EC2 Shutdown Behavior and Termination Protection

Amazon Elastic Compute Cloud (EC2) instances can be started, stopped, or terminated based on your needs. Here's an overview of the EC2 instance shutdown behavior and termination protection:

  1. EC2 Shutdown Behavior:

    • Stop: When an EC2 instance is stopped, the following happens:

      • The instance performs a normal OS shutdown (similar to shutting down your PC).

      • All the ephemeral storage (instance store volumes) data is lost.

      • Elastic IP (if associated) is disassociated from the instance (in case of a non-VPC instance).

      • You are not charged for instance usage while it's stopped, but you are still charged for any EBS volumes attached.

      • The instance state appears as "stopped" in the EC2 Dashboard.

      • You can start a stopped instance at any time, and it will retain its data on the EBS volumes.

    • Terminate: When an EC2 instance is terminated, the following happens:

      • The instance performs a normal OS shutdown.

      • All the ephemeral storage data is lost.

      • Elastic IP (if associated) is disassociated.

      • EBS volumes are deleted unless they are set to "Do not delete on termination."

      • The instance is removed and cannot be restarted.

    • By default, shutting down an EC2 instance means stopping it, but this behavior can be changed to terminate the instance on shutdown from within the instance OS or via EC2 instance settings.

  2. Termination Protection:

    • Termination protection is a feature that prevents EC2 instances from being accidentally terminated. It acts as a safeguard.

    • When an instance has termination protection enabled, you cannot terminate it using the AWS Management Console, the AWS CLI, or the API until you first disable the termination protection.

    • It's essential to note that termination protection is not a silver bullet for preventing instance deletion. For example, if the EC2 instance is part of an Auto Scaling Group (ASG), and the ASG decides to terminate the instance, termination protection on the EC2 instance will not prevent its deletion.

    • To enable or disable termination protection, you can use the AWS Management Console, AWS CLI, or API.

    • While termination protection is a useful safety measure, it's also recommended to implement best practices like regularly backing up data, setting IAM policies appropriately, and monitoring instance activity.

Enable termination protection

By default, you can terminate your instance using the Amazon EC2 console, command line interface, or API. To prevent your instance from being accidentally terminated using Amazon EC2, you can enable termination protection for the instance. The DisableApiTermination attribute controls whether the instance can be terminated using the console, CLI, or API. By default, termination protection is disabled for your instance. You can set the value of this attribute when you launch the instance, while the instance is running, or while the instance is stopped (for Amazon EBS-backed instances).

The DisableApiTermination attribute does not prevent you from terminating an instance by initiating shutdown from the instance (using an operating system command for system shutdown) when the InstanceInitiatedShutdownBehavior attribute is set. For more information, see Change the instance initiated shutdown behavior.

To enable termination protection for an instance at launch time

  1. Open the Amazon EC2 console at

  2. On the dashboard, choose Launch Instance and follow the directions in the wizard.

  3. On the Configure Instance Details page, select the Enable termination protection check box.

To enable termination protection for a running or stopped instance

  1. Select the instance, and choose Actions, Instance Settings, Change Termination Protection.

  2. Choose Yes, Enable.

To enable or disable termination protection using the command line

To enable termination protection on a running EC2 instance using the AWS Command Line Interface (CLI), you can use the modify-instance-attribute command. Here's a step-by-step guide:

  1. Prerequisites:

    • Make sure you have the AWS CLI installed and configured with the necessary access rights.

    • You should have the Instance ID of the EC2 instance for which you want to enable termination protection.

  2. Enable Termination Protection:

Use the following command to enable termination protection:

aws ec2 modify-instance-attribute --instance-id i-0abcd1234efgh5678 --disable-api-termination

Replace i-0abcd1234efgh5678 with your actual EC2 instance ID.

  1. Verify:

You might want to ensure that termination protection was successfully enabled for the instance. Use the following command:

aws ec2 describe-instance-attribute --instance-id i-0abcd1234efgh5678 --attribute disableApiTermination

This command will return the disableApiTermination attribute for the specified instance. If termination protection is enabled, the attribute's value will be set to true.

Now, the EC2 instance has termination protection enabled. Remember, if you ever need to terminate this instance, you'll have to first disable termination protection using the AWS CLI or Management Console.

Change the instance initiated shutdown behavior

By default, when you initiate a shutdown from an Amazon EBS-backed instance (using a command such as shutdown or poweroff), the instance stops (Note that halt does not issue a poweroff command and, if used, the instance will not terminate; instead, it will place the CPU into HLT and the instance will remain running). You can change this behavior using the InstanceInitiatedShutdownBehavior attribute for the instance so that it terminates instead. You can update this attribute while the instance is running or stopped.

You can update the InstanceInitiatedShutdownBehavior attribute using the Amazon EC2 console or the command line. The InstanceInitiatedShutdownBehavior attribute only applies when you perform a shutdown from the operating system of the instance itself; it does not apply when you stop an instance using the StopInstances API or the Amazon EC2 console.

To change the shutdown behavior of an instance using the console

  1. Open the Amazon EC2 console at

  2. In the navigation pane, choose Instances.

  3. Select the instance.

  4. Choose Actions, Instance settings, Change shutdown behavior. The current behavior is selected.

  5. To change the behavior, select Stop or Terminate from Shutdown behavior and then choose Save.


  1. Terminate your instance

  2. How do I protect my data against accidental EC2 instance termination?