Login

Cloud Defense Logo

Products

Solutions

Company

Book A Live Demo

Enable ELB Application Load Balancer Deletion Protection Rule

Ensure protection by enabling deletion protection for ELB application load balancers.

RuleELB application load balancer deletion protection should be enabled
FrameworkFedRAMP Low Revision 4
Severity
High

Rule Description:

ELB (Elastic Load Balancer) application load balancer deletion protection should be enabled for systems that adhere to the FedRAMP (Federal Risk and Authorization Management Program) Low Revision 4 security compliance level. This rule helps to prevent accidental or unauthorized deletion of the load balancer, ensuring the availability and integrity of the associated resources.

Troubleshooting Steps:

If deletion protection is not enabled on an ELB application load balancer that should adhere to the FedRAMP Low Revision 4 security compliance level, follow these troubleshooting steps:

  2. 1.
    Verify the current state of the deletion protection setting for the load balancer.
  4. 2.
    If deletion protection is disabled, proceed to enable it.
  6. 3.
    Once enabled, verify that the deletion protection is now active for the load balancer.

Necessary Codes:

There are no specific codes associated with enabling deletion protection for ELB application load balancers. Instead, this can be achieved through the AWS Management Console or AWS CLI (Command Line Interface).

Step-by-step Guide for Remediation:

  2. 1.

    AWS Management Console:

    • Log in to the AWS Management Console.
    • Navigate to the EC2 service.
    • Click on "Load Balancers" in the left-hand menu.
    • Select the appropriate application load balancer that should adhere to the FedRAMP Low Revision 4 security compliance level.
    • In the "Description" tab, verify the current state of the deletion protection setting. If it's not already enabled, proceed to the next step.
    • Click on the "Attributes" tab.
    • Look for the "Deletion protection" option and click on the "Edit" button next to it.
    • Enable the deletion protection for the load balancer.
    • Click on "Save" to apply the changes.
    • Verify that the deletion protection is now active for the load balancer.
  4. 2.

    AWS CLI:

    • Install and configure the AWS CLI on your computer, if you haven't already.
    • Open the command-line interface.
    • Use the following command to enable deletion protection for an ELB application load balancer (replace "load-balancer-name" with the appropriate name): 
      aws elbv2 modify-load-balancer-attributes --load-balancer-arn <load-balancer-arn> --attributes DeletionProtection.enabled=true
    • Verify the command executed successfully and the deletion protection is now enabled for the load balancer.

Note: Ensure that you have the necessary permissions to modify the load balancer attributes in the AWS IAM (Identity and Access Management).

By following the above steps, you can enable deletion protection for the ELB application load balancer, ensuring compliance with the FedRAMP Low Revision 4 security standards.

Is your System Free of Underlying Vulnerabilities?
Find Out Now