Rule: ELB Application Load Balancer Deletion Protection Enabled
This rule ensures that ELB application load balancer deletion protection is enabled to prevent accidental deletions.
| Rule | ELB application load balancer deletion protection should be enabled |
| Framework | NIST 800-53 Revision 5 |
| Severity | ✔ High |
Rule Description: ELB Application Load Balancer should have deletion protection enabled to comply with NIST 800-53 Revision 5.
Description: Deletion protection is a crucial security measure that prevents accidental or unauthorized deletion of resources. It ensures the availability and integrity of critical resources. In the context of ELB (Elastic Load Balancer), specifically Application Load Balancer, enabling deletion protection helps to safeguard against inadvertent or malicious deletion that can lead to service disruptions or security breaches.
Enabling deletion protection for an ELB Application Load Balancer is particularly important for compliance with NIST 800-53 Revision 5. This revision emphasizes the protection of information system components from deletion to reduce the risk of data loss, unauthorized access, or service disruptions.
Troubleshooting Steps:
- 1.Verify if the deletion protection is already enabled for the ELB Application Load Balancer:
- Run the AWS CLI command:
aws elbv2 describe-load-balancers --load-balancer-arns <load_balancer_ARN> - Check the response for the
field. If its value isDeletionProtection
, then deletion protection is already enabled.true
- 2.Enable deletion protection for the ELB Application Load Balancer:
- Run the AWS CLI command:
aws elbv2 modify-load-balancer-attributes --load-balancer-arn <load_balancer_ARN> --attributes Key=deletion_protection.enabled,Value=true
Note: Replace
<load_balancer_ARN>With the above steps, you can ensure that the deletion protection is enabled for the specified ELB Application Load Balancer. This helps in compliance with NIST 800-53 Revision 5, reducing the risk of accidental or unauthorized deletion and ensuring the availability and security of the load balancer and associated resources.