AWS ElasticLoadBalancing
Best practices and references below are based on published guidance from the cloud service provider and may reference native capabilities the cloud service provider offers. If you are not using the native security capabilities, the same security requirement can be met using other security capabilities your organization utilizes
Design Guidance:
Type | ||
Policies | ||
Policies-Attributes | ||
Policies-Instance Ports | ||
Policies-Load Balancer Ports | ||
Policies-Policy Name | ||
Policies-Policy Type | ||
Scheme |
Listeners | ||
Listeners-Instance Port | ||
Listeners-Load Balancer Port | ||
Listeners-Policy Names |
Design Guidance:
Access Logging Policy | ||
Access Logging Policy-Emit Interval | ||
Access Logging Policy-Enabled | ||
Access Logging Policy-S3bucket Name | ||
Access Logging Policy-S3bucket Prefix |
Design Guidance:
App Cookie Stickiness Policy | ||
App Cookie Stickiness Policy-Cookie Name | ||
App Cookie Stickiness Policy-Policy Name | ||
Lbcookie Stickiness Policy | ||
Lbcookie Stickiness Policy-Cookie Expiration Period | ||
Lbcookie Stickiness Policy-Policy Name |
Design Guidance:
Availability Zones | ||
Health Check-Healthy Threshold | ||
Health Check-Interval | ||
Health Check-Target | ||
Health Check-Timeout | ||
Health Check-Unhealthy Threshold |
Design Guidance:
Connection Draining Policy-Enabled | ||
Connection Draining Policy-Timeout |
Design Guidance:
Connection Settings-Idle Timeout |
Design Guidance:
Instances | ||
Load Balancer Name | ||
Tags |
Design Guidance:
Security Groups |
Design Guidance:
Subnets |
Design Guidance:
Listeners-Instance Protocol | ||
Listeners-Protocol |
Design Guidance:
Listeners-SSLcertificate Id |
Last modified 7mo ago