Mod: aws-ec2

The aws-ec2 mod consists of 20 resource types, 366 policies, 133 controls and 133 actions.

Recommended Version

Resource Types

• AWS > EC2
• AWS > EC2 > Account Attributes
• AWS > EC2 > AMI
• AWS > EC2 > Application Load Balancer
• AWS > EC2 > Auto Scaling Group
• AWS > EC2 > Classic Load Balancer
• AWS > EC2 > Classic Load Balancer Listener
• AWS > EC2 > Gateway Load Balancer
• AWS > EC2 > Instance
• AWS > EC2 > Key Pair
• AWS > EC2 > Launch Configuration
• AWS > EC2 > Launch Template
• AWS > EC2 > Launch Template Version
• AWS > EC2 > Listener Rule
• AWS > EC2 > Load Balancer Listener
• AWS > EC2 > Network Interface
• AWS > EC2 > Network Load Balancer
• AWS > EC2 > Snapshot
• AWS > EC2 > Target Group
• AWS > EC2 > Volume

Controls

• AWS > EC2 > Account Attributes > Block Public Access for AMIs
• AWS > EC2 > Account Attributes > Block Public Access for Snapshots
• AWS > EC2 > Account Attributes > CMDB
• AWS > EC2 > Account Attributes > Discovery
• AWS > EC2 > Account Attributes > EBS Encryption by Default
• AWS > EC2 > Account Attributes > Instance Metadata Service Defaults
• AWS > EC2 > AMI > Active
• AWS > EC2 > AMI > Approved
• AWS > EC2 > AMI > CMDB
• AWS > EC2 > AMI > Configured
• AWS > EC2 > AMI > Discovery
• AWS > EC2 > AMI > Tags
• AWS > EC2 > AMI > Trusted Access
• AWS > EC2 > AMI > Usage
• AWS > EC2 > Application Load Balancer > Access Logging
• AWS > EC2 > Application Load Balancer > Active
• AWS > EC2 > Application Load Balancer > Approved
• AWS > EC2 > Application Load Balancer > CMDB
• AWS > EC2 > Application Load Balancer > Configured
• AWS > EC2 > Application Load Balancer > Discovery
• AWS > EC2 > Application Load Balancer > Tags
• AWS > EC2 > Application Load Balancer > Usage
• AWS > EC2 > Auto Scaling Group > Active
• AWS > EC2 > Auto Scaling Group > Approved
• AWS > EC2 > Auto Scaling Group > CMDB
• AWS > EC2 > Auto Scaling Group > Discovery
• AWS > EC2 > Auto Scaling Group > Tags
• AWS > EC2 > Auto Scaling Group > Usage
• AWS > EC2 > Classic Load Balancer > Access Logging
• AWS > EC2 > Classic Load Balancer > Active
• AWS > EC2 > Classic Load Balancer > Approved
• AWS > EC2 > Classic Load Balancer > CMDB
• AWS > EC2 > Classic Load Balancer > Configured
• AWS > EC2 > Classic Load Balancer > Discovery
• AWS > EC2 > Classic Load Balancer > Tags
• AWS > EC2 > Classic Load Balancer > Usage
• AWS > EC2 > Classic Load Balancer Listener > Active
• AWS > EC2 > Classic Load Balancer Listener > Approved
• AWS > EC2 > Classic Load Balancer Listener > CMDB
• AWS > EC2 > Classic Load Balancer Listener > Discovery
• AWS > EC2 > Classic Load Balancer Listener > SSL Policy
• AWS > EC2 > Classic Load Balancer Listener > Usage
• AWS > EC2 > Gateway Load Balancer > Active
• AWS > EC2 > Gateway Load Balancer > Approved
• AWS > EC2 > Gateway Load Balancer > CMDB
• AWS > EC2 > Gateway Load Balancer > Discovery
• AWS > EC2 > Gateway Load Balancer > Tags
• AWS > EC2 > Gateway Load Balancer > Usage
• AWS > EC2 > Instance > Active
• AWS > EC2 > Instance > Approved
• AWS > EC2 > Instance > CMDB
• AWS > EC2 > Instance > Configured
• AWS > EC2 > Instance > Detailed Monitoring
• AWS > EC2 > Instance > Discovery
• AWS > EC2 > Instance > Instance Profile
• AWS > EC2 > Instance > Metadata Service
• AWS > EC2 > Instance > Schedule
• AWS > EC2 > Instance > Tags
• AWS > EC2 > Instance > Termination Protection
• AWS > EC2 > Instance > Usage
• AWS > EC2 > Key Pair > Active
• AWS > EC2 > Key Pair > Approved
• AWS > EC2 > Key Pair > CMDB
• AWS > EC2 > Key Pair > Discovery
• AWS > EC2 > Key Pair > Tags
• AWS > EC2 > Key Pair > Usage
• AWS > EC2 > Launch Configuration > Active
• AWS > EC2 > Launch Configuration > Approved
• AWS > EC2 > Launch Configuration > CMDB
• AWS > EC2 > Launch Configuration > Discovery
• AWS > EC2 > Launch Configuration > Usage
• AWS > EC2 > Launch Template > Active
• AWS > EC2 > Launch Template > Approved
• AWS > EC2 > Launch Template > CMDB
• AWS > EC2 > Launch Template > Discovery
• AWS > EC2 > Launch Template > Tags
• AWS > EC2 > Launch Template > Usage
• AWS > EC2 > Launch Template Version > Active
• AWS > EC2 > Launch Template Version > Approved
• AWS > EC2 > Launch Template Version > CMDB
• AWS > EC2 > Launch Template Version > Discovery
• AWS > EC2 > Launch Template Version > Usage
• AWS > EC2 > Listener Rule > Active
• AWS > EC2 > Listener Rule > Approved
• AWS > EC2 > Listener Rule > CMDB
• AWS > EC2 > Listener Rule > Configured
• AWS > EC2 > Listener Rule > Discovery
• AWS > EC2 > Listener Rule > Usage
• AWS > EC2 > Load Balancer Listener > Active
• AWS > EC2 > Load Balancer Listener > Approved
• AWS > EC2 > Load Balancer Listener > CMDB
• AWS > EC2 > Load Balancer Listener > Configured
• AWS > EC2 > Load Balancer Listener > Discovery
• AWS > EC2 > Load Balancer Listener > SSL Policy
• AWS > EC2 > Load Balancer Listener > Usage
• AWS > EC2 > Network Interface > Active
• AWS > EC2 > Network Interface > Approved
• AWS > EC2 > Network Interface > CMDB
• AWS > EC2 > Network Interface > Configured
• AWS > EC2 > Network Interface > Discovery
• AWS > EC2 > Network Interface > Tags
• AWS > EC2 > Network Interface > Usage
• AWS > EC2 > Network Load Balancer > Access Logging
• AWS > EC2 > Network Load Balancer > Active
• AWS > EC2 > Network Load Balancer > Approved
• AWS > EC2 > Network Load Balancer > CMDB
• AWS > EC2 > Network Load Balancer > Configured
• AWS > EC2 > Network Load Balancer > Discovery
• AWS > EC2 > Network Load Balancer > Tags
• AWS > EC2 > Network Load Balancer > Usage
• AWS > EC2 > Snapshot > Active
• AWS > EC2 > Snapshot > Approved
• AWS > EC2 > Snapshot > CMDB
• AWS > EC2 > Snapshot > Configured
• AWS > EC2 > Snapshot > Discovery
• AWS > EC2 > Snapshot > Tags
• AWS > EC2 > Snapshot > Trusted Access
• AWS > EC2 > Snapshot > Usage
• AWS > EC2 > Target Group > Active
• AWS > EC2 > Target Group > Approved
• AWS > EC2 > Target Group > CMDB
• AWS > EC2 > Target Group > Configured
• AWS > EC2 > Target Group > Discovery
• AWS > EC2 > Target Group > Tags
• AWS > EC2 > Target Group > Usage
• AWS > EC2 > Volume > Active
• AWS > EC2 > Volume > Approved
• AWS > EC2 > Volume > CMDB
• AWS > EC2 > Volume > Configured
• AWS > EC2 > Volume > Discovery
• AWS > EC2 > Volume > Performance Configuration
• AWS > EC2 > Volume > Tags
• AWS > EC2 > Volume > Usage

IAM Roles

• AWS/EC2/Admin
• AWS/EC2/Metadata
• AWS/EC2/Operator
• AWS/EC2/Owner

Quick Actions

• AWS > EC2 > Account Attributes > Router
• AWS > EC2 > Account Attributes > Update Block Public Access for AMIs
• AWS > EC2 > Account Attributes > Update Block Public Access for Snapshots
• AWS > EC2 > Account Attributes > Update EBS Encryption by Default
• AWS > EC2 > Account Attributes > Update Instance Metadata Service Defaults
• AWS > EC2 > AMI > Delete
• AWS > EC2 > AMI > Delete from AWS
• AWS > EC2 > AMI > Router
• AWS > EC2 > AMI > Set Tags
• AWS > EC2 > AMI > Set Trusted Access
• AWS > EC2 > AMI > Skip alarm for Active control
• AWS > EC2 > AMI > Skip alarm for Active control [90 days]
