Home Security & Health Fault Tolerance Amazon EC2 auto-scaling groups should be configured properly

Amazon EC2 auto-scaling groups should be configured properly

-

Amazon EC2 auto-scaling groups play an important role and contribute significantly to the scalability of your cloud infrastructure. If auto-scaling groups are not configured properly, there is a possibility that your cloud operations might collapse as the resources would not be able to function properly in case one or more faults occur. Hence, having a fault tolerant cloud infrastructure becomes a major priority for any organization to ensure their cloud environment is reliable.

What are Amazon EC2 auto-scaling groups?

AWS EC2 autoscaling group is a collection of various EC2 instances that share the same properties and characteristics. Each autoscaling group is considered as a logical group used for the purpose of scaling and management of EC2 instances. You can start an auto-scaling group by launching enough number of EC2 instances to meet its desired capacity. The auto-scaling group also manages these EC2 instances by regularly performing health checks on them.

Launch configuration in auto-scaling groups

It is recommended that you should have an active Amazon Machine Image (AMI) for your auto scaling groups launch configuration. Or an auto-scaling group should be associated with an active load balancer for a smooth auto-scaling process. If your auto scaling groups fail to launch new EC2 instances due to invalid (removed) AMIs, the scaling mechanism will not be able to add compute resources. On the other hand, if you delete a load balancer, the load of your instances will not get distributed to different availability zones. As a result, this has a significant negative impact on your application performance.

Centilytics provides a dedicated insight into auto scaling group resources of Amazon EC2. It gives warnings to the user whenever an auto-scaling group is detected with misconfigurations.

You can read more about AWS EC2 here.

Insight descriptions:

There can be 1 possible scenario:

Severity Description
Critical This indication will be displayed when an auto-scaling group is associated with an unavailable resource such as a deleted elastic load balancer. Also, if the launch configuration is associated with a deleted AMI then you get a critical alert.

 

Description of further columns are as follows:

  1. Account Id: This column shows the respective account ID of the user’s account. AWS EC2 2
  2. Account Name: This column shows the Account Id of the user’s account.AWS EC2 4
  3. Region: This column shows the region in which the resources exist.AWS EC2 5
  4. Launch Configuration: This column shows the name of the launch configuration.AWS EC2 1
  5. Identifier: This column shows the name of the load balancer.AWS EC2 3

Filters applicable:

Filter Name Description
Account Id Applying the account Id filter will display data for the selected account Id.
Region Applying the region filter will display data according to the selected region.
Severity Applying severity filter will display data according to the selected severity type i.e. selecting critical will display all resources with critical severity. Same will be the case for warning and OK severity types as well.
Resource Tags Applying resource tags filter displays resources which have been assigned the selected resource tag. For e.g., A user has tagged some resource by a tag named environment. Then selecting an environment from the resource tags filter will display all the resources with the tag name environment.
Resource Tags Value

 

 

Applying resource tags value filter will display data which will have the selected resource tag value. For e.g. – Let’s say a user has tagged some resource by a tag named environment and has a value say production (environment:production). Hence, the user can view data of all the resources with “environment:production” tag. The user can use the tag value filter only when a tag name has been provided.

 

Compliances covered:

Compliance Name Reference No. Link
Trusted Advisor https://console.aws.amazon.com/trustedadvisor/home?#/category/fault-tolerance

 

Read About

Cloud