Skip to main content

Use Case for AWS NLB Low Traffic Policy

  1. Configure AWS NLB Low Traffic Policy
  2. Use Case for AWS NLB Low Traffic Policy
  3. Triage Guides by Violation Type
    1. Triage AWS NLB Low Traffic Policy LOW_BYTES_PROCESSED

AWS NLB Low Traffic Policy

When running mission-critical services with AWS Network Load Balancers (NLBs), it's important to monitor the traffic levels to ensure they align with expected patterns. This policy is designed to identify NLBs that have processed an unusually low number of bytes over a given period of time.

Why Use This Policy?

Pros:

  • Cost Optimization: Identifying underutilized NLBs may lead to cost savings by allowing you to optimize your network architecture.
  • Performance Management: Low traffic could indicate a performance issue or a lack of demand for the service.
  • Security Implications: An unexpected drop in traffic could signify potential security issues such as a DoS attack affecting availability.

Cons:

  • False Positives: The policy might flag NLBs undergoing temporary maintenance or experiencing seasonal dips in traffic.

How The Policy Works

The policy uses the CloudWatch ProcessedBytes metric to calculate the average bytes processed per day for a given NLB over N days. It defines two variables:

  • bytesThreshold: The minimum acceptable average bytes processed per day (default 0 bytes/day).
  • daysToCheck: The number of days over which to calculate the average bytes processed (default 30 days).

If the average bytes processed falls below the bytesThreshold, the policy flags the NLB as a violation.

Violation Types

  • LOW_BYTES_PROCESSED: Indicates that the NLB has processed fewer bytes than the defined threshold. This is the only violationTypeId used in this policy.