The ELB does not have access logging enabled

Description

These access logs can be used to analyze traffic patterns and troubleshoot security and operational issues.
Access logging is an optional feature of ELB that is disabled by default.

Fix - Runtime

AWS Console

TBA

CLI Command

Fix - Buildtime

Terraform

• Resource: aws_elb
• Argument: access_logs

resource "aws_elb" "example" {
  ...
  name = "test-lb-tf"
+  access_logs {
+     bucket  = aws_s3_bucket.lb_logs.bucket
+     enabled = true
+  }
}

CloudFormation

• Resource: AWS::ElasticLoadBalancing::LoadBalancer
• Argument: Properties.AccessLoggingPolicy.Enabled

Resources:
  Resource0:
    Type: 'AWS::ElasticLoadBalancing::LoadBalancer'
    Properties:
      ...
      AccessLoggingPolicy:
        ...
+       Enabled: true