Disable EC2 Instance Stop Protection (rebuy-de#986)

* First pass at implementing the logic to disable EC2 instance stop protection

* Improved comments and formatting of EC2 Instance termination/stop protection code. Also fixed the feature flag name.

Author: sstoops

pkg/config/config.go

@@ -37,8 +37,9 @@ type Nuke struct {
 }
 
 type FeatureFlags struct {
-	DisableDeletionProtection  DisableDeletionProtection `yaml:"disable-deletion-protection"`
-	ForceDeleteLightsailAddOns bool                      `yaml:"force-delete-lightsail-addons"`
+	DisableDeletionProtection        DisableDeletionProtection `yaml:"disable-deletion-protection"`
+	DisableEC2InstanceStopProtection bool                      `yaml:"disable-ec2-instance-stop-protection"`
+	ForceDeleteLightsailAddOns       bool                      `yaml:"force-delete-lightsail-addons"`
 }
 
 type DisableDeletionProtection struct {

resources/ec2-instances.go

@@ -72,28 +72,59 @@ func (i *EC2Instance) Remove() error {
 
 	_, err := i.svc.TerminateInstances(params)
 	if err != nil {
-		if i.featureFlags.DisableDeletionProtection.EC2Instance {
-			awsErr, ok := err.(awserr.Error)
-			if ok && awsErr.Code() == "OperationNotPermitted" &&
-				awsErr.Message() == "The instance '"+*i.instance.InstanceId+"' may not be terminated. "+
-					"Modify its 'disableApiTermination' instance attribute and try again." {
-				err = i.DisableProtection()
-				if err != nil {
-					return err
-				}
-				_, err := i.svc.TerminateInstances(params)
-				if err != nil {
-					return err
-				}
-				return nil
+		awsErr, ok := err.(awserr.Error)
+		// Check for Termination Protection, disable it, and try termination again.
+		if ok && awsErr.Code() == "OperationNotPermitted" &&
+			awsErr.Message() == "The instance '"+*i.instance.InstanceId+"' may not be "+
+				"terminated. Modify its 'disableApiTermination' instance attribute and "+
+				"try again." && i.featureFlags.DisableDeletionProtection.EC2Instance {
+			termErr := i.DisableTerminationProtection()
+			if termErr != nil {
+				return termErr
+			}
+			_, err = i.svc.TerminateInstances(params)
+			// If we still get an error, we'll check for type and let the next routine
+			// handle it.
+			if err != nil {
+				awsErr, ok = err.(awserr.Error)
 			}
 		}
+
+		// Check for Stop Protection, disable it, and try termination again.
+		if ok && awsErr.Code() == "OperationNotPermitted" &&
+			awsErr.Message() == "The instance '"+*i.instance.InstanceId+"' may not be "+
+				"terminated. Modify its 'disableApiStop' instance attribute and try "+
+				"again." && i.featureFlags.DisableEC2InstanceStopProtection {
+			stopErr := i.DisableStopProtection()
+			if stopErr != nil {
+				return stopErr
+			}
+			_, err = i.svc.TerminateInstances(params)
+		}
+
+		// If we still have an error at this point, we'll return it.
+		if err != nil {
+			return err
+		}
+	}
+	return nil
+}
+
+func (i *EC2Instance) DisableStopProtection() error {
+	params := &ec2.ModifyInstanceAttributeInput{
+		InstanceId: i.instance.InstanceId,
+		DisableApiStop: &ec2.AttributeBooleanValue{
+			Value: aws.Bool(false),
+		},
+	}
+	_, err := i.svc.ModifyInstanceAttribute(params)
+	if err != nil {
 		return err
 	}
 	return nil
 }
 
-func (i *EC2Instance) DisableProtection() error {
+func (i *EC2Instance) DisableTerminationProtection() error {
 	params := &ec2.ModifyInstanceAttributeInput{
 		InstanceId: i.instance.InstanceId,
 		DisableApiTermination: &ec2.AttributeBooleanValue{