Login

Cloud Defense Logo

Products

Solutions

Company

Book A Live Demo

Rule: Application Load Balancer Deletion Protection Enabled

Ensure that deletion protection is enabled for Application Load Balancer to prevent accidental deletion.

RuleApplication Load Balancer deletion protection should be enabled
FrameworkAWS Foundational Security Best Practices
Severity
Medium

Rule Description

The rule requires the Application Load Balancer (ALB) deletion protection to be enabled for AWS Foundational Security Best Practices. Deletion protection ensures that the ALB cannot be accidentally or maliciously deleted. By enabling deletion protection, you add an extra layer of security to your ALB infrastructure and prevent any unauthorized modifications.

Troubleshooting Steps

No troubleshooting steps required for this rule.

Remediation

To enable deletion protection for your Application Load Balancer, follow the step-by-step guide below:

  2. 1.
    Open the AWS Management Console and navigate to the EC2 dashboard.
  4. 2.
    Select "Load Balancers" from the navigation pane on the left.
  6. 3.
    Choose the Application Load Balancer that you want to enable deletion protection for.
  8. 4.
    Click on the "Description" tab at the bottom of the page.
  10. 5.
    In the "Attributes" section, locate the "Deletion Protection" setting.
  12. 6.
    If deletion protection is not already enabled, click on the "Edit" button next to the setting.
  14. 7.
    Check the box next to "Enable deletion protection."
  16. 8.
    Click on the "Save" button to apply the changes.

CLI Command

If you prefer to use the AWS Command Line Interface (CLI) to enable deletion protection for your Application Load Balancer, follow the steps below:

  2. 1.
    Open your preferred CLI tool or terminal.
  4. 2.
    Run the following command to enable deletion protection for your ALB:
aws elbv2 modify-load-balancer-attributes --load-balancer-arn <ALB_ARN> --attributes Key=deletion_protection.enabled,Value=true

Make sure to replace 

<ALB_ARN>
with the actual ARN (Amazon Resource Name) of your Application Load Balancer.

  2. 1.
    Once the command is executed successfully, deletion protection will be enabled for your ALB.

Conclusion

Enabling deletion protection for your Application Load Balancer adds an extra layer of security to prevent accidental or malicious deletions. By following the provided step-by-step guide or using the CLI command, you can easily enable deletion protection and enhance the security posture of your ALB infrastructure.

Is your System Free of Underlying Vulnerabilities?
Find Out Now