Why do I have running EC2 instances that I didn't launch?

3 minute read
0

I have instances running in the Amazon Elastic Compute Cloud (Amazon EC2) console that I don't remember launching, and I want to remove them.

Resolution

Determine whether another AWS service or an authorized user on your AWS account launched the Amazon EC2 instances.

Determine whether another AWS service launched the instances

You can configure some AWS services to launch EC2 instances as part of their function. The following list includes some services that commonly launch instances. Check these services to determine whether they launched any instances:

  • AWS CloudFormation: You can configure a CloudFormation template to launch one or more instances on as part of a stack. For more information, see What is AWS CloudFormation? To delete the stack and all its resources, see Deleting a stack on the AWS CloudFormation console.
  • AWS Elastic Beanstalk: Elastic Beanstalk environments include EC2 instances and Auto Scaling rules by default. Depending on their configuration, an environment's Auto Scaling rules might launch instances. For more information, see What Is Elastic Beanstalk? To terminate an environment and all its resources, see Terminate an Elastic Beanstalk environment.
  • AWS OpsWorks: AWS OpsWorks stacks can launch groups of AWS resources according to the instructions in the stack's cookbook. If you launch an OpsWorks stack, then the cookbook might be configured to launch EC2 instances as part of the stack. To terminate the resources that are associated with a stack, delete the stack.
  • Amazon EMR: Amazon EMR lets you launch clusters and nodes that are groups of EC2 instances. To terminate the instances that are associated with an Amazon EMR cluster, terminate the cluster.

Note: Terminating resources in your account might require additional steps. For more information, see How do I terminate active resources that I no longer need on my AWS account?

If you're charged for EC2 instances that you previously terminated, then see Why am I being charged for EC2 when all my instances have been terminated? Also, see Why am I charged for Elastic IP addresses when all my Amazon EC2 instances have been terminated?

Determine whether other authorized users launched the instances

Use AWS CloudTrail to look for instances of the RunInstances API call. Or, check with other authorized account users to determine whether they launched instances.

Note: To manage which account users can launch instances or use AWS services, use AWS Identity and Access Management (IAM).

AWS OFFICIAL
AWS OFFICIALUpdated a year ago