Evaluates whether Elastic Compute Service (ECS) instances are locked due to overdue payments or security risks. If no instances are locked, the evaluation result is Compliant.
Scenarios
Identify ECS instances locked due to overdue payments or security risks at the earliest opportunity. You can then renew or unlock them to ensure business continuity.
Risk level
Default risk level: high.
You can change the risk level based on your business requirements when you configure this rule.
Compliance evaluation logic
- If no ECS instances are locked due to overdue payments or security risks, the evaluation result is Compliant.
- If an ECS instance is locked due to overdue payments or security risks, the evaluation result is Incompliant. To remediate, see Incompliance remediation.
Rule details
| Item | Description |
| Rule name | ecs-instance-no-lock |
| Rule identifier | ecs-instance-no-lock |
| Tag | ECS and Instance |
| Automatic remediation | Not supported |
| Trigger type | Configuration change |
| Supported resource type | ECS instance |
| Input parameter | None. |
Incompliance remediation
Change the status of an ECS instance to Running. For more information, see Instance lifecycle.