Enable Deletion Protection for Network Firewall Firewalls
Ensures that deletion protection is enabled for AWS Network Firewall firewalls, preventing accidental removal and enhancing security.
| Rule | Network Firewall firewalls should have deletion protection enabled |
| Framework | AWS Foundational Security Best Practices |
| Severity | ✔ Medium |
Description:
Enabling deletion protection for Network Firewall in AWS is a recommended security best practice to prevent accidental or unauthorized deletion of critical resources. By enabling deletion protection, you add an additional layer of safeguard to ensure the availability and continuity of your network firewall configurations.
Troubleshooting Steps:
If deletion protection is not enabled for your Network Firewall, follow these steps to remediate the issue:
- 1.
Identify the Network Firewall in AWS console: Navigate to the AWS Management Console and locate the Network Firewall that requires deletion protection.
- 2.
Enable Deletion Protection: Enable deletion protection by modifying the network firewall settings.
Necessary Codes:
No specific code is required for enabling deletion protection for Network Firewall. This can be done directly through the AWS Management Console.
Remediation Steps:
- 1.
Log in to the AWS Management Console: https://aws.amazon.com/console/
- 2.
Navigate to the Network Firewall Service: Go to the Network Firewall service in the AWS Management Console.
- 3.
Select the Firewall: Choose the specific Network Firewall for which you want to enable deletion protection.
- 4.
Enable Deletion Protection: Find the deletion protection setting for the selected Network Firewall and enable it.
- 5.
Verify: Confirm that deletion protection is now enabled for the Network Firewall by checking the settings or properties.
By following these steps, you can ensure that deletion protection is enabled for your Network Firewall in AWS, enhancing the security posture of your infrastructure.