ELB Application Load Balancer Deletion Protection Rule
Ensure that ELB application load balancer deletion protection is enabled to prevent unauthorized deletion.
| Rule | ELB application load balancer deletion protection should be enabled |
| Framework | NIST 800-53 Revision 5 |
| Severity | ✔ High |
Rule Description
The ELB (Elastic Load Balancer) application load balancer deletion protection should be enabled to meet the compliance requirements of NIST 800-53 Revision 5. The deletion protection feature prevents accidental or unauthorized deletion of the load balancer, ensuring the availability and continuity of the application services.
Troubleshooting Steps (If Applicable)
No specific troubleshooting steps are required for this rule. It is a simple on/off configuration that needs to be enabled.
Necessary Code (If Applicable)
No code is required for this rule. It is a setting that needs to be enabled in the AWS Management Console or using the AWS CLI.
Step-by-Step Guide for Remediation
Follow the steps below to enable deletion protection for an ELB application load balancer:
Step 1: Access AWS Management Console
- 1.Open a web browser and navigate to the AWS Management Console (https://console.aws.amazon.com).
Step 2: Select the Elastic Load Balancer (ELB) Service
- 1.Once logged in, search for "Elastic Load Balancer" in the AWS Management Console search bar.
- 2.Click on "Load Balancers" under the "Elastic Load Balancer" section.
Step 3: Select the Application Load Balancer
- 1.In the Load Balancers dashboard, locate the application load balancer for which you want to enable deletion protection.
- 2.Click on the load balancer name to access its configuration.
Step 4: Enable Deletion Protection
- 1.In the load balancer configuration page, go to the "Attributes" tab.
- 2.Under the "General" section, locate the option or checkbox for deletion protection.
- 3.Enable the deletion protection by selecting the checkbox or setting the option to "Enabled".
- 4.Save the changes.
Step 5: Verification
- 1.To verify the deletion protection is enabled, go back to the load balancer list in the Elastic Load Balancer service.
- 2.Locate the load balancer you configured.
- 3.Check for a lock symbol or a deletion protection indicator next to the load balancer name.
- The presence of these symbols indicates that deletion protection is enabled.
CLIs (Command Line Interface) Commands (If Applicable)
No specific CLI commands are necessary for this rule. The steps mentioned above cover the configuration through the AWS Management Console.
Conclusion
By following the step-by-step guide above, you can ensure that deletion protection is enabled for your ELB application load balancer, meeting the compliance requirements of NIST 800-53 Revision 5. This configuration helps prevent accidental or unauthorized deletion of the load balancer, ensuring the availability and continuity of your application services.