Checks whether an HTTPS listener is enabled on the specified port for a Server Load Balancer (SLB) instance.
Scenario
HTTPS listeners for SLB instances can encrypt connections and block unauthorized access.
Risk level
Default risk level: high.
You can change the risk level as required when you apply this rule.
Compliance evaluation logic
- If an HTTPS listener is enabled on the specified port for an SLB instance, the evaluation result is compliant.
- If no HTTPS listener is enabled on the specified port for an SLB instance, the evaluation result is non-compliant. For more information about how to correct the non-compliant configuration, see Non-compliance remediation.
Rule details
| Item | Description |
|---|---|
| Rule name | slb-listener-https-enabled |
| Rule ID | slb-listener-https-enabled |
| Tag | SLB and LoadBalancer |
| Automatic remediation | Not supported |
| Trigger type | Configuration change |
| Supported resource type | SLB instance |
| Input parameter | listenerPort. Default value: 443.
|
Non-compliance remediation
Enable an HTTPS listener on the specified port for the SLB instance. For more information, see Add an HTTPS listener.