Evaluates whether each scaling configuration specifies a security group for instances to join. Configurations with a specified security group are Compliant.
Scenarios
Specifying a security group in scaling configurations protects the network security of instances.
Risk level
Default risk level: medium.
You can change the risk level based on your business requirements when you apply this rule.
Compliance evaluation logic
-
If the scaling configurations of each instance specify a security group to which the instance is added, the evaluation result is Compliant.
-
If the scaling configurations of an instance do not specify a security group to which the instance is added, the evaluation result is Non-compliant.
Rule details
|
Parameter |
Description |
|
Rule name |
ess-scaling-configuration-attach-security-group |
|
Rule identifier |
|
|
Tag |
ESS and ScalingConfiguration |
|
Automatic remediation |
Not supported |
|
Trigger type |
Configuration change |
|
Supported resource type |
Scaling configurations |
|
Input parameter |
None |
Non-compliance remediation
Specify a security group in the scaling configurations of each instance. For more information, see Manage scaling configurations.