EC2 instances should have autoscaling groups with two or more availability zones

Description

Requiring EC2 instances to be part of Auto Scaling groups that span two or more availability zones promotes redundancy of data, which helps ensure availability and continuity during an adverse situation.

Console Remediation Steps

  • Navigate to EC2.

  • In the left navigation, select Auto Scaling groups.

  • Choose an existing group from the list.

  • In Subnet(s), choose the subnet corresponding to the Availability Zone.

  • Click Save.

  • In the left navigation, select Load Balancers.

  • Choose your load balancer.

  • On the Description tab for Availability Zones, click Edit and add the subnets for the Availability Zone.

  • Click Save.

CLI Remediation Steps

  • Add a subnet to the Auto Scaling group.

    • aws autoscaling update-auto-scaling-group --auto-scaling-group-name my-asg --vpc-zone-identifier subnet-41767929 subnet-cb663da2 --min-size 2

  • Verify that the instances in the new subnet are ready to accept traffic from the load balancer.

    • aws autoscaling describe-auto-scaling-groups --auto-scaling-group-name my-asg

  • Enable the new subnet for your Application Load Balancer.

    • aws elbv2 set-subnets --load-balancer-arn my-lb-arn --subnets subnet-41767929 subnet-cb663da2