Control: EC2 instances should not have a public IP address
Description
Manage access to the AWS Cloud by ensuring AWS Elastic Compute Cloud (AWS EC2) instances cannot be publicly accessed.
Usage
Run the control in your terminal:
powerpipe control run aws_compliance.control.ec2_instance_not_publicly_accessibleSnapshot and share results via Turbot Pipes:
powerpipe loginpowerpipe control run aws_compliance.control.ec2_instance_not_publicly_accessible --shareSQL
This control uses a named query:
select arn as resource, case when public_ip_address is null then 'ok' else 'alarm' end as status, case when public_ip_address is null then instance_id || ' not publicly accessible.' else instance_id || ' publicly accessible.' end as reason , region, account_idfrom aws_ec2_instance;