Ref: https://learn.cantrill.io/courses/1820301/lectures/41301342

• Summary
• Contents:

Shutdown Behavior of EC2 Instances

• Normally, running instances can be stopped, rebooted, or terminated
• Default shutdown behavior for an instance is to stop the instance
• Shutdown behavior can be changed to terminate
  • niche feature
  • 👍 Useful if state of instance that shuts down is not valuable
    • saves storage costs from stopped instances
    • saves admin overhead if lots of instances get stopped
    • 💡 e.g. instance will be reprovisioned in an EC2 AutoScaling Group, and instances get shut down constantly → automation without incurring extra storage costs

EC2 Termination Protection

• Normally, terminating an instance brings up an additional dialog in AWS Management Console UI (to confirm deletion), but it might not be enough

  • Unknowing admins might terminate an instance nilly-willy and lead to data loss (not ideal)

• 🔧 Termination protection = optional extra layer of security for terminating instances

  • Trying to terminate an instance with this protection enabled will bring this dialog in UI:

    

• Benefits:

  1. 👍 Protects against accidental termination of critical instances
  2. 👍 Adds extra permission/approval step
     • permission to disable/enable termination protection: disableApiTermination
       • ❗above permission is different from permission to terminate instances
     • 👍 Role separation → e.g. only senior admins can remove the protection, junior/normal admins can't
     • Useful for business critical resources → e.g. enable protection in PROD environment, while TEST and DEV environments don't need