turbot/aws_compliance

Query: elb_application_classic_network_lb_prohibit_public_access

Usage

powerpipe query aws_compliance.query.elb_application_classic_network_lb_prohibit_public_access

SQL

with all_lb_details as (
select
arn,
scheme,
title,
region,
account_id,
tags,
_ctx
from
aws_ec2_application_load_balancer
union
select
arn,
scheme,
title,
region,
account_id,
tags,
_ctx
from
aws_ec2_network_load_balancer
union
select
arn,
scheme,
title,
region,
account_id,
tags,
_ctx
from
aws_ec2_classic_load_balancer
)
select
arn as resource,
case
when scheme = 'internet-facing' then 'alarm'
else 'ok'
end as status,
case
when scheme = 'internet-facing' then title || ' publicly accessible.'
else title || ' not publicly accessible.'
end as reason,
region,
account_id
from
all_lb_details;

Controls

The query is being used by the following controls: