AWS-ELBv2-ELBv2-Deletion-Protection

Severity : High

Description: This control ensures that ELBv2 Load Balancer deletion protection is enabled. AWS ELB2 load balancer serve single point of contact for application client and distribute incoming traffic to available instances in different AZs. The accidental, unintended or malicious deletion of the load balancer will cause the disruption of the application deployed behind the load balancer. To prevent a load balancer from being deleted accidentally, enable deletion protection. By default, deletion protection is disabled for load balancer.

Remediation Steps:

Perform following to enable deletion protection for the load balancer :

1. Login to the AWS Management Console at https://console.aws.amazon.com as root user.

2. Navigate to EC2 console.

3. In the navigation pane, under LOAD BALANCING, choose Load Balancers.

4. Select the load balancer.

5. Got to Listeners tab, click Edit.

6. On the Description tab, choose Edit attributes.

7. On the Edit load balancer attributes page, select Enable for Delete Protection.

8. Choose Save.

Important:

Reference:

• https://docs.aws.amazon.com/elasticloadbalancing/latest/application/application-load-balancers.html#deletion-protection