Login

Cloud Defense Logo

Products

Solutions

Company

Book A Live Demo

Rule: ELB Application Load Balancer Deletion Protection Enabled

Ensure deletion protection is enabled for ELB application load balancers to prevent accidental deletion.

RuleELB application load balancer deletion protection should be enabled
FrameworkNIST Cybersecurity Framework (CSF) v1.1
Severity
High

Rule Description

The ELB (Elastic Load Balancer) application load balancer deletion protection should be enabled in compliance with the NIST Cybersecurity Framework (CSF) v1. This policy helps protect the application load balancer from accidental deletion, ensuring the availability and continuity of the services it provides.

Troubleshooting Steps

None

Necessary Codes

No specific codes required. Configuration changes can be made through the AWS Management Console or CLI.

Step-by-Step Guide for Remediation

Follow the steps below to enable deletion protection for an ELB application load balancer:

  2. 1.

    Log in to the AWS Management Console.

  4. 2.

    Go to the EC2 service.

  6. 3.

    Navigate to the "Load Balancers" section.

  8. 4.

    Select the application load balancer you want to enable deletion protection for.

  10. 5.

    Verify that you have the necessary permissions to make changes to the load balancer.

  12. 6.

    Click on the "Attributes" tab.

  14. 7.

    Scroll down to the "General configuration" section.

  16. 8.

    Locate the "Deletion protection" option and ensure that it is set to "Enabled".

  18. 9.

    If the deletion protection is not enabled, click on the "Edit" button next to it.

  20. 10.

    In the pop-up window, check the box next to "Enable deletion protection" and click on the "Save" button.

  22. 11.

    Wait for the changes to take effect. The application load balancer is now protected from accidental deletion.

Note: If you prefer to use the AWS CLI for enabling deletion protection, you can use the following command:

aws elbv2 modify-load-balancer-attributes --load-balancer-arn <load_balancer_arn> --attributes Key=deletion_protection.enabled,Value=true

Make sure to replace 

<load_balancer_arn>
with the actual ARN (Amazon Resource Name) of your application load balancer.

Conclusion

By enabling deletion protection for your ELB application load balancer, you ensure that it cannot be accidentally deleted, promoting the security and availability of your services. Following the provided steps, either through the AWS Management Console or CLI, allows you to easily comply with the NIST Cybersecurity Framework (CSF) v1 guidelines.

Is your System Free of Underlying Vulnerabilities?
Find Out Now