ec2-security-group-attached-to-eni-periodic
Checks if non-default security groups are attached to Elastic network interfaces (ENIs). The rule is NON_COMPLIANT if the security group is not associated with an ENI. Security groups not owned by the calling account evaluate as NOT_APPLICABLE.
Note
This rule reports on the AWS::EC2::SecurityGroup
resource type.
However, in order for the rule to run effectively, you must enable the recording of the AWS::EC2::NetworkInterface
resource type.
Identifier: EC2_SECURITY_GROUP_ATTACHED_TO_ENI_PERIODIC
Resource Types: AWS::EC2::SecurityGroup
Trigger type: Periodic
AWS Region: All supported AWS regions except US ISO West (Northern California), China (Beijing), Asia Pacific (Jakarta), US ISO East, Middle East (UAE), Asia Pacific (Hyderabad), Asia Pacific (Osaka), Asia Pacific (Malaysia), US ISOB East (Ohio), Asia Pacific (Melbourne), AWS GovCloud (US-East), AWS GovCloud (US-West), Israel (Tel Aviv), Canada West (Calgary), Europe (Spain), China (Ningxia), Europe (Zurich) Region
Parameters:
- None
AWS CloudFormation template
To create AWS Config managed rules with AWS CloudFormation templates, see Creating AWS Config Managed Rules With AWS CloudFormation Templates.