Use instance scale-in protection - Amazon EC2 Auto Scaling
Enable instance scale-in protection for a groupModify the instance scale-in protection setting for a groupModify the instance scale-in protection setting for an instance

Use instance scale-in protection

To control whether an Auto Scaling group can terminate a particular instance when scaling in, use instance scale-in protection. You can enable the instance scale-in protection setting on an Auto Scaling group or on an individual Auto Scaling instance. When Amazon EC2 Auto Scaling launches a new instance or moves an instance from a warm pool into the Auto Scaling group, the instance inherits the instance scale-in protection setting of the Auto Scaling group. You can change the instance scale-in protection setting for an Auto Scaling group or an Auto Scaling instance at any time.

Instance scale-in protection starts when the instance state is InService. If you detach an instance that is protected from scale-in, its instance scale-in protection setting is lost. When you attach the instance to the group again, it inherits the current instance scale-in protection setting of the group.

Instance scale-in protection does not protect Auto Scaling instances from the following:

  • Manual termination through the Amazon EC2 console, the terminate-instances command, or the TerminateInstances action. To protect Auto Scaling instances from manual termination, enable Amazon EC2 termination protection. For more information, see Enabling termination protection in the Amazon EC2 User Guide for Linux Instances.

  • Health check replacement if the instance fails health checks. For more information, see Health checks for Auto Scaling instances.

  • Spot Instance interruptions. A Spot Instance is terminated when capacity is no longer available or the Spot price exceeds your maximum price.

Note

If all instances in an Auto Scaling group are protected from scale in, and a scale-in event occurs, its desired capacity is decremented. However, the Auto Scaling group can't terminate the required number of instances until their instance scale-in protection settings are disabled.

In the AWS Management Console, the Activity history for the Auto Scaling group includes the following message if all instances in an Auto Scaling group are protected from scale in when a scale-in event occurs: Could not scale to desired capacity because all remaining instances are protected from scale-in.

Enable instance scale-in protection for a group

You can enable instance scale-in protection when you create an Auto Scaling group. By default, instance scale-in protection is disabled.

To enable instance scale-in protection (console)

When you create the Auto Scaling group, on the Configure group size and scaling policies page, under Instance scale-in protection, select the Enable instance scale-in protection option.

To enable instance scale-in protection (AWS CLI)

Use the following create-auto-scaling-group command to enable instance scale-in protection.

aws autoscaling create-auto-scaling-group --auto-scaling-group-name my-asg --new-instances-protected-from-scale-in ...

Modify the instance scale-in protection setting for a group

You can enable or disable the instance scale-in protection setting for an Auto Scaling group. When the instance scale-in protection setting is enabled, all new instances launched after enabling it will have instance scale-in protection enabled. Previously launched instances are only protected from scale in if you enable the instance scale-in protection setting for each instance individually.

To change the instance scale-in protection setting for a group (console)

  1. Open the Amazon EC2 console at https://console.aws.amazon.com/ec2/, and choose Auto Scaling Groups from the navigation pane.

  2. Select check box next to the Auto Scaling group.

    A split pane opens up in the bottom of the Auto Scaling groups page.

  3. On the Details tab, choose Advanced configurations, Edit.

  4. For Instance scale-in protection, select Enable instance scale-in protection.

  5. Choose Update.

To change the instance scale-in protection setting for a group (AWS CLI)

Use the following update-auto-scaling-group command to enable instance scale-in protection for the specified Auto Scaling group.

aws autoscaling update-auto-scaling-group --auto-scaling-group-name my-asg --new-instances-protected-from-scale-in

Use the following command to disable instance scale-in protection for the specified group.

aws autoscaling update-auto-scaling-group --auto-scaling-group-name my-asg --no-new-instances-protected-from-scale-in

Modify the instance scale-in protection setting for an instance

By default, an instance gets its instance scale-in protection setting from its Auto Scaling group. However, you can enable or disable instance scale-in protection for an instance at any time.

To change the instance scale-in protection setting for an instance (console)

  1. Open the Amazon EC2 console at https://console.aws.amazon.com/ec2/, and choose Auto Scaling Groups from the navigation pane.

  2. Select the check box next to your Auto Scaling group.

    A split pane opens up in the bottom of the Auto Scaling groups page.

  3. On the Instance management tab, in Instances, select an instance.

  4. To enable instance scale-in protection, choose Actions, Set scale-in protection. When prompted, choose Set scale-in protection.

  5. To disable instance scale-in protection, choose Actions, Remove scale-in protection. When prompted, choose Remove scale-in protection.

To change the instance scale-in protection setting for an instance (AWS CLI)

Use the following set-instance-protection command to enable instance scale-in protection for the specified instance.

aws autoscaling set-instance-protection --instance-ids i-5f2e8a0d --auto-scaling-group-name my-asg --protected-from-scale-in

Use the following command to disable instance scale-in protection for the specified instance.

aws autoscaling set-instance-protection --instance-ids i-5f2e8a0d --auto-scaling-group-name my-asg --no-protected-from-scale-in