standard
turbot/aws_compliance

Trigger: Detect & correct EBS encryption by default disabled in regions

Detect regions with EBS encryption by default disabled and then skip or enable encryption.

Query

select
concat('[', r.account_id, '/', r.name, ']') as title,
r.sp_connection_name as conn,
r.name as region
from
aws_region as r
left join aws_ec2_regional_settings as e on r.account_id = e.account_id
and r.name = e.region
where
not e.default_ebs_encryption_enabled;

Schedule

15m

Tags

category = Compliance
mod = aws
service = AWS/EBS