ec2-security-group-attached-to-eni-periodic - AWS Config


Checks if non-default security groups are attached to Elastic network interfaces (ENIs). The rule is NON_COMPLIANT if the security group is not associated with an ENI. Security groups not owned by the calling account evaluate as NOT_APPLICABLE.


This rule reports on the AWS::EC2::SecurityGroup resource type. However, in order for the rule to run effectively, you must enable the recording of the AWS::EC2::NetworkInterface resource type.


Resource Types: AWS::EC2::SecurityGroup

Trigger type: Periodic

AWS Region: All supported AWS regions except China (Beijing), Asia Pacific (Jakarta), Middle East (UAE), Asia Pacific (Hyderabad), Asia Pacific (Osaka), Asia Pacific (Melbourne), AWS GovCloud (US-East), AWS GovCloud (US-West), Israel (Tel Aviv), Europe (Spain), China (Ningxia), Europe (Zurich) Region



AWS CloudFormation template

To create AWS Config managed rules with AWS CloudFormation templates, see Creating AWS Config Managed Rules With AWS CloudFormation Templates.