Logo of Trend Micro
Use the Conformity Knowledge Base AI to help improve your Cloud Posture

EC2 Reserved Instance Payment Pending

Trend Micro Cloud One™ – Conformity is a continuous assurance tool that provides peace of mind for your cloud infrastructure, delivering over 750 automated best practice checks.

Risk Level: High (not acceptable risk)
Rule ID: EC2-051

Identify any pending Amazon EC2 Reserved Instance purchases available within your AWS account and follow Trend Micro Cloud One™ – Conformity guidelines for remediation in order to receive a significant discount on the hourly charges. A payment-pending Reserved Instance purchase is a reservation purchase that can't be fully processed due to issues with the payment method used by the AWS user, that maintains the "payment-pending" status long after the initial purchase attempt – not to be confused with the pending state temporarily installed during a successfully processed RI purchase (i.e. where the reservation status changes from "payment-pending" to "active" in a timely manner).

This rule can help you with the following compliance standards:

  • APRA
  • MAS
  • AWAF

For further details on compliance standards supported by Conformity, see here.

This rule resolution is part of the Conformity Security & Compliance tool for AWS.

Cost
optimisation

Amazon EC2 Reserved Instances represent an efficient strategy to cut down on AWS costs. However, to receive the billing discount benefit promoted by Amazon, you need to make sure that all your EC2 reservation purchases have been fully processed (i.e. successfully confirmed by AWS) and none of them remained in the "payment-pending" state.

Audit

To identify any pending Amazon EC2 Reserved Instance purchases available within your AWS cloud account, perform the following operations:

Using AWS Console

01 Sign in to the AWS Management Console.

02 Navigate to Amazon EC2 console at https://console.aws.amazon.com/ec2/.

03 In the navigation panel, under Instances, choose Reserved Instances.

04 Click inside the Filter by attributes or search by keyword box located under the console top menu, choose State, and select Payment Pending. This filtering technique will return the incomplete Amazon EC2 reservation purchases available within the current AWS cloud region. If the Amazon EC2 console returns one or more Reserved Instances, the purchase payment for the returned Reserved Instances (RIs) was not fully processed, therefore you must take action and retry your pending reservation payment by contacting AWS Support Center.

05 Change the AWS cloud region from the console navigation bar and repeat the audit process for other regions.

Using AWS CLI

01 Run describe-instances command (OSX/Linux/UNIX) using predefined and custom query filters to list the IDs of the incomplete Amazon EC2 reservation purchases available in the selected AWS region: 

aws ec2 describe-reserved-instances
aws ec2 describe-reserved-instances
  --region us-east-1
  --filters "Name=state,Values=payment-pending"
  --output table
  --query 'ReservedInstances[*].ReservedInstancesId'

02 The command output should return a table with Reserved Instance IDs if there are reservation purchases that were not fully processed within the selected AWS cloud region or an empty table if there are no failed Amazon EC2 reservations: 

aws ec2 describe-reserved-instances
----------------------------------------
|        ReservedInstancesIds          |
+--------------------------------------+
| abcdabcd-1234-abcd-1234-abcd1234abcd |
| 12341234-abcd-1234-abcd-1234abcd1234 |
----------------------------------------

If the describe-instances command output returns one or more reservation IDs, there are incomplete Reserved Instance (RI) purchases available in the selected AWS cloud region, therefore you must take action and retry your pending reservation payment by contacting AWS Support Center.

03 Change the AWS cloud region by updating the --region command parameter value and repeat the audit process for other regions.

Remediation / Resolution

Partial Upfront and All Upfront Reserved Instance types require an upfront payment. When the issuing institution of your payment method is rejecting the upfront payment required for Partial Upfront or All Upfront reservation types, your Reserved Instance purchases can't be confirmed and Amazon set their status to "payment-pending". To mitigate incomplete Amazon EC2 reservations, you must retry the pending reservation payments by contacting Amazon Web Services. To create a support case for pending reservation payments, perform the following operations:

Note: Creating a support case to request to retry your incomplete Amazon EC2 Reserved Instance payments using the AWS Command Line Interface (AWS CLI) is not currently supported.

Using AWS Console

01 Sign in to the AWS Management Console.

02 Navigate to AWS Support Center console at https://console.aws.amazon.com/support/.

03 In the Open support cases section, choose Create case to initiate the request process.

04 On the Create case page, perform the following actions:

  1. Select Account and billing support option.
  2. Select Billing from the Type dropdown list.
  3. Select Reserved Instances from the Category dropdown list.
  4. Provide the request subject in the Subject box, e.g. "Retry pending payments for Amazon EC2 Reserved Instances".
  5. For Description, provide a concise description of the issues and include the reservation ID(s) for the Reserved Instance(s) that you want to discuss. This will help the AWS support team to evaluate your request.
  6. For Contact options, choose your preferred correspondence language from the Preferred contact language dropdown list, then select a preferred contact method that AWS support team can use to respond to your request from the Contact methods section.
  7. Choose Submit to send your request to Amazon Web Services. A customer support representative should contact you shortly.

References

Publication date Mar 7, 2017

Related EC2 rules

Unlock the Remediation Steps

Free 30-day Trial

Automatically audit your configurations with Conformity
and gain access to our cloud security platform.

Confirmity Cloud Platform

No thanks, back to article

You are auditing:

EC2 Reserved Instance Payment Pending

Risk Level: High