Json Yaml Access Logging Disabled
Description
Detects AWS Elastic Load Balancers (ELB) in CloudFormation templates that do not have access logging enabled. Without access logging, there is no audit trail of requests made to the load balancer, making it difficult to monitor for security incidents, troubleshoot issues, or meet compliance requirements.
Detection Strategy
• Identifies CloudFormation resources of type 'AWS::ElasticLoadBalancing::LoadBalancer'
• Checks if the LoadBalancer resource has an AccessLoggingPolicy property configured
• Reports a vulnerability if the AccessLoggingPolicy is missing or disabled
• Ensures each LoadBalancer has proper logging configuration for security auditing and monitoring
Vulnerable code example
Resources:
LoadBalancer:
Type: AWS::ElasticLoadBalancing::LoadBalancer
Properties:
AccessLoggingPolicy:
Enabled: false # Vulnerable: Access logging explicitly disabled
S3BucketName: mybucket
Listeners:...✅ Secure code example
Resources:
LoadBalancer:
Type: AWS::ElasticLoadBalancing::LoadBalancer
Properties:
AccessLoggingPolicy:
Enabled: true # Enable access logging for security auditing
S3BucketName: mybucket
EmitInterval: 5 # Log every 5 minutes for timely monitoring...Search for vulnerabilities in your apps for free with Fluid Attacks' automated security testing! Start your 21-day free trial and discover the benefits of the Continuous Hacking Essential plan. If you prefer the Advanced plan, which includes the expertise of Fluid Attacks' hacking team, fill out this contact form.