turbot/steampipe-mod-aws-compliance

Control: DMS replication instances should not be publicly accessible

Description

Manage access to the AWS Cloud by ensuring DMS replication instances cannot be publicly accessed.

Usage

Run the control in your terminal:

powerpipe control run aws_compliance.control.dms_replication_instance_not_publicly_accessible

Snapshot and share results via Turbot Pipes:

powerpipe login
powerpipe control run aws_compliance.control.dms_replication_instance_not_publicly_accessible --share

SQL

This control uses a named query:

select
arn as resource,
case
when publicly_accessible then 'alarm'
else 'ok'
end as status,
case
when publicly_accessible then title || ' publicly accessible.'
else title || ' not publicly accessible.'
end as reason
, region, account_id
from
aws_dms_replication_instance;

Tags