Control: ELB application, network, and gateway load balancers should span multiple availability zones
Description
This control checks whether an Elastic Load Balancer V2 (Application, Network, or Gateway Load Balancer) has registered instances from multiple Availability Zones. The control fails if an Elastic Load Balancer V2 has instances registered in fewer than two Availability Zones.
Usage
Run the control in your terminal:
powerpipe control run aws_compliance.control.elb_application_gateway_network_lb_multiple_az_configuredSnapshot and share results via Turbot Pipes:
powerpipe loginpowerpipe control run aws_compliance.control.elb_application_gateway_network_lb_multiple_az_configured --shareSQL
This control uses a named query:
select arn as resource, case when jsonb_array_length(availability_zones) < 2 then 'alarm' else 'ok' end as status, title || ' has ' || jsonb_array_length(availability_zones) || ' availability zone(s).' as reason , region, account_idfrom aws_ec2_application_load_balancerunionselect arn as resource, case when jsonb_array_length(availability_zones) < 2 then 'alarm' else 'ok' end as status, title || ' has ' || jsonb_array_length(availability_zones) || ' availability zone(s).' as reason , region, account_idfrom aws_ec2_network_load_balancerunionselect arn as resource, case when jsonb_array_length(availability_zones) < 2 then 'alarm' else 'ok' end as status, title || ' has ' || jsonb_array_length(availability_zones) || ' availability zone(s).' as reason , region, account_idfrom aws_ec2_gateway_load_balancer;