| Plugin Title | EC2 Max Instances |
| Cloud | AWS |
| Category | EC2 |
| Description | Ensures the total number of EC2 instances does not exceed a set threshold. |
| More Info | The number of running EC2 instances should be carefully audited, especially in unused regions, to ensure only approved applications are consuming compute resources. Many compromised AWS accounts see large numbers of EC2 instances launched. |
| AWS Link | https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/monitoring_ec2.html |
| Recommended Action | Ensure that the number of running EC2 instances matches the expected count. If instances are launched above the threshold, investigate to ensure they are legitimate. |
- Log in to the AWS Management Console.
- Select the "Services" option and search for EC2.
- Scroll down the left navigation panel and choose "Instances".
- Check the total number of EC2 instances at the top left corner available in the selected AWS region.
- Repeat steps number 2 - 4 to check the threshold value for other regions. If the total number of running EC2 instances provisioned in your AWS account is greater than 50, the recommended threshold was exceeded. AWS has different threshold values as well depends on the region. Raise an AWS support ticket to limit the number of instances as per the requirements.
- Scroll down the left navigation panel and choose "Instances". Verify all the "Instances" running and terminate any "Instances" which are not required.
- Choose the "EC2 Instances" which are not required from the "Instances" configuration page.
- Click on the "Instance State" button at the top panel and click on "Stop instance" if you want to only stop the selected "EC2 Instance" and not terminate.
- Click on the "Instance state" button at the top panel and click on "Terminate Instance" to terminate the selected "EC2 Instance".
- On the "Terminate Instance" dialog box click on the "Terminate" button.
- Repeat steps number 6 - 10 to remove the "EC2 Instances" which are not required.
