Share on FacebookTweet about this on TwitterShare on LinkedIn

Amazon Web Services announced four new checks to the Trusted Advisor tool in the Management Console. The Trusted Advisor allows an administrator or IAM user with the correct permission to run a series of checks for security, economy and fault tolerance across a wide variety of resources within an AWS account.

This latest set of checks focus on Elastic Load Balancers and in particular security and fault tolerance for ELBs. The new security checks include ELB Listener Security and ELB Security Groups.

ELB Listener Security – This check looks for load balancers that do not use recommended security configurations or protocols. It checks to see if the latest version of applicable security policies are in place and verifies that only recommended ciphers and protocols are used.

 

ELB Security Groups – This check looks for load balancers that do not have a security group, or that have a security group which allows access to ports that are not configured for the load balancer.

 

The remaining two new checks focus on high availability and help you plan and maintain your environment for fault tolerance

Cross-Zone Load Balancing – This check looks for load balancers that do not have cross-zone load balancing enabled. This feature makes it easier for you to deploy and manage applications that run across more than one Availability Zone.

 

Screen Shot 2015-03-19 at 6.08.41 PM

ELB Connection Draining – This check looks for load balancers that do not have connection draining enabled. With this feature enabled, the load balancer will stop sending new requests to instances that are deregistering (in-flight requests will continue to be served).

 

Screen Shot 2015-03-19 at 6.10.11 PM

All of these new checks are avaiailable today and can be used on any Elastic Load Balancer under your control.

You can view the original announcement on the Official AWS blog here: https://aws.amazon.com/blogs/aws/new-elastic-load-balancer-checks-for-aws-trusted-advisor/

Blue Sentry is an advanced-tier Amazon Web Services (AWS) consulting partner specializing in application and data migrations, expert managed services and virtual desktops. Blue Sentry serves clients globally, with operations in North Carolina and South Carolina.