Control: AWS EC2 instances should have termination protection enabled
Description
This control checks whether termination protection is enabled for EC2 instances. The control fails if termination protection is not enabled for an EC2 instance.
Usage
Run the control in your terminal:
powerpipe control run aws_compliance.control.ec2_instance_termination_protection_enabledSnapshot and share results via Turbot Pipes:
powerpipe loginpowerpipe control run aws_compliance.control.ec2_instance_termination_protection_enabled --shareSQL
This control uses a named query:
select arn as resource, case when disable_api_termination then 'ok' else 'alarm' end status, case when disable_api_termination then instance_id || ' termination protection enabled.' else instance_id || ' termination protection disabled.' end reason , region, account_idfrom aws_ec2_instance;