Skip to content
By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post
About re:Post

Why do my Beanstalk environments continue to use AutoScaling LaunchConfiguration even after I configure the required settings to use ec2 launch template?

0

Even after configuring the necessary options for the environment to use the ec2 launch template, such as disabled IMDSv1 and gp3 volume type, the environment still uses the AutoScaling LaunchConfiguration, which should not happen according to the documentation: https://docs.aws.amazon.com/elasticbeanstalk/latest/dg/environments-cfg-autoscaling-launch-templates.html

This issue is being reported in Security Hub, in the following control https://docs.aws.amazon.com/securityhub/latest/userguide/autoscaling-controls.html#autoscaling-3

CloudFormation also shows that the environment is using it. How can I fix this and make the environment use the Ec2 Launch Template?

Topics
Management & GovernanceComputeSecurity, Identity, & Compliance
Tags
AWS Security HubAWS CloudFormationAWS Elastic Beanstalk
Language
English
asked 9 months ago104 views
2 Answers
0

Thanks for flagging this — I’ve seen similar issues even when the correct LaunchTemplate options are set. One thing that helped was verifying the platform version and re-deploying the environment after configuration changes. Have you checked if a new environment using the same settings defaults to the launch template correctly?

answered 9 months ago
  • Pablo
    9 months ago

    Hello! Thanks for the answer, it helped me find a "reason" for what was happening.

    In my case, I create the resources through terraform, so the "problem" is that, even though IMDSv1 is disabled by default using the Amazon Linux 2023 image, I needed to explicitly set the DisableIMDSv1 option to true (I don't think this should happen). Reference: https://docs.aws.amazon.com/elasticbeanstalk/latest/dg/command-options-general.html#command-options-general-autoscalinglaunchconfiguration

    I believe that what caused this issue was using the InstanceType option in the aws:autoscaling:launchconfiguration namespace instead of InstanceTypes in aws:ec2:instances (which doesn't seem like a fair reason for this issue, since assigning an IamInstanceProfile is only possible through the aws:autoscaling:launchconfiguration namespace, unless I misunderstood (: )

    Now, for the environments that were created manually with the same settings mentioned, I don't know exactly what the reason was, since they were recently created environments.

    For these environments, enabling Combine purchasing options and instances and then disabling it solved my problem, but I also believe that it is not the best way to handle or solve this problem.

0

Hi Pablo, thanks for the thoughtful follow-up and link! It’s helpful to know Terraform was the provisioning layer. That subtle switch between aws:autoscaling:launchconfiguration and aws:ec2:instances definitely seems to be a trigger for this behavior, even when other settings are correctly applied.

Interesting that toggling “Combine purchasing options and instances” resolved the issue manually — definitely feels like a workaround rather than a long-term solution.

Glad my note helped surface some clarity on what was going on. Appreciate you sharing the extra context!

—TheQuietBuilder

answered 9 months ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Relevant content