2

EC2 is designed to make it very easy to spin up instances and terminate them at will. Is there a way to add an additional protection to an EC2 (e.g. password protect, or even an additional confirmation) such that the typical means of instance termination (through the browser, cli, or library like boto3) would require an extra step to be followed (such as a confirmation prompt or 'type the name of this instance' along the lines of the technique used by github when deleting a repository)?

stevec
  • 41,291
  • 27
  • 223
  • 311
  • Can you give more background around why you need this feature? A typical solution would be to only give admin credentials/access to those users who are well trained on AWS and can be trusted with such permissions. – Tim Biegeleisen Jul 26 '19 at 01:48
  • @TimBiegeleisen this morning I terminated a bunch of instances (about 6) and I didn't realise that there was one additional (important) instance selected that should't have been, so it got terminated too. I'm just after a simple way to prevent this type of mishap – stevec Jul 26 '19 at 01:51
  • @TimBiegeleisen in other words, purely to protect against carelessness/accidents :-) – stevec Jul 26 '19 at 01:53

1 Answers1

2

There is a feature called "Termination Protection" that you can enable in important instances:

enter image description here

Then if you attempt to terminate one of them, you'll get this message, and the "Terminate" button won't be enabled:

enter image description here

More information about that feature here.

Daniel
  • 21,933
  • 14
  • 72
  • 101