Ensure that EC2 API termination protection is enabled
EC2 API termination protection setting prevents EC2 from being accidently terminated.
Risk Level: Low
Cloud Entity: Amazon EC2 Instance
CloudGuard Rule ID: D9.CFT.OPE.06
Covered by Spectral: Yes
Category: Compute
GSL LOGIC
AWS_EC2_Instance should have DisableApiTermination=true
REMEDIATION
From CFT
Set AWS::EC2::Instance DisableApiTermination
property to true
References
- https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/terminating-instances.html#Using_ChangingDisableAPITermination
- https://docs.aws.amazon.com/cli/latest/reference/ec2/modify-instance-attribute.html#modify-instance-attribute
Amazon EC2 Instance
Amazon Elastic Compute Cloud (Amazon EC2) is a web service that provides secure, resizable compute capacity in the cloud. It is designed to make web-scale cloud computing easier for developers.
Compliance Frameworks
- AWS CloudFormation ruleset
Updated over 1 year ago