turbot/aws_perimeter

Control: EC2 instances should not have a public IP address

Description

This control checks whether EC2 instances have a public IPv4 address.

Usage

Run the control in your terminal:

powerpipe control run aws_perimeter.control.ec2_instance_not_publicly_accessible

Snapshot and share results via Turbot Pipes:

powerpipe login
powerpipe control run aws_perimeter.control.ec2_instance_not_publicly_accessible --share

Steampipe Tables

SQL

select
arn as resource,
case
when public_ip_address is null then 'ok'
else 'alarm'
end status,
case
when public_ip_address is null then instance_id || ' not publicly accessible.'
else instance_id || ' publicly accessible.'
end reason
, region, account_id
from
aws_ec2_instance;

Tags