• AWS > EC2 > AMI > Skip alarm for Approved control
• AWS > EC2 > AMI > Skip alarm for Approved control [90 days]
• AWS > EC2 > AMI > Skip alarm for Tags control
• AWS > EC2 > AMI > Skip alarm for Tags control [90 days]
• AWS > EC2 > AMI > Update Tags
• AWS > EC2 > Application Load Balancer > Delete
• AWS > EC2 > Application Load Balancer > Delete from AWS
• AWS > EC2 > Application Load Balancer > Router
• AWS > EC2 > Application Load Balancer > Set Tags
• AWS > EC2 > Application Load Balancer > Skip alarm for Active control
• AWS > EC2 > Application Load Balancer > Skip alarm for Active control [90 days]
• AWS > EC2 > Application Load Balancer > Skip alarm for Approved control
• AWS > EC2 > Application Load Balancer > Skip alarm for Approved control [90 days]
• AWS > EC2 > Application Load Balancer > Skip alarm for Tags control
• AWS > EC2 > Application Load Balancer > Skip alarm for Tags control [90 days]
• AWS > EC2 > Application Load Balancer > Update Access Logging
• AWS > EC2 > Application Load Balancer > Update Tags
• AWS > EC2 > Auto Scaling Group > Delete
• AWS > EC2 > Auto Scaling Group > Delete from AWS
• AWS > EC2 > Auto Scaling Group > Router
• AWS > EC2 > Auto Scaling Group > Set Tags
• AWS > EC2 > Auto Scaling Group > Skip alarm for Active control
• AWS > EC2 > Auto Scaling Group > Skip alarm for Active control [90 days]
• AWS > EC2 > Auto Scaling Group > Skip alarm for Approved control
• AWS > EC2 > Auto Scaling Group > Skip alarm for Approved control [90 days]
• AWS > EC2 > Auto Scaling Group > Skip alarm for Tags control
• AWS > EC2 > Auto Scaling Group > Skip alarm for Tags control [90 days]
• AWS > EC2 > Auto Scaling Group > Update Tags
• AWS > EC2 > Classic Load Balancer > Delete
• AWS > EC2 > Classic Load Balancer > Delete from AWS
• AWS > EC2 > Classic Load Balancer > Router
• AWS > EC2 > Classic Load Balancer > Set Tags
• AWS > EC2 > Classic Load Balancer > Skip alarm for Active control
• AWS > EC2 > Classic Load Balancer > Skip alarm for Active control [90 days]
• AWS > EC2 > Classic Load Balancer > Skip alarm for Approved control
• AWS > EC2 > Classic Load Balancer > Skip alarm for Approved control [90 days]
• AWS > EC2 > Classic Load Balancer > Skip alarm for Tags control
• AWS > EC2 > Classic Load Balancer > Skip alarm for Tags control [90 days]
• AWS > EC2 > Classic Load Balancer > Update Access Logging
• AWS > EC2 > Classic Load Balancer > Update Tags
• AWS > EC2 > Classic Load Balancer Listener > Delete
• AWS > EC2 > Classic Load Balancer Listener > Delete from AWS
• AWS > EC2 > Classic Load Balancer Listener > Router
• AWS > EC2 > Classic Load Balancer Listener > Skip alarm for Active control
• AWS > EC2 > Classic Load Balancer Listener > Skip alarm for Active control [90 days]
• AWS > EC2 > Classic Load Balancer Listener > Skip alarm for Approved control
• AWS > EC2 > Classic Load Balancer Listener > Skip alarm for Approved control [90 days]
• AWS > EC2 > Classic Load Balancer Listener > Update SSL Policy
• AWS > EC2 > Gateway Load Balancer > Delete
• AWS > EC2 > Gateway Load Balancer > Delete from AWS
• AWS > EC2 > Gateway Load Balancer > Router
• AWS > EC2 > Gateway Load Balancer > Set Tags
• AWS > EC2 > Gateway Load Balancer > Skip alarm for Active control
• AWS > EC2 > Gateway Load Balancer > Skip alarm for Active control [90 days]
• AWS > EC2 > Gateway Load Balancer > Skip alarm for Approved control
• AWS > EC2 > Gateway Load Balancer > Skip alarm for Approved control [90 days]
• AWS > EC2 > Gateway Load Balancer > Skip alarm for Tags control
• AWS > EC2 > Gateway Load Balancer > Skip alarm for Tags control [90 days]
• AWS > EC2 > Gateway Load Balancer > Update Tags
• AWS > EC2 > Instance > Delete
• AWS > EC2 > Instance > Delete from AWS
• AWS > EC2 > Instance > Disable Termination Protection
• AWS > EC2 > Instance > Enable Termination Protection
• AWS > EC2 > Instance > Router
• AWS > EC2 > Instance > Set Instance Profile
• AWS > EC2 > Instance > Set Tags
• AWS > EC2 > Instance > Skip alarm for Active control
• AWS > EC2 > Instance > Skip alarm for Active control [90 days]
• AWS > EC2 > Instance > Skip alarm for Approved control
• AWS > EC2 > Instance > Skip alarm for Approved control [90 days]
• AWS > EC2 > Instance > Skip alarm for Tags control
• AWS > EC2 > Instance > Skip alarm for Tags control [90 days]
• AWS > EC2 > Instance > Start
• AWS > EC2 > Instance > Start Instance
• AWS > EC2 > Instance > Stop
• AWS > EC2 > Instance > Stop Instance
• AWS > EC2 > Instance > Update Detailed Monitoring
• AWS > EC2 > Instance > Update Metadata Service
• AWS > EC2 > Instance > Update Tags
• AWS > EC2 > Instance > Update Termination Protection
• AWS > EC2 > Key Pair > Delete
• AWS > EC2 > Key Pair > Delete from AWS
• AWS > EC2 > Key Pair > Router
• AWS > EC2 > Key Pair > Set Tags
• AWS > EC2 > Key Pair > Skip alarm for Active control
• AWS > EC2 > Key Pair > Skip alarm for Active control [90 days]
• AWS > EC2 > Key Pair > Skip alarm for Approved control
• AWS > EC2 > Key Pair > Skip alarm for Approved control [90 days]
• AWS > EC2 > Key Pair > Skip alarm for Tags control
• AWS > EC2 > Key Pair > Skip alarm for Tags control [90 days]
• AWS > EC2 > Key Pair > Update Tags
• AWS > EC2 > Launch Configuration > Delete
• AWS > EC2 > Launch Configuration > Delete from AWS
• AWS > EC2 > Launch Configuration > Router
• AWS > EC2 > Launch Configuration > Skip alarm for Active control
• AWS > EC2 > Launch Configuration > Skip alarm for Active control [90 days]
• AWS > EC2 > Launch Configuration > Skip alarm for Approved control
• AWS > EC2 > Launch Configuration > Skip alarm for Approved control [90 days]
• AWS > EC2 > Launch Template > Delete
• AWS > EC2 > Launch Template > Delete from AWS
• AWS > EC2 > Launch Template > Router
• AWS > EC2 > Launch Template > Set Tags
• AWS > EC2 > Launch Template > Skip alarm for Active control
• AWS > EC2 > Launch Template > Skip alarm for Active control [90 days]
• AWS > EC2 > Launch Template > Skip alarm for Approved control
• AWS > EC2 > Launch Template > Skip alarm for Approved control [90 days]
• AWS > EC2 > Launch Template > Skip alarm for Tags control
• AWS > EC2 > Launch Template > Skip alarm for Tags control [90 days]
• AWS > EC2 > Launch Template > Update Tags
• AWS > EC2 > Launch Template Version > Delete
• AWS > EC2 > Launch Template Version > Delete from AWS
• AWS > EC2 > Launch Template Version > Router
• AWS > EC2 > Launch Template Version > Skip alarm for Active control
• AWS > EC2 > Launch Template Version > Skip alarm for Active control [90 days]
• AWS > EC2 > Launch Template Version > Skip alarm for Approved control
• AWS > EC2 > Launch Template Version > Skip alarm for Approved control [90 days]
• AWS > EC2 > Listener Rule > Delete
• AWS > EC2 > Listener Rule > Delete from AWS
• AWS > EC2 > Listener Rule > Router
• AWS > EC2 > Listener Rule > Skip alarm for Active control
• AWS > EC2 > Listener Rule > Skip alarm for Active control [90 days]
• AWS > EC2 > Listener Rule > Skip alarm for Approved control
• AWS > EC2 > Listener Rule > Skip alarm for Approved control [90 days]
• AWS > EC2 > Load Balancer Listener > Delete
• AWS > EC2 > Load Balancer Listener > Delete from AWS
• AWS > EC2 > Load Balancer Listener > Router
• AWS > EC2 > Load Balancer Listener > Skip alarm for Active control
• AWS > EC2 > Load Balancer Listener > Skip alarm for Active control [90 days]
• AWS > EC2 > Load Balancer Listener > Skip alarm for Approved control
• AWS > EC2 > Load Balancer Listener > Skip alarm for Approved control [90 days]
• AWS > EC2 > Load Balancer Listener > Update SSL Policy
• AWS > EC2 > Network Interface > Delete
• AWS > EC2 > Network Interface > Delete from AWS
• AWS > EC2 > Network Interface > Router
• AWS > EC2 > Network Interface > Set Tags
• AWS > EC2 > Network Interface > Skip alarm for Active control
• AWS > EC2 > Network Interface > Skip alarm for Active control [90 days]
• AWS > EC2 > Network Interface > Skip alarm for Approved control
• AWS > EC2 > Network Interface > Skip alarm for Approved control [90 days]
• AWS > EC2 > Network Interface > Skip alarm for Tags control
• AWS > EC2 > Network Interface > Skip alarm for Tags control [90 days]
• AWS > EC2 > Network Interface > Update Tags
• AWS > EC2 > Network Load Balancer > Delete
• AWS > EC2 > Network Load Balancer > Delete from AWS
• AWS > EC2 > Network Load Balancer > Router
• AWS > EC2 > Network Load Balancer > Set Tags
• AWS > EC2 > Network Load Balancer > Skip alarm for Active control
• AWS > EC2 > Network Load Balancer > Skip alarm for Active control [90 days]
• AWS > EC2 > Network Load Balancer > Skip alarm for Approved control
• AWS > EC2 > Network Load Balancer > Skip alarm for Approved control [90 days]
• AWS > EC2 > Network Load Balancer > Skip alarm for Tags control
• AWS > EC2 > Network Load Balancer > Skip alarm for Tags control [90 days]
• AWS > EC2 > Network Load Balancer > Update Access Logging
• AWS > EC2 > Network Load Balancer > Update Tags
• AWS > EC2 > Snapshot > Delete
• AWS > EC2 > Snapshot > Delete from AWS
• AWS > EC2 > Snapshot > Router
• AWS > EC2 > Snapshot > Set Tags
• AWS > EC2 > Snapshot > Set Trusted Access
• AWS > EC2 > Snapshot > Skip alarm for Active control
• AWS > EC2 > Snapshot > Skip alarm for Active control [90 days]
• AWS > EC2 > Snapshot > Skip alarm for Approved control
• AWS > EC2 > Snapshot > Skip alarm for Approved control [90 days]
• AWS > EC2 > Snapshot > Skip alarm for Tags control
• AWS > EC2 > Snapshot > Skip alarm for Tags control [90 days]
• AWS > EC2 > Snapshot > Update Tags
• AWS > EC2 > Target Group > Delete
• AWS > EC2 > Target Group > Delete from AWS
• AWS > EC2 > Target Group > Router
• AWS > EC2 > Target Group > Set Tags
• AWS > EC2 > Target Group > Skip alarm for Active control
• AWS > EC2 > Target Group > Skip alarm for Active control [90 days]
• AWS > EC2 > Target Group > Skip alarm for Approved control
• AWS > EC2 > Target Group > Skip alarm for Approved control [90 days]
• AWS > EC2 > Target Group > Skip alarm for Tags control
• AWS > EC2 > Target Group > Skip alarm for Tags control [90 days]
• AWS > EC2 > Target Group > Update Tags
• AWS > EC2 > Volume > Delete
• AWS > EC2 > Volume > Detach, snapshot and delete from AWS
• AWS > EC2 > Volume > Router
• AWS > EC2 > Volume > Set Tags
• AWS > EC2 > Volume > Skip alarm for Active control
• AWS > EC2 > Volume > Skip alarm for Active control [90 days]
• AWS > EC2 > Volume > Skip alarm for Approved control
• AWS > EC2 > Volume > Skip alarm for Approved control [90 days]
• AWS > EC2 > Volume > Skip alarm for Tags control
• AWS > EC2 > Volume > Skip alarm for Tags control [90 days]
• AWS > EC2 > Volume > Update Performance Configuration
• AWS > EC2 > Volume > Update Tags

Policies

• AWS > EC2 > Account Attributes > Block Public Access for AMIs
• AWS > EC2 > Account Attributes > Block Public Access for Snapshots
• AWS > EC2 > Account Attributes > CMDB
• AWS > EC2 > Account Attributes > EBS Encryption by Default
• AWS > EC2 > Account Attributes > EBS Encryption by Default > Customer Managed Key
• AWS > EC2 > Account Attributes > Instance Metadata Service Defaults
• AWS > EC2 > Account Attributes > Instance Metadata Service Defaults > HTTP Token Hop Limit
• AWS > EC2 > Account Attributes > Regions
• AWS > EC2 > AMI > Active
• AWS > EC2 > AMI > Active > Age
• AWS > EC2 > AMI > Active > Budget
• AWS > EC2 > AMI > Active > Last Modified
• AWS > EC2 > AMI > Approved
• AWS > EC2 > AMI > Approved > Budget
• AWS > EC2 > AMI > Approved > Custom
• AWS > EC2 > AMI > Approved > Regions
• AWS > EC2 > AMI > Approved > Usage
• AWS > EC2 > AMI > CMDB
• AWS > EC2 > AMI > Configured
• AWS > EC2 > AMI > Configured > Claim Precedence
• AWS > EC2 > AMI > Configured > Source
• AWS > EC2 > AMI > Regions
• AWS > EC2 > AMI > Tags
• AWS > EC2 > AMI > Tags > Template
• AWS > EC2 > AMI > Trusted Access
• AWS > EC2 > AMI > Trusted Access > Accounts
• AWS > EC2 > AMI > Usage
• AWS > EC2 > AMI > Usage > Limit
• AWS > EC2 > API Enabled
• AWS > EC2 > Application Load Balancer > Access Logging
• AWS > EC2 > Application Load Balancer > Access Logging > Bucket
• AWS > EC2 > Application Load Balancer > Access Logging > Key Prefix
• AWS > EC2 > Application Load Balancer > Active
• AWS > EC2 > Application Load Balancer > Active > Age
• AWS > EC2 > Application Load Balancer > Active > Budget
• AWS > EC2 > Application Load Balancer > Active > Last Modified
• AWS > EC2 > Application Load Balancer > Approved
• AWS > EC2 > Application Load Balancer > Approved > Budget
• AWS > EC2 > Application Load Balancer > Approved > Custom
• AWS > EC2 > Application Load Balancer > Approved > Regions
• AWS > EC2 > Application Load Balancer > Approved > Usage
• AWS > EC2 > Application Load Balancer > CMDB
• AWS > EC2 > Application Load Balancer > Configured
• AWS > EC2 > Application Load Balancer > Configured > Claim Precedence
• AWS > EC2 > Application Load Balancer > Configured > Source
• AWS > EC2 > Application Load Balancer > Regions
• AWS > EC2 > Application Load Balancer > Tags
• AWS > EC2 > Application Load Balancer > Tags > Template
• AWS > EC2 > Application Load Balancer > Usage
• AWS > EC2 > Application Load Balancer > Usage > Limit
• AWS > EC2 > Approved Regions [Default]
• AWS > EC2 > Auto Scaling Group > Active
• AWS > EC2 > Auto Scaling Group > Active > Age
• AWS > EC2 > Auto Scaling Group > Active > Last Modified
• AWS > EC2 > Auto Scaling Group > Approved
• AWS > EC2 > Auto Scaling Group > Approved > Custom
• AWS > EC2 > Auto Scaling Group > Approved > Regions
• AWS > EC2 > Auto Scaling Group > Approved > Usage
• AWS > EC2 > Auto Scaling Group > CMDB
• AWS > EC2 > Auto Scaling Group > Regions
• AWS > EC2 > Auto Scaling Group > Tags
• AWS > EC2 > Auto Scaling Group > Tags > Template
• AWS > EC2 > Auto Scaling Group > Usage
• AWS > EC2 > Auto Scaling Group > Usage > Limit
• AWS > EC2 > Classic Load Balancer > Access Logging
• AWS > EC2 > Classic Load Balancer > Access Logging > Bucket
• AWS > EC2 > Classic Load Balancer > Access Logging > Key Prefix
• AWS > EC2 > Classic Load Balancer > Active
• AWS > EC2 > Classic Load Balancer > Active > Age
• AWS > EC2 > Classic Load Balancer > Active > Budget
• AWS > EC2 > Classic Load Balancer > Active > Last Modified
• AWS > EC2 > Classic Load Balancer > Approved
• AWS > EC2 > Classic Load Balancer > Approved > Budget
• AWS > EC2 > Classic Load Balancer > Approved > Custom
• AWS > EC2 > Classic Load Balancer > Approved > Regions
• AWS > EC2 > Classic Load Balancer > Approved > Usage
• AWS > EC2 > Classic Load Balancer > CMDB
• AWS > EC2 > Classic Load Balancer > Configured
• AWS > EC2 > Classic Load Balancer > Configured > Claim Precedence
• AWS > EC2 > Classic Load Balancer > Configured > Source
• AWS > EC2 > Classic Load Balancer > Regions
• AWS > EC2 > Classic Load Balancer > Tags
• AWS > EC2 > Classic Load Balancer > Tags > Template
• AWS > EC2 > Classic Load Balancer > Usage
• AWS > EC2 > Classic Load Balancer > Usage > Limit
• AWS > EC2 > Classic Load Balancer Listener > Active
• AWS > EC2 > Classic Load Balancer Listener > Active > Age
• AWS > EC2 > Classic Load Balancer Listener > Active > Last Modified
• AWS > EC2 > Classic Load Balancer Listener > Approved
• AWS > EC2 > Classic Load Balancer Listener > Approved > Custom
• AWS > EC2 > Classic Load Balancer Listener > Approved > Instance Protocols
• AWS > EC2 > Classic Load Balancer Listener > Approved > Ports
• AWS > EC2 > Classic Load Balancer Listener > Approved > Protocols
• AWS > EC2 > Classic Load Balancer Listener > Approved > Regions
• AWS > EC2 > Classic Load Balancer Listener > Approved > Usage
• AWS > EC2 > Classic Load Balancer Listener > CMDB
• AWS > EC2 > Classic Load Balancer Listener > Regions
• AWS > EC2 > Classic Load Balancer Listener > SSL Policy
• AWS > EC2 > Classic Load Balancer Listener > SSL Policy > Allowed
• AWS > EC2 > Classic Load Balancer Listener > SSL Policy > Default
• AWS > EC2 > Classic Load Balancer Listener > Usage
• AWS > EC2 > Classic Load Balancer Listener > Usage > Limit
• AWS > EC2 > Enabled
• AWS > EC2 > Gateway Load Balancer > Active
• AWS > EC2 > Gateway Load Balancer > Active > Age
• AWS > EC2 > Gateway Load Balancer > Active > Budget
• AWS > EC2 > Gateway Load Balancer > Active > Last Modified
• AWS > EC2 > Gateway Load Balancer > Approved
• AWS > EC2 > Gateway Load Balancer > Approved > Budget
• AWS > EC2 > Gateway Load Balancer > Approved > Custom
• AWS > EC2 > Gateway Load Balancer > Approved > Regions
• AWS > EC2 > Gateway Load Balancer > Approved > Usage
• AWS > EC2 > Gateway Load Balancer > CMDB
• AWS > EC2 > Gateway Load Balancer > Regions
• AWS > EC2 > Gateway Load Balancer > Tags
• AWS > EC2 > Gateway Load Balancer > Tags > Template
• AWS > EC2 > Gateway Load Balancer > Usage
• AWS > EC2 > Gateway Load Balancer > Usage > Limit
• AWS > EC2 > Instance > Active
• AWS > EC2 > Instance > Active > Age
• AWS > EC2 > Instance > Active > Budget
• AWS > EC2 > Instance > Active > Last Modified
• AWS > EC2 > Instance > Approved
• AWS > EC2 > Instance > Approved > Budget
• AWS > EC2 > Instance > Approved > Custom
• AWS > EC2 > Instance > Approved > Image
• AWS > EC2 > Instance > Approved > Image > AMI IDs
• AWS > EC2 > Instance > Approved > Image > Publishers
• AWS > EC2 > Instance > Approved > Instance Types
• AWS > EC2 > Instance > Approved > Public IP
• AWS > EC2 > Instance > Approved > Regions
• AWS > EC2 > Instance > Approved > Root Volume Encryption at Rest
