Login

Cloud Defense Logo

Products

Solutions

Company

Book A Live Demo

ELB Application Load Balancer Deletion Protection Rule

This rule ensures the protection of ELB application load balancer from deletion by enabling deletion protection.

RuleELB application load balancer deletion protection should be enabled
FrameworkCISA-cyber-essentials
Severity
High

Rule Description:

The deletion protection feature of the AWS Elastic Load Balancer (ELB) application load balancer should be enabled for CISA-cyber-essentials. This rule ensures that accidental deletion or modification of the load balancer is prevented, providing an extra layer of security and preventing mission-critical service disruptions.

Troubleshooting Steps:

If deletion protection is not enabled for the ELB application load balancer, it can be manually enabled using the AWS Management Console or the AWS Command Line Interface (CLI). Follow the steps below to troubleshoot:

  2. 1.

    Check Load Balancers:

    • Log in to the AWS Management Console.
    • Navigate to the EC2 service.
    • Click on "Load Balancers" in the left-hand menu.
    • Search for the specific ELB application load balancer associated with CISA-cyber-essentials.
  4. 2.

    Verify Deletion Protection Status:

    • Select the load balancer from the list.
    • In the "Description" tab, locate the "Attributes" section.
    • Look for the "Deletion protection" attribute.
    • If the value is "Disabled", the deletion protection feature is not enabled and needs to be configured.

Code Example:

If deletion protection is not enabled for the ELB application load balancer, you can use the AWS CLI to enable it. Execute the following command in your terminal or command prompt:

aws elbv2 modify-load-balancer-attributes --load-balancer-arn <load_balancer_arn> --attributes Key=deletion_protection.enabled,Value=true

Make sure to replace 

<load_balancer_arn>
with the actual Amazon Resource Name (ARN) of your ELB application load balancer that needs deletion protection.

Remediation Steps:

To enable deletion protection for CISA-cyber-essentials' ELB application load balancer, follow these step-by-step instructions:

  2. 1.
    Open the AWS Management Console.
  4. 2.
    Navigate to the EC2 service.
  6. 3.
    Click on "Load Balancers" in the left-hand menu.
  8. 4.
    Search for the specific ELB application load balancer associated with CISA-cyber-essentials.
  10. 5.
    Select the load balancer from the list.
  12. 6.
    In the "Description" tab, locate the "Attributes" section.
  14. 7.
    Look for the "Deletion protection" attribute.
  16. 8.
    If the value is "Disabled", click on "Edit" next to the attribute.
  18. 9.
    Select the checkbox to enable deletion protection and click "Save" to apply the changes.
  20. 10.
    Verify that the deletion protection attribute is now set to "Enabled" for the load balancer.

By following these steps, you have successfully enabled deletion protection for the ELB application load balancer associated with CISA-cyber-essentials, providing an additional layer of security to prevent accidental deletion or modification.

Is your System Free of Underlying Vulnerabilities?
Find Out Now