An Application Load Balancer (ALB) instance is considered compliant if access control is set for all its running listeners.
Scenarios
Configure access control for ALB listeners to reduce network exposure and strengthen cloud environment security.
Risk level
Default risk level: Medium.
You can change the risk level of this rule as required.
Detection logic
-
An ALB instance is considered compliant if access control is set for all its running listeners.
-
An ALB instance is considered non-compliant if access control is not configured for any of its running listeners. For more information about how to fix this issue, see Fixes.
-
This rule does not apply to ALB instances with no listeners configured. Such instances are marked as not applicable.
Rule details
|
Parameter |
Description |
|
Rule name |
Set access control for all running listeners of an ALB instance |
|
Rule identifier |
alb-all-listener-enabled-acl |
|
Tags |
ALB, Listener |
|
Automatic correction |
Not supported |
|
Rule trigger |
Periodic |
|
Trigger frequency |
24 hours |
|
Supported resource types |
ALB instance |
|
Rule input parameters |
None |
Fixes
Configure access control for all running listeners of the ALB instance. For more information, see Access control.