Enable termination protection
To prevent your instance from being accidentally terminated, you can
enable termination protection for the instance. The
DisableApiTermination attribute controls whether the instance can be
terminated using the AWS Management Console, AWS Command Line Interface (AWS CLI), or API. By default, termination protection is
disabled for your instance which means that your instance can be terminated using the AWS Management Console, AWS CLI, or API. You can set the value of this attribute when you launch an
instance, while the instance is running, or while the instance is stopped (for
Amazon EBS backed instances).
The DisableApiTermination attribute doesn't prevent you from terminating an
instance by initiating shutdown from the instance (using an operating system command for
system shutdown) when the InstanceInitiatedShutdownBehavior attribute is
set. For more information, see Change the instance initiated shutdown behavior.
Considerations
-
Enabling termination protection does not prevent AWS from terminating the instance when there is a scheduled event to terminate the instance.
-
Enabling termination protection does not prevent Amazon EC2 Auto Scaling from terminating an instance when the instance is unhealthy or during scale-in events. You can control whether an Auto Scaling group can terminate a particular instance when scaling using instance scale-in protection. You can control whether an Auto Scaling group can terminate unhealthy instances by suspending the ReplaceUnhealthy scaling process.
-
You can't enable termination protection for Spot Instances.
To enable termination protection for an instance at launch time
Open the Amazon EC2 console at https://console.aws.amazon.com/ec2/
. -
On the dashboard, choose Launch Instance and follow the directions in the wizard.
-
On the Configure Instance Details page, select the Enable termination protection check box.
To enable termination protection for a running or stopped instance
-
Select the instance, and choose Actions, Instance Settings, Change Termination Protection.
-
Choose Yes, Enable.
To disable termination protection for a running or stopped instance
-
Select the instance, and choose Actions, Instance Settings, Change Termination Protection.
-
Choose Yes, Disable.
To enable or disable termination protection using the command line
You can use one of the following commands. For more information about these command line interfaces, see Access Amazon EC2.
modify-instance-attribute (AWS CLI)
Edit-EC2InstanceAttribute (AWS Tools for Windows PowerShell)
Terminate multiple instances with termination protection
If you terminate multiple instances across multiple Availability Zones in the same request, and one or more of the specified instances are enabled for termination protection, the request fails with the following results:
-
The specified instances that are in the same Availability Zone as the protected instance are not terminated.
-
The specified instances that are in different Availability Zones, where no other specified instances are protected, are successfully terminated.
Example
Suppose that you have the following four instances across two Availability Zones.
| Instance | Availability Zone | Terminate protection |
|---|---|---|
| Instance 1 | AZ A | Disabled |
| Instance 2 | Disabled |
|
| Instance 3 | AZ B | Enabled |
| Instance 4 | Disabled |
If you attempt to terminate all of these instances in the same request, the request reports failure with the following results:
-
Instance 1 and Instance 2 are successfully terminated because neither instance is enabled for termination protection.
-
Instance 3 and Instance 4 fail to terminate because Instance 3 is enabled for termination protection.
