AWS Config Rule: CLB Desync Mode Check
CLB_DESYNC_MODE_CHECK
Eduardo Van Cauteren
Last Update 10 months ago
Description: Checks if Classic Load Balancers (CLB) are configured with a user defined Desync mitigation mode. The rule is NON_COMPLIANT if CLB Desync mitigation mode does not match with user defined Desync mitigation mode.
Trigger type: Configuration changes
AWS Region: All supported AWS regions except China (Beijing), Asia Pacific (Jakarta), Middle East (UAE), AWS GovCloud (US-East), AWS GovCloud (US-West), Europe (Spain), China (Ningxia), Europe (Zurich) Region
How to Resolve Manually
In AWS console this parameter can be one of three options:
- Defensive
- Strictest
- Monitor
When this AWS Config Rule references "user defined desync mitigation mode", it means your chosen parameter from the three above. By default, StackZone sets this to monitor, but you can define up to two parameters for this Config Rule.
In order to resolve this manually, you will need to first head over to your EC2 Dashboard within your AWS Console. Ensure to select the correct region for where your CLB is located.
Choose Load Balancers from the left hand side menu. When the list of load balancers appears, choose the one you wish to edit the attributes for.
Once you have selected your target load balancer, scroll down into the Description tab and click on Configure desync mitigation mode and select your desired mitigation mode.
Want to know more about StackZone and how to make your cloud management simple and secure?
Check our how it works section with easy to follow videos or just create your own StackZone Account here
