Back to All Checks
Medium ELB Regional

Application and Classic Load Balancers logging should be enabled

NISTISO 27001HIPAA

Description

This check verifies that logging is enabled for Application and Classic Load Balancers to capture detailed information about requests sent to the load balancer. Logging is an essential security and compliance feature that helps in post-incident analysis and troubleshooting.

Remediation

To enable logging for Load Balancers, follow these steps:

Steps

  1. For Application Load Balancers:
  2. Open the Amazon EC2 console at https://console.aws.amazon.com/ec2/.
  3. On the navigation pane, under LOAD BALANCING, choose Load Balancers.
  4. Select the Application Load Balancer.
  5. Choose the Description tab, and find the Attributes section.
  6. If 'access_logs.s3.enabled' is set to false, choose Edit attributes.
  7. Set 'access_logs.s3.enabled' to true and provide an S3 bucket for the logs.
  8. For Classic Load Balancers:
  9. Open the Amazon EC2 console at https://console.aws.amazon.com/ec2/.
  10. On the navigation pane, under LOAD BALANCING, choose Load Balancers.
  11. Select the Classic Load Balancer.
  12. Choose the Description tab, and find the Attributes section.
  13. If Access Log is disabled, choose Edit attributes.
  14. Enable Access Log by setting it to true and provide an S3 bucket for the logs.

Compliance

NISTISO 27001HIPAA
Start Your Free Security Check