Risk Level: Low
Description:
This plugin guarantees that cross-zone load balancing is enabled on AWS ELBs. Cross-zone load balancing should be configured on AWS ELBs to distribute traffic evenly across registered instances in all enabled Availability Zones.
PingSafe strongly recommends updating AWS ELB to enable cross-zone load balancing.
About the Service :
The Amazon ECS service may be configured to employ Elastic Load Balancing to uniformly distribute traffic among your service's jobs. The transport layer (TCP/SSL) or the application layer (HTTP/HTTPS) are where a Classic Load Balancer makes routing choices. A fixed relationship between the load balancer port and the container instance port is presently required by traditional load balancers.
Impact :
It's easier to install and maintain applications that operate across several subnets in various Availability Zones when Cross-Zone Load Balancing is enabled. This would also provide higher fault tolerance and traffic flow consistency.
Steps to reproduce :
- Login to your AWS Management Console.
- Navigate to the EC2 console.
https://ap-south-1.console.aws.amazon.com/ec2/
- Click on Load Balancers under Load Balancing.
- Select your load balancer and then navigate to the Description tab, check if the Cross-Zone load Balancing status is enabled.
- Repeat steps for other load balancers as well.
Steps for remediation :
- Login to your AWS Management Console.
- Navigate to the EC2 console.
https://ap-south-1.console.aws.amazon.com/ec2/ - Click on Load Balancers under Load Balancing.
- Select your load balancer and then navigate to the Description tab, check if the Cross-Zone load Balancing status is enabled.
- Click on the Edit button adjacent to the Cross-Zone load Balancing and click on enable.
- Repeat steps for other load balancers as well.
References: