Checks whether the release protection feature is enabled for each Elastic Compute Service (ECS) instance.
Scenarios
You can enable the release protection feature for ECS instances with high importance. This prevents business interruption caused by accidental operations that delete resources, and also enhances business stability.
Risk level
Default risk level: high.
You can change the risk level as required when you apply this rule.
Compliance evaluation logic
- If the release protection feature is enabled for each ECS instance, the evaluation result is compliant.
- If the release protection feature is not enabled for an ECS instance, the evaluation result is non-compliant. For more information about how to correct the non-compliant configuration, see Non-compliance remediation.
Rule details
| Item | Description |
|---|---|
| Rule name | ecs-instance-deletion-protection-enabled |
| Rule ID | ecs-instance-deletion-protection-enabled |
| Tag | ECS and Instance |
| Automatic remediation | Supported |
| Trigger type | Configuration change |
| Supported resource type | ECS instance |
| Input parameter | None |
Non-compliance remediation
For more information about how to enable release protection for an ECS instance, see Enable or disable release protection for ECS instances.