Evaluates whether release protection is enabled for Elastic Compute Service (ECS) instances.
Scenarios
Enable release protection for critical ECS instances to prevent accidental deletion and avoid business interruption.
Risk level
Default risk level: high.
You can change the risk level when you apply this rule.
Compliance evaluation logic
- If release protection is enabled for an ECS instance, the evaluation result is compliant.
- If release protection is not enabled for an ECS instance, the evaluation result is non-compliant. For information about how to fix this, see Non-compliance remediation.
Rule details
| Item | Description |
| Rule name | ecs-instance-deletion-protection-enabled |
| Rule ID | ecs-instance-deletion-protection-enabled |
| Tag | ECS and Instance |
| Automatic remediation | Supported |
| Trigger type | Configuration change |
| Supported resource type | ECS instance |
| Input parameter | None |
Non-compliance remediation
To enable release protection for an ECS instance, see Enable or disable release protection for ECS instances.
该文章对您有帮助吗?