Change instance termination protection - Amazon Elastic Compute Cloud (original) (raw)

To prevent your instance from being accidentally terminated using the Amazon EC2 API, whether you call TerminateInstances directly or using another interface such as the Amazon EC2 console, enable termination protection for the instance. The DisableApiTermination attribute controls whether the instance can be terminated. By default, termination protection is disabled for your instance. You can set the value of this attribute when you launch an instance, or while the instance is running or stopped.

The DisableApiTermination attribute doesn't prevent you from terminating an instance by initiating shutdown from the instance (for example, by using an operating system command for system shutdown) when the InstanceInitiatedShutdownBehavior attribute is set to terminate. For more information, see Change instance initiated shutdown behavior.

Considerations

• Enabling termination protection does not prevent AWS from terminating the instance when there is a scheduled event to terminate the instance.
• Enabling termination protection does not prevent Amazon EC2 Auto Scaling from terminating an instance when the instance is unhealthy or during scale-in events. You can control whether an Auto Scaling group can terminate a particular instance when scaling using instance scale-in protection. You can control whether an Auto Scaling group can terminate unhealthy instances by suspending the ReplaceUnhealthy scaling process.
• You can't enable termination protection for Spot Instances.

Console

To enable termination protection for an instance at launch

1. Open the Amazon EC2 console athttps://console.aws.amazon.com/ec2/.
2. On the dashboard, choose Launch instance.
3. Expand Advanced details. For Termination protection, select Enable.
4. When you are finishing specifying the details for your instance, choose Launch instance.

To change termination protection for an instance

1. Open the Amazon EC2 console athttps://console.aws.amazon.com/ec2/.
2. In the navigation pane, select Instances.
3. Select the instance.
4. Choose Actions, Instance settings, Change termination protection.
5. For Termination protection select or clear Enable.
6. Choose Save.

AWS CLI

To enable termination protection for an instance

Use the modify-instance-attribute command.

aws ec2 modify-instance-attribute \
    --instance-id i-1234567890abcdef0 \
    --disable-api-termination

To disable termination protection for an instance

Use the modify-instance-attribute command.

aws ec2 modify-instance-attribute \
    --instance-id i-1234567890abcdef0 \
    --no-disable-api-termination

PowerShell

To enable termination protection for an instance

Use the Edit-EC2InstanceAttribute cmdlet.

Edit-EC2InstanceAttribute `
    -InstanceId i-1234567890abcdef0 `
    -DisableApiTermination $true

To disable termination protection for an instance

Use the Edit-EC2InstanceAttribute cmdlet.

Edit-EC2InstanceAttribute `
    -InstanceId i-1234567890abcdef0 `
    -DisableApiTermination $false

Terminate multiple instances with termination protection

If you terminate multiple instances across multiple Availability Zones in the same request, and one or more of the specified instances are enabled for termination protection, the request fails with the following results:

• The specified instances that are in the same Availability Zone as the protected instance are not terminated.
• The specified instances that are in different Availability Zones, where no other specified instances are protected, are successfully terminated.

Example

Suppose that you have the following four instances across two Availability Zones.

If you attempt to terminate all of these instances in the same request, the request reports failure with the following results:

• Instance 1 and Instance 2 are successfully terminated because neither instance is enabled for termination protection.
• Instance 3 and Instance 4 fail to terminate because Instance 3 is enabled for termination protection.