Ensure that Deletion Protection safety feature is enabled for your Amazon VPC network firewalls.
networkfirewall_deletion_protection
Ensure that Deletion Protection safety feature is enabled for your Amazon VPC network firewalls in order to protect the firewalls from being accidentally deleted. By default, Deletion Protection is disabled for VPC network firewalls.
Risk
Without a network firewall, it can be difficult to monitor and control traffic within the VPC. This can make it harder to detect and prevent attacks or unauthorized access to resources.
Run this check with Prowler CLI
prowler aws --checks networkfirewall_deletion_protection
ARN template
arn:partition:network-firewall::account-id:firewall/firewall-name
Remediation
aws network-firewall update-firewall-delete-protection --region <value> --firewall-name <value> --delete-protection
Ensure that Deletion Protection safety feature is enabled for your Amazon VPC network firewalls.
Source Code
Resource Type
AwsNetworkFirewallFirewall