CCSS (Common Configuration Scoring System) is a set of measures used to determine the severity of the rule.
Each rule is associated with a high-level category. For example IAM, Container, Monitoring, Logging, Network, etc.
Is your environment affected by this misconfiguration?
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applications- Snyk IDSNYK-CC-00283
- creditSnyk Research Team
Description
Without this setting enabled, the instance can be terminated by accident. This setting should only be used for instances with high availability requirements. Enabling this may prevent IaC workflows from updating the instance; for example, Terraform will not be able to terminate the instance to update the instance type.
How to fix?
Set the disable_api_termination attribute to true.
Example Configuration
resource "aws_instance" "demo" {
ami = "ami-005e54dee72ccabcd"
instance_type = "t2.micro"
disable_api_termination = true
}
Set DisableApiTermination attribute to the value true.