I'm looking for ways to safeguard some critical EC2 instances from malicious termination. For instance, let's say there are two engineers who normally have the ability to delete these instances. Is there a method where we can set it up so that more than one account needs to be involved in order to terminate these EC2s? Also, I'm curious if there's an option for automatic daily backups for these instances. Any advice would be greatly appreciated!
2 Answers
You can enable termination protection for your critical EC2 instances to prevent accidental deletions. Also, consider using AWS Backup to set up automatic daily backups for those instances.
A common strategy is to manage deletions through a CI/CD pipeline. This way, the instances can't be deleted unless it goes through a review process, where changes have to be approved first. This can mitigate both malicious action and mistakes during deployment.
Exactly! By restricting deletion privileges and using pull requests for changes, you add a layer of security that helps avoid errors and ensures oversight.