More Info:

Ensure that the Enhanced Health Reporting feature is enabled for all Amazon Elastic Beanstalk (EB) environments provisioned in your AWS account.

Risk Level

Medium

Address

Operational Maturity, Reliability

Compliance Standards

HIPAA

Triage and Remediation

Remediation

Using Console

To remediate the misconfiguration “Ensure Enhanced Health Reporting Is Enabled For Elastic Beanstalk Environments” for AWS using the AWS console, please follow the below steps:
  1. Log in to the AWS Management Console.
  2. Go to the Elastic Beanstalk console.
  3. Select the desired environment for which you want to enable enhanced health reporting.
  4. In the left navigation pane, click on “Configuration”.
  5. Scroll down to the “Monitoring” section and click on “Edit”.
  6. In the “Health reporting” section, select “Enhanced” from the drop-down menu.
  7. Click on “Apply” to save the changes.
  8. Verify that the enhanced health reporting is enabled by checking the “Health” tab in the Elastic Beanstalk console.
Once these steps are completed, the misconfiguration “Ensure Enhanced Health Reporting Is Enabled For Elastic Beanstalk Environments” will be remediated for the selected Elastic Beanstalk environment in AWS.

To remediate the misconfiguration “Ensure Enhanced Health Reporting Is Enabled For Elastic Beanstalk Environments” in AWS using AWS CLI, follow the below steps:
  1. Open the AWS CLI and run the following command to enable enhanced health reporting for Elastic Beanstalk environments:
aws elasticbeanstalk update-environment --environment-name <environment-name> --option-settings Namespace=aws:elasticbeanstalk:healthreporting:system,OptionName=SystemType,Value=enhanced
Replace <environment-name> with the name of the Elastic Beanstalk environment for which you want to enable enhanced health reporting.
  1. Once the command is executed successfully, the enhanced health reporting feature will be enabled for the Elastic Beanstalk environment.
  2. You can verify the status of enhanced health reporting by running the following command: 
aws elasticbeanstalk describe-environments --environment-names <environment-name> --query "Environments[*].OptionSettings[?OptionName=='HealthType'].Value" --output text
Replace <environment-name> with the name of the Elastic Beanstalk environment for which you want to verify the status of enhanced health reporting.
  1. If the output of the above command is “enhanced”, then enhanced health reporting is enabled for the Elastic Beanstalk environment.
By following the above steps, you can successfully remediate the misconfiguration “Ensure Enhanced Health Reporting Is Enabled For Elastic Beanstalk Environments” in AWS using AWS CLI.
To remediate the misconfiguration “Ensure Enhanced Health Reporting Is Enabled For Elastic Beanstalk Environments” in AWS using Python, you can follow the below steps:
  1. Open the AWS Management Console and navigate to Elastic Beanstalk.
  2. Select the Elastic Beanstalk environment for which you want to enable Enhanced Health Reporting.
  3. Click on the Configuration tab and then select the Health reporting option.
  4. In the Health reporting section, select the Enhanced option.
  5. Click on the Save button to save the changes.
  6. Use the AWS SDK for Python (Boto3) to enable Enhanced Health Reporting for Elastic Beanstalk environments programmatically.
  7. Install the Boto3 library by running the following command in your command prompt or terminal: 
pip install boto3
  1. Create a Python script and import the Boto3 library.
import boto3
  1. Create an Elastic Beanstalk client using the Boto3 library.
eb_client = boto3.client('elasticbeanstalk')
  1. Use the update_environment method to update the environment with the Enhanced Health Reporting enabled.
eb_client.update_environment(
    ApplicationName='your-application-name',
    EnvironmentName='your-environment-name',
    OptionSettings=[
        {
            'Namespace': 'aws:elasticbeanstalk:healthreporting:system',
            'OptionName': 'SystemType',
            'Value': 'enhanced'
        }
    ]
)
  1. Replace the your-application-name and your-environment-name with your actual application name and environment name.
  2. Run the Python script to enable Enhanced Health Reporting for the Elastic Beanstalk environment.
After following these steps, Enhanced Health Reporting will be enabled for the Elastic Beanstalk environment in AWS.

Additional Reading: