ec2-security-group-attached-to-eni - AWS Config


Checks if non-default security groups are attached to Elastic network interfaces (ENIs). The rule is NON_COMPLIANT if the security group is not associated with an elastic network interface (ENI).


This rule is being deprecated due to Indirect Relationship Deprecation as configuration items triggering this rule will not longer be created once indirect relationships are deprecated. If you use this rule, please remove it from evaluating the configuration of AWS resources and replace it with the new ec2-security-group-attached-to-eni-periodic rule. The ec2-security-group-attached-to-eni-periodic rule will not be impacted by this deprecation as it is triggered on a periodic basis rather than on configuration changes.


Trigger type: Configuration changes

AWS Region: All supported AWS regions except Asia Pacific (Jakarta), Middle East (UAE), Asia Pacific (Hyderabad), Asia Pacific (Osaka), Europe (Spain), Europe (Zurich) Region



AWS CloudFormation template

To create AWS Config managed rules with AWS CloudFormation templates, see Creating AWS Config Managed Rules With AWS CloudFormation Templates.