AWS Config Rule: ELB Logging Enabled

ELB_LOGGING_ENABLED

Fernando Honig

Last Update 6 maanden geleden

Description: Checks if the Application Load Balancer and the Classic Load Balancer have logging enabled. The rule is NON_COMPLIANT if the access_logs.s3.enabled is false or access_logs.S3.bucket is not equal to the s3BucketName that you provided.


Trigger type: Configuration changes


AWS Region: All supported AWS regions except Asia Pacific (Hyderabad), Europe (Spain) Region


How to Resolve Manually

To resolve manually, you will first need to naviagate to your Load Balancers section within your AWS Console. Under the 'Description' tab of your chosen Load Balancer, you will be able to see the Load Balancer's attributes. You can see from the example below that the Access Logs are Disabled. This will render the config rule NON-COMPLIANT.


If you click Edit Attributes you will now be able to enable logging for your ELB. You will then choose an S3 Location for these access logs to be uploaded to. Notice that you have the power to create a location if it does not exist already. If you don't specify a prefix, the access logs will be stored in the root of the bucket.


Want to know more about StackZone and how to make your cloud management simple and secure?

Check our how it works section with easy to follow videos or just create your own StackZone Account here

Was this article helpful?

1 out of 1 liked this article

Still need help? Message Us