Rule: ELB Application Load Balancer Deletion Protection Enabled
This rule requires enabling deletion protection for ELB application load balancers to enhance security and prevent accidental deletion.
| Rule | ELB application load balancer deletion protection should be enabled |
| Framework | NIST 800-53 Revision 5 |
| Severity | ✔ High |
Rule Description
The ELB (Elastic Load Balancer) application load balancer deletion protection should be enabled to meet the NIST 800-53 Revision 5 security controls. Enabling deletion protection ensures that accidental or unauthorized deletion of the load balancer does not occur. This helps maintain the availability and integrity of the application load balancer, preventing potential disruption of traffic and ensuring the security of the system.
Troubleshooting Steps (if applicable)
If deletion protection is not enabled for the ELB application load balancer, follow these troubleshooting steps:
- 1.
Identify the problematic load balancer: Use the AWS Management Console, AWS CLI, or AWS SDKs to identify the specific ELB application load balancer that does not have deletion protection enabled.
- 2.
Verify user permissions: Ensure that the user performing these steps has the necessary permissions to modify the deletion protection setting for the load balancer.
- 3.
Check load balancer settings: Verify that the load balancer is not already deleted or in a state where modification is not allowed.
- 4.
Enable deletion protection: If deletion protection is currently disabled, perform the following steps to enable it.
Necessary Codes (if applicable)
No codes are necessary for this particular rule.
Step-by-Step Guide for Remediation
To enable deletion protection for the ELB application load balancer, follow these steps:
- 1.
Access the AWS Management Console: Login to the AWS Management Console using your credentials.
- 2.
Navigate to the Load Balancer section: From the AWS Management Console dashboard, go to the "Services" dropdown menu and select "EC2".
- 3.
Select Load Balancers: In the EC2 dashboard, navigate to the "Load Balancers" section.
- 4.
Choose the affected Application Load Balancer: Locate the specific ELB application load balancer that needs deletion protection enabled.
- 5.
Select Edit Load Balancer: Select the load balancer and click on the "Actions" dropdown menu, then choose "Edit Load Balancer".
- 6.
Enable Deletion Protection: In the "General configuration" tab, scroll down to the "Deletion protection" section.
- 7.
Toggle the deletion protection setting: Toggle the deletion protection setting to "Enabled".
- 8.
Save Changes: Click on the "Save" button to save the changes made to the load balancer.
- 9.
Verify Deletion Protection: Verify that deletion protection is now enabled for the ELB application load balancer.
By following these steps, you will have successfully enabled deletion protection for the ELB application load balancer to meet the NIST 800-53 Revision 5 security control requirement.