Ensure that auto Scaling groups that are associated with a load balancer, are using Load Balancing health checks.
Description
This policy checks whether auto-scaling groups associated with a load balancer are using load balancing health checks. It ensures that the health check type is set to either 'SVR' or 'LOADB' for the auto-scaling group, and if 'LOADB' is used, a load balancer target group with health checks exists. This is important because load balancing health checks help maintain the availability and reliability of the application by detecting unhealthy instances and removing them from the load balancer. By using load balancing health checks, you can ensure that your application remains accessible to users even in the event of instance failures.
Code Example
resource "ncloud_auto_scaling_group" "example" {
health_check_type_code = "LOADB"
}
resource "ncloud_lb_target_group" "example" {
health_check {
# health check configuration
}
}Remediation
Update the auto-scaling group to use load balancing health checks by setting the health_check_type_code attribute to 'LOADB' and creating a load balancer target group with health checks.
Rule Details
| Field | Value |
|---|---|
| ID | IAC-1220 |
| Severity | MEDIUM |
| IaC Type | Terraform |
| Frameworks | ncloud_auto_scaling_group, ncloud_lb_target_group |
| Checkov ID | CKV_NCP_18 |