Checks whether an Elastic Compute Service (ECS) instance is locked due to issues such as overdue payments and security risks. If no ECS instances are locked due to these issues, the evaluation result is Compliant.
Scenarios
This rule applies when you need to identify ECS instances that are locked due to issues such as overdue payments and security risks at the earliest opportunity. If you identify locked ECS instances, you can renew or unlock them to ensure business continuity.
Risk level
Default risk level: high.
When you configure this rule, you can change the risk level based on your business requirements.
Compliance evaluation logic
- If no ECS instances are locked due to issues such as overdue payments and security risks, the evaluation result is Compliant.
- If an ECS instance is locked due to issues such as overdue payments and security risks, the evaluation result is Incompliant. For more information about how to remediate an incompliant configuration, see Incompliance remediation.
Rule details
| Item | Description |
|---|---|
| Rule name | ecs-instance-no-lock |
| Rule identifier | ecs-instance-no-lock |
| Tag | ECS and Instance |
| Automatic remediation | Not supported |
| Trigger type | Configuration change |
| Supported resource type | ECS instance |
| Input parameter | None. |
Incompliance remediation
Change the status of an ECS instance to Running. For more information, see Instance lifecycle.