Triage VPC Endpoint Unused Traffic Detection NEW_CONNECTIONS_BELOW_THRESHOLD
Quick Links
- Configure VPC Endpoint Unused Traffic Detection
- Use Case for VPC Endpoint Unused Traffic Detection
- Triage Guides by Violation Type
Triage Guide: New Connections Below Threshold
0) Understand Why should I care about fixing this issue?
- Endpoints without new connections for a long time might be unneeded. 1) Validate How am I sure that this alert is true and accurate?
- Check the CloudWatch NewConnections metric for your VPC Endpoint manually in the AWS Console. Does this policy scan on a schedule or is it Reactive?
- It runs on a 12-hour interval. 2) Triage What is the impact if it is unfixed?
- The cost for an unused resource continues to accrue. Does this problem get worse over time if it is unaddressed?
- The financial cost may increase if the endpoint remains idle. Can remediation cause outages or downtime to any other running service?
- It is not expected, given the endpoint has no traffic. 3) Act What do I do to fix this alarm?
- Confirm the lack of activity and consider decommissioning the VPC Endpoint. 4) Reflect What should I do if this alarm wasn't a good use of time?
- Re-evaluate the necessity of the endpoint or modify the traffic thresholds.