Rule: ELB Application Load Balancer Deletion Protection Enabled
This rule ensures that deletion protection is enabled for ELB application load balancers.
| Rule | ELB application load balancer deletion protection should be enabled |
| Framework | NIST Cybersecurity Framework (CSF) v1.1 |
| Severity | ✔ High |
Rule Description
The ELB (Elastic Load Balancer) application load balancer deletion protection should be enabled to comply with the NIST (National Institute of Standards and Technology) Cybersecurity Framework (CSF) version 1.
Deletion protection ensures that the ELB application load balancer cannot be deleted accidentally, providing an additional layer of security for your infrastructure. By enabling this protection, it helps prevent unauthorized or accidental removal of the load balancer, which could lead to service disruptions or potential security risks.
Troubleshooting Steps
In case you encounter any issues while enabling deletion protection, you can follow these troubleshooting steps:
- 1.
Check Permissions: Ensure that you have the necessary IAM (Identity and Access Management) permissions to modify load balancer settings. You should have the necessary privileges to enable deletion protection on the ELB application load balancer.
- 2.
Verify Load Balancer Status: Make sure the load balancer is in a stable state and not experiencing any ongoing issues. If the load balancer is in a failed or error state, resolve the underlying issues before enabling deletion protection.
- 3.
Review AWS Documentation: Consult the official AWS (Amazon Web Services) documentation for detailed information on enabling deletion protection for ELB application load balancers. It provides troubleshooting tips and additional guidance to resolve specific issues that may arise during the process.
Necessary Codes
There are no specific codes required to enable deletion protection for your ELB application load balancer. The configuration change can be made directly from the AWS Management Console or through AWS CLI (Command Line Interface) commands.
Step-by-Step Guide for Enabling Deletion Protection
Follow these steps to enable deletion protection for your ELB application load balancer:
- 1.
Log in to the AWS Management Console.
- 2.
Navigate to the EC2 service.
- 3.
In the navigation pane, click on "Load Balancers" under "LOAD BALANCING".
- 4.
Select the desired ELB application load balancer from the list.
- 5.
Click on the "Description" tab to view the load balancer details.
- 6.
Under the "General" section, locate the "Attributes" tab.
- 7.
In the "Attributes" tab, find the "Deletion Protection" option.
- 8.
Click on the "Edit" button next to "Deletion Protection".
- 9.
In the edit window, select the checkbox to enable deletion protection.
- 10.
Click on the "Save" button to apply the changes.
Upon successful completion of these steps, deletion protection will be enabled for your ELB application load balancer as per the NIST CSF version 1 requirements.
Please note that the actual steps may vary slightly depending on the layout and design of the AWS Management Console, but the overall process remains similar.
Conclusion
Enabling deletion protection for the ELB application load balancer adds an extra layer of security to prevent accidental or unauthorized deletion. Compliance with NIST CSF version 1 helps ensure the protection of your infrastructure from potential risks and service disruptions. By following the step-by-step guide, you can easily enable deletion protection for your ELB application load balancer in accordance with the specified policy.