turbot/aws_perimeter
GitHub
Loading controls...

Control: EC2 instances should not have a public IP address

Description

This control checks whether EC2 instances have a public IPv4 address.

Usage

Run the control in your terminal:

steampipe check aws_perimeter.control.ec2_instance_not_publicly_accessible

Snapshot and share results via Steampipe Cloud:

steampipe login
steampipe check --share aws_perimeter.control.ec2_instance_not_publicly_accessible

Plugins & Tables

SQL

select
arn as resource,
case
when public_ip_address is null then 'ok'
else 'alarm'
end status,
case
when public_ip_address is null then instance_id || ' not publicly accessible.'
else instance_id || ' publicly accessible.'
end reason,
region,
account_id
from
aws_ec2_instance;

Tags