Control: AWS > PCI v3.2.1 > Auto Scaling > 1 Auto Scaling groups associated with a load balancer should use health checks

This control checks whether your Auto Scaling groups that are associated with a load balancer are using Elastic Load Balancing health checks.

PCI DSS does not require load balancing or highly available configurations. However, this check aligns with AWS best practices.

Remediation

To enable Elastic Load Balancing health checks

1. Open the Amazon EC2 console 2. On the navigation pane, under Auto Scaling, choose Auto Scaling Groups 3. To select the group from the list, choose the right box 4. Choose Edit 5. For Health Check Type, choose ELB 6. For Health Check Grace Period, enter 300 7. Choose Save

PCI requirement(s): 2.2

Resource Types

This control targets the following resource types:

AWS > EC2 > Auto Scaling Group

Policies

This control type relies on these other policies when running actions:

AWS > PCI v3.2.1

In Your Workspace

Developers

Control Type URI

tmod:@turbot/aws-pciv3-2-1#/control/types/autoScalingGroupWithLbUseHealthCheck

Category URI

tmod:@turbot/turbot#/control/categories/compliancePci

GraphQL

query controlType(id: "tmod:@turbot/aws-pciv3-2-1#/control/types/autoScalingGroupWithLbUseHealthCheck") { … }

query controls(filter: "controlTypeId:'tmod:@turbot/aws-pciv3-2-1#/control/types/autoScalingGroupWithLbUseHealthCheck'") { … }

CLI

Get Controls

turbot graphql controls --filter "controlTypeId:tmod:@turbot/aws-pciv3-2-1#/control/types/autoScalingGroupWithLbUseHealthCheck"