1. Login to AWS Console: Go to the AWS Management Console and login to your account.
2. Navigate to EC2 Service: Click on the “Services” dropdown menu at the top left corner and select “EC2” under the Compute section.
3. Select Security Groups: In the EC2 dashboard, click on the “Security Groups” option from the left-hand side menu.
4. Select the Security Group: Identify the security group that you want to enable deletion protection for and click on it to select it.
5. Enable Deletion Protection: In the security group details page, go to the “Actions” dropdown menu at the top and select “Edit inbound rules” or “Edit outbound rules” as per your requirement.
6. Enable Deletion Protection: In the Edit rules page, scroll down to the bottom and locate the “Delete Protection” option. Check the box next to “Protect against accidental deletion” to enable deletion protection for the security group.
7. Save Changes: After enabling deletion protection, click on the “Save rules” button to apply the changes.

​

1. List all the security groups associated with your EC2 instances to identify the security group that needs to have deletion protection enabled:

aws ec2 describe-instances --query 'Reservations[*].Instances[*].SecurityGroups[*].[GroupId,GroupName]'

2. Enable deletion protection for the identified security group using the following command. Replace <security-group-id> with the actual Security Group ID:

aws ec2 modify-security-group-rules --group-id <security-group-id> --no-delete-on-revoke

3. Verify that deletion protection has been enabled for the security group by describing the security group attributes:

aws ec2 describe-security-groups --group-ids <security-group-id> --query 'SecurityGroups[*].{GroupName:GroupName,DeletionProtection:DeletionProtection}'

1. Install Boto3 library: Ensure you have the Boto3 library installed. You can install it using pip:
   Copy

   Ask AI

   pip install boto3
   

2. Write a Python script to enable deletion protection for network firewalls: Create a Python script (e.g., enable_firewall_deletion_protection.py) with the following code:
   Copy

   Ask AI

   import boto3
   
   # Initialize the EC2 client
   ec2_client = boto3.client('ec2')
   
   # Get all the network interfaces associated with EC2 instances
   response = ec2_client.describe_instances()
   for reservation in response['Reservations']:
       for instance in reservation['Instances']:
           for interface in instance['NetworkInterfaces']:
               # Get the network interface ID
               network_interface_id = interface['NetworkInterfaceId']
               
               # Enable deletion protection for the network interface
               ec2_client.modify_network_interface_attribute(
                   NetworkInterfaceId=network_interface_id,
                   DeletionProtection={'Value': True}
               )
               print(f"Deletion protection enabled for network interface {network_interface_id}")
   

3. Configure AWS credentials: Ensure that your AWS credentials are configured either through environment variables, AWS CLI configuration, or IAM roles.
4. Run the Python script: Execute the Python script using the following command:
   Copy

   Ask AI

   python enable_firewall_deletion_protection.py