Aws Elbv2 Deletion Protection Disabled
Description
Identifies Application Load Balancers (ALB) and Network Load Balancers (NLB) that have deletion protection disabled. Load balancers without deletion protection could be accidentally deleted, potentially causing service disruptions. This check excludes EKS-managed load balancers.
Detection Strategy
• Retrieves all ELBv2 load balancers in the AWS account and region
• Checks if the load balancer is not associated with an EKS cluster by examining its tags
• For non-EKS load balancers, examines the 'deletion_protection.enabled' attribute
• Reports a vulnerability if deletion protection is not set to 'true'
• Each vulnerability includes the load balancer ARN and the current protection setting value
Search for vulnerabilities in your apps for free with Fluid Attacks' automated security testing! Start your 21-day free trial and discover the benefits of the Continuous Hacking Essential plan.If you prefer the Advanced plan, which includes the expertise of Fluid Attacks' hacking team, fill out this contact form.