How do I resolve the managed termination protection setting for the capacity provider error in Amazon ECS?

4 minute read

When I try to create a cluster capacity provider in Amazon Elastic Container Service (Amazon ECS), I get the following error: "The managed termination protection setting for the capacity provider is invalid".

Resolution

When you create a cluster capacity provider in Amazon ECS, you might get the following error:

"The managed termination protection setting for the capacity provider is invalid. To enable managed termination protection for a capacity provider, the Auto Scaling group must have instance protection from scale in enabled."

To resolve the error, turn on scale-in protection on your Auto Scaling group. You can use either the Amazon Elastic Compute Cloud (Amazon EC2) console or the AWS Command Line Interface (AWS CLI) to turn on scale-in protection.

Note: If you receive errors when you run AWS CLI commands, then see Troubleshoot AWS CLI errors. Also, make sure that you're using the most recent AWS CLI version.

Amazon EC2 console

Complete the following steps:

Open the Amazon EC2 console.
In the navigation pane, choose Auto Scaling Groups, and then select your Auto Scaling group.
On the Details tab, under Advanced configurations, choose Edit.
Under Instance scale-in protection, select Enable instance scale-in protection.
Choose Update.

AWS CLI

To verify if scale-in protection is turned on for the Auto Scaling group, run the describe-auto-scaling-groups command:

aws autoscaling describe-auto-scaling-groups \
    --auto-scaling-group-names <YourAutoScalingGroupName> \
    --region RegionID \
    --query 'AutoScalingGroups[*].{AutoScalingGroupName:AutoScalingGroupName,NewInstancesProtectedFromScaleIn:NewInstancesProtectedFromScaleIn}' \
    --output table

The output looks similar to the following:

------------------------------------------------------------------------------
|                  DescribeAutoScalingGroups                                 |
+---------------------------------------+------------------------------------+
| AutoScalingGroupName                  | NewInstancesProtectedFromScaleIn   |
+---------------------------------------+------------------------------------+
| <YourAutoScalingGroupName>            |  False                             |
+-----------------------+----------------------------------------------------+

To use the AWS CLI to turn on scale-in protection for the Auto Scaling group, run the update-auto-scaling-group command:

aws autoscaling update-auto-scaling-group \    
    --region RegionID \
    --auto-scaling-group-name YourAutoScalingGroupName \
    --new-instances-protected-from-scale-in

Note: Replace RegionID with your AWS Region. Replace YourAutoScalingGroupName with the name of your Auto Scaling group.

Troubleshooting

If you continue to have this error, then update your existing ECS instances. Some of your instances launched by the Auto Scaling group might not have scale-in protection.

Use the EC2 console or the AWS CLI to apply scale-in protection to the remaining instances:

Amazon EC2 console

Complete the following steps:

Open the Amazon EC2 console, and then choose Auto Scaling Groups from the navigation pane.
Select your Auto Scaling group, and then choose the Instances tab.
From the Instance ID column, select the instances to apply scale-in protection to.
On the Instance management tab, choose Actions, Set scale-in protection.
Use the console to recreate a capacity provider for Amazon ECS.

AWS CLI

Complete the following steps:

To list instances from your Auto Scaling group that don't have scale-in protection turned on, use the query feature to run the following command:

aws autoscaling describe-auto-scaling-groups \    
    --region RegionID \
    --auto-scaling-group-names yourAutoScalingGroupName \
    --query 'AutoScalingGroups[].Instances[?ProtectedFromScaleIn==`true`].{Id:InstanceId}' \
    --output text

Note: Replace RegionID with your Region. Replace yourAutoScalingGroupName with the name of your Auto Scaling group.

To turn on scale-in protection for the specified instances in your Auto Scaling group, run the following command:

aws autoscaling set-instance-protection \    
    --region RegionID \
    --instance-ids yourInstanceID \
    --auto-scaling-group-name yourAutoScalingGroupName \
    --protected-from-scale-in

Note: Replace RegionID with your Region. Replace yourInstanceID with your instance ID. Replace yourAutoScalingGroupName with the name of your Auto Scaling group.

Use the AWS CLI to recreate a capacity provider for Amazon ECS. For an example, see To create a capacity provider.

Related information

Automatically manage Amazon ECS capacity with cluster auto scaling

Topics

Containers

Relevant content

ECS Capacity Provider Scale In Time
Accepted Answer
acrookes-fe
asked 3 years ago
Delete ECS Capacity Provider
IgorS
asked a year ago
Update capacity provider for ECS cluster through CloudFormation
PalS
asked a month ago
ECS Cluster stuck in a busy state for days after capacity provider changes
Miguel
asked a year ago
ECS Blue/Green deploys fail to set Capacity Provider using the ECS console
Chuck W
asked 2 years ago
How do I resolve errors when I delete a capacity provider in Amazon ECS?
AWS OFFICIALUpdated 3 months ago
How do I troubleshoot scaling issues with my Amazon ECS capacity provider?
AWS OFFICIALUpdated 3 months ago
How do I troubleshoot issues when I try to set up a new capacity provider or update an existing capacity provider for my Amazon ECS cluster?
AWS OFFICIALUpdated 7 months ago
How do I use Fargate Spot capacity providers for Amazon ECS?
AWS OFFICIALUpdated 8 months ago
How to troubleshoot "Error occurred during operation 'DeleteClusters SDK Error: The Cluster cannot be deleted while Services are active." when deleting ECS cluster from CloudFormation?
EXPERT
SukanyaSuram
published 25 days ago