New CloudGuard Dome9 Compliance Entity: AWS Auto Scaling Group
We added support for AWS Auto Scaling Group as entity in the Dome9 Compliance Engine.
AWS Auto Scaling allows to build scaling plans that automate how groups of resources respond to changes in demand. With the new entity it is now possible to reason on ASG configurations, making sure that the ASGs comply with the relevant policies. We also added reference from the EC2 instances to the relevant ASG, making it possible to check if an instance is connected to a scaling group and other checks.
- Make sure that an ASG is connected to at least one ELB/ALB/NLB
AutoScalingGroup should have elasticLoadBalancers or networkLoadBalancers or applicationLoadBalancers
- Make sure that web servers are scalable
Instance where tags contain [ key='web' ] should have autoScalingGroup