Loading controls...
Control: EBS volumes attached to stopped instances should be reviewed
Description
Instances that are stopped may no longer need any attached EBS volumes
Usage
Run the control in your terminal:
powerpipe control run aws_thrifty.control.ebs_volumes_on_stopped_instances
Snapshot and share results via Turbot Pipes:
powerpipe loginpowerpipe control run aws_thrifty.control.ebs_volumes_on_stopped_instances --share
Steampipe Tables
SQL
with vols_and_instances as ( select v.arn, v._ctx, v.volume_id, i.instance_id, v.region, v.account_id, sum( case when i.instance_state = 'stopped' then 0 else 1 end ) as running_instances from aws_ebs_volume as v left join jsonb_array_elements(v.attachments) as va on true left join aws_ec2_instance as i on va ->> 'InstanceId' = i.instance_id group by v.arn, v._ctx, v.volume_id, i.instance_id, i.instance_id, v.region, v.account_id)select arn as resource, case when running_instances > 0 then 'ok' else 'alarm' end as status, volume_id || ' is attached to ' || running_instances || ' running instances.' as reason, region, account_idfrom vols_and_instances;