• AWS > EC2 > Instance > Approved > Root Volume Encryption at Rest > Customer Managed Key
• AWS > EC2 > Instance > Approved > Usage
• AWS > EC2 > Instance > CMDB
• AWS > EC2 > Instance > CMDB > Attributes
• AWS > EC2 > Instance > Configured
• AWS > EC2 > Instance > Configured > Claim Precedence
• AWS > EC2 > Instance > Configured > Source
• AWS > EC2 > Instance > Default Platform
• AWS > EC2 > Instance > Detailed Monitoring
• AWS > EC2 > Instance > Instance Profile
• AWS > EC2 > Instance > Instance Profile > Name
• AWS > EC2 > Instance > Metadata Service
• AWS > EC2 > Instance > Metadata Service > HTTP Token Hop Limit
• AWS > EC2 > Instance > Regions
• AWS > EC2 > Instance > Schedule
• AWS > EC2 > Instance > Schedule Tag
• AWS > EC2 > Instance > Schedule Tag > Name
• AWS > EC2 > Instance > Tags
• AWS > EC2 > Instance > Tags > Inventory Collection
• AWS > EC2 > Instance > Tags > Template
• AWS > EC2 > Instance > Termination Protection
• AWS > EC2 > Instance > Usage
• AWS > EC2 > Instance > Usage > Limit
• AWS > EC2 > Key Pair > Active
• AWS > EC2 > Key Pair > Active > Age
• AWS > EC2 > Key Pair > Active > Budget
• AWS > EC2 > Key Pair > Active > Last Modified
• AWS > EC2 > Key Pair > Approved
• AWS > EC2 > Key Pair > Approved > Budget
• AWS > EC2 > Key Pair > Approved > Custom
• AWS > EC2 > Key Pair > Approved > Regions
• AWS > EC2 > Key Pair > Approved > Usage
• AWS > EC2 > Key Pair > CMDB
• AWS > EC2 > Key Pair > Regions
• AWS > EC2 > Key Pair > Tags
• AWS > EC2 > Key Pair > Tags > Template
• AWS > EC2 > Key Pair > Usage
• AWS > EC2 > Key Pair > Usage > Limit
• AWS > EC2 > Launch Configuration > Active
• AWS > EC2 > Launch Configuration > Active > Age
• AWS > EC2 > Launch Configuration > Active > Last Modified
• AWS > EC2 > Launch Configuration > Approved
• AWS > EC2 > Launch Configuration > Approved > Custom
• AWS > EC2 > Launch Configuration > Approved > Regions
• AWS > EC2 > Launch Configuration > Approved > Usage
• AWS > EC2 > Launch Configuration > CMDB
• AWS > EC2 > Launch Configuration > Regions
• AWS > EC2 > Launch Configuration > Usage
• AWS > EC2 > Launch Configuration > Usage > Limit
• AWS > EC2 > Launch Template > Active
• AWS > EC2 > Launch Template > Active > Age
• AWS > EC2 > Launch Template > Active > Last Modified
• AWS > EC2 > Launch Template > Approved
• AWS > EC2 > Launch Template > Approved > Custom
• AWS > EC2 > Launch Template > Approved > Regions
• AWS > EC2 > Launch Template > Approved > Usage
• AWS > EC2 > Launch Template > CMDB
• AWS > EC2 > Launch Template > Regions
• AWS > EC2 > Launch Template > Tags
• AWS > EC2 > Launch Template > Tags > Template
• AWS > EC2 > Launch Template > Usage
• AWS > EC2 > Launch Template > Usage > Limit
• AWS > EC2 > Launch Template Version > Active
• AWS > EC2 > Launch Template Version > Active > Age
• AWS > EC2 > Launch Template Version > Active > Last Modified
• AWS > EC2 > Launch Template Version > Approved
• AWS > EC2 > Launch Template Version > Approved > Custom
• AWS > EC2 > Launch Template Version > Approved > Regions
• AWS > EC2 > Launch Template Version > Approved > Usage
• AWS > EC2 > Launch Template Version > CMDB
• AWS > EC2 > Launch Template Version > Regions
• AWS > EC2 > Launch Template Version > Usage
• AWS > EC2 > Launch Template Version > Usage > Limit
• AWS > EC2 > Listener Rule > Active
• AWS > EC2 > Listener Rule > Active > Age
• AWS > EC2 > Listener Rule > Active > Budget
• AWS > EC2 > Listener Rule > Active > Last Modified
• AWS > