AWS Config Rule: ELB Logging Enabled
ELB_LOGGING_ENABLED
Fernando Honig
Last Update 6 maanden geleden
Description: Checks if the Application Load Balancer and the Classic Load Balancer have logging enabled. The rule is NON_COMPLIANT if the access_logs.s3.enabled is false or access_logs.S3.bucket is not equal to the s3BucketName that you provided.
Trigger type: Configuration changes
AWS Region: All supported AWS regions except Asia Pacific (Hyderabad), Europe (Spain) Region
How to Resolve Manually
To resolve manually, you will first need to naviagate to your Load Balancers section within your AWS Console. Under the 'Description' tab of your chosen Load Balancer, you will be able to see the Load Balancer's attributes. You can see from the example below that the Access Logs are Disabled. This will render the config rule NON-COMPLIANT.
If you click Edit Attributes you will now be able to enable logging for your ELB. You will then choose an S3 Location for these access logs to be uploaded to. Notice that you have the power to create a location if it does not exist already. If you don't specify a prefix, the access logs will be stored in the root of the bucket.
Want to know more about StackZone and how to make your cloud management simple and secure?
Check our how it works section with easy to follow videos or just create your own StackZone Account here