ELBv1 load balancer cross zone load balancing is not enabled Affecting ELB service in AWS

Snyk CCSS

Availability / Redundancy

Is your enviroment affected by this misconfiguration?

In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.

Test your applications

Frameworks

AWS-Well-Architected CSA-CCM GDPR HIPAA ISO-27001 NIST-800-53 SOC-2

Snyk ID SNYK-CC-00094
credit Snyk Research Team

Report a new misconfiguration Found a mistake?

Description

Having Availability Zones with cross-zone load balancing enabled for the VPC reduces the risk of failure at a single location as the AWS Elastic Load Balancers distribute the traffic to the other locations.

How to fix?

Set the cross_zone_load_balancing attribute to true.

Example Configuration

resource "aws_elb" "elb-cross-zone" {
  name            = "elb-cross-zone"
  security_groups = ["${aws_security_group.elb-cross-zone-group.id}"]
  subnets         = ["${aws_default_subnet.default.id}"]

  listener {
    instance_port     = 80
    instance_protocol = "http"
    lb_port           = 80
    lb_protocol       = "http"
  }

  cross_zone_load_balancing   = true
  idle_timeout                = 400
  connection_draining         = true
  connection_draining_timeout = 400

  tags = {
    Name = "elb-cross-zone"
  }
}

Terraform

Resource: aws_elb

References

Configure cross-zone load balancing for your Classic Load Balancer