2 instances with your ELB.
A common scenario where an ELB utilizes a single EC2 instance is when the instance is a part of an Auto Scaling Group with min, max and desired capacity set to 1. To determine if each ELB available in your account distributes the traffic to at least two healthy backend instances, perform the following:
Remediation / Resolution
To register additional healthy EC2 backend instances with your Elastic Load Balancers, perform the following:
Unlock the Remediation Steps
Free 30-day Trial
Automatically audit your configurations with Conformity
and gain access to our cloud security platform.
You are auditing:
ELB Minimum Number Of EC2 Instances
Risk level: High