standard
turbot/aws_compliance

Trigger: Detect & correct EC2 instances with multiple ENIs

Detect EC2 instances with multiple Elastic Network Interfaces and then skip or detach the network interface(s).

Query

select
concat(instance_id, ' [', account_id, '/', region, ']') as title,
instance_id,
eni -> 'Attachment' ->> 'AttachmentId' as attachment_id,
region,
sp_connection_name as conn
from
aws_ec2_instance,
jsonb_array_elements(network_interfaces) as eni
where
(eni -> 'Attachment' -> 'DeviceIndex') :: int <> 0;

Schedule

15m

Tags

category = Compliance
mod = aws
service = AWS/EC2