Skip to main content

Triage AWS EC2 Instances should not use outdated instance types OUTDATED_INSTANCE_TYPE

  1. Configure AWS EC2 Instances should not use outdated instance types
  2. Use Case for AWS EC2 Instances should not use outdated instance types
  3. Triage Guides by Violation Type
    1. Triage AWS EC2 Instances should not use outdated instance types OUTDATED_INSTANCE_TYPE

Why should I care about fixing this issue?

To get started on understanding EC2 Outdated Instance Types, read our use-case page.

What is the data source for this policy?

This policy relies on a call to ec2:DescribeInstances. If the response of the property InstanceType matches any of the below classes, then a violation is opened by the policy.

const OUTDATED_TYPES = [
  "m1",
  "m2",
  "m3",
  "c1",
  "c3",
  "g2",
  "r3",
  "cr1",
  "i2",
  "hs1",
  "t1",
]

Does this policy scan on a schedule? If so, when?

No, it's triggered when changes to matching resources are detected.

How do I change instance type using AWS Console?

If the instance is using EBS, you can follow the instructions to Change the instance type of an existing EBS-backed instance.

How do I change instance type using CloudFormation?

AWS::EC2::Instance : InstanceType

Note that the field is not required and the default value is m1.small (note: m1 is a Previous Generation Instance Type).

 Type: AWS::EC2::Instance
 Properties: 
-   InstanceType: t1.micro
+   InstanceType: t3.micro

How do I change instance type using Terraform?

aws_db_instance : instance_type

Note that the field is not required, may not be present.

 resource "aws_ec2_host" "example" {
-  instance_type = 't1.micro'
+  instance_type = 't3.micro'
 }

How do I change instance type using AWS CLI?

See the AWS CLI expandable section on Enabling automated backups To change the instance type of an EC2 instance using AWS CLI, first identify the instance ID of the EC2 instance you wish to modify (aws ec2 describe-instances may help). Once you've identified the instance ID, stop the instance using aws ec2 stop-instances. Finally, update the instance type using the --instance-type flag of aws ec2 modify-instance-attribute.

aws ec2 modify-instance-attribute \
--instance-id i-00000000000000000 \
--instance-type "{\"Value\": \"t3.micro\"}"

When is it appropriate to mark this violation as "by design"?

To get started on understanding EC2 Outdated Instance Types, read our use-case page.