Permissions to control if a user can do 'Terminate instance'
The ability to do 'Terminate' on an instance should be controlled by permissions to make sure that not all users can do this. The consequences of terminating an instance which has ordered delivery enabled on it can be severe since all the messages 'in queue' are deleted when the instance is terminated. Some users should be able to do 'Resume' without have the rigts to do 'Terminate'
You can restrict who can resume/terminate the service instance by providing access to 'manage service instance' property in user access policy .