How can I stop Route 53 health check requests that are sent to my application?

Short description

You can configure Route 53 health checks against any public resource. If your application is receiving health check requests from Route 53 when you haven't configured health checks on your application, the cause might be:

1. A health check was mistakenly configured against your application by another customer.
2. A health check was configured from your account for testing purposes but wasn't deleted when testing was complete.
3. A health check was configured against another customer's public AWS resources. However, the IP addresses of those resources were reassigned to your AWS resources. In this scenario, the health check was configured on the reassigned IP addresses. If the health check was based on domain names, the requests were sent due to DNS caching.
4. The Elastic Load Balancing service updated its public IP addresses due to scaling, and the IP addresses were reassigned to your load balancer.

Resolution

To stop unwanted health checks requests from Route 53:

1. Find the ID of the unwanted health check by reviewing your application logs. For more information, see How can I identify and resolve unwanted health checks from Route 53?
2. Contact AWS. If you have an AWS Support plan, create a support case. If you don't have an AWS Support plan, complete the Stop unwanted Amazon Route 53 health checks form. In both scenarios, be sure to include the health check ID that you found in step 1.
3. (Optional) Block the health check IP address ranges in your firewall. To find the IP address ranges for each AWS Region used by the Route 53 health check service, see the IP ranges JSON file. In the JSON file, search for "ROUTE53_HEALTHCHECKS". For more information, see Configuring router and firewall rules for Amazon Route 53 health checks.