standard
turbot/aws_compliance

Trigger: Detect & correct EC2 instances with public access enabled

Detect EC2 instances with public IP addresses and then skip or stop the instance or terminate the instance.

Query

select
concat(instance_id, ' [', account_id, '/', region, ']') as title,
instance_id,
region,
public_ip_address,
sp_connection_name as conn
from
aws_ec2_instance
where
public_ip_address is not null;

Schedule

15m

Tags

category = Compliance
mod = aws
service = AWS/EC2