Risk Level: High
Cloud Entity: Amazon EC2 Instance
CloudGuard Rule ID: D9.AWS.DR.10
Covered by Spectral: No
Category: Compute

GSL LOGIC

Instance where not autoScalingGroup should have terminationProtectionEnabled=true

REMEDIATION

From Portal

Sign in to AWS Management Console.
Navigate to Amazon EC2 console.
In the navigation panel, under Instances, choose Instances.
Select the Amazon EC2 instance that you want to protect against accidental termination.
Click on the Actions dropdown button from the console top menu, choose Instance settings, and select Change termination protection.
On the Change termination protection configuration page, select the Enable checkbox available under Termination protection to enable the feature. Choose Save to apply the changes.

From TF
In order to enable Termination Protection:

resource 'aws_instance' 'example_instance_id' {
	//
	disable_api_termination = true
	//
}

From Command Line
run

aws ec2 modify-instance-attribute --instance-id INSTANCE_ID --disable-api-termination

References

Amazon EC2 Instance

Amazon Elastic Compute Cloud (Amazon EC2) is a web service that provides secure, resizable compute capacity in the cloud. It is designed to make web-scale cloud computing easier for developers.

Compliance Frameworks

CloudGuard AWS All Rules Ruleset