Enable or disable EC2 instance "Termination Protection" via AWS CLI (shell)

aws_ec2_termination_protection.md

Loop through all EC2 instances (excluding terminated and spot) and enable termination protection

for I in $(aws ec2 describe-instances --query \
  'Reservations[].Instances[?(InstanceLifecycle!=`spot` && InstanceState!=terminated)].[InstanceId]' \
  --output text); do
  aws ec2 modify-instance-attribute --disable-api-termination --instance-id $I;
done

Loop through all EC2 instances (excluding terminated and spot) and disable termination protection

for I in $(aws ec2 describe-instances --query \
  'Reservations[].Instances[?(InstanceLifecycle!=`spot` && InstanceState!=terminated)].[InstanceId]' \
  --output text); do
  aws ec2 modify-instance-attribute --no-disable-api-termination --instance-id $I;
done

It seems like disable-api-termination does not support spot and terminated instances, which makes sense. So for me, the following ensured no errors:

for I in $(aws ec2 describe-instances --query 'Reservations[*].Instances[?(InstanceLifecycle!=`spot` && InstanceState!=terminated)].[InstanceId]' --output text);
  do aws ec2 modify-instance-attribute --no-disable-api-termination --instance-id $I;
done

Thanks for the comment!

I would assume that, if disable-api-termination doesn't work for spot|terminated instances, the same would go for no-disable-api-termination.

I'll update the gist

missing backticks on terminated:

for I in $(aws ec2 describe-instances --query \
  'Reservations[].Instances[?(InstanceLifecycle!=`spot` && InstanceState!=`terminated`)].[InstanceId]' \
  --output text); do
  aws ec2 modify-instance-attribute --disable-api-termination --instance-id $I;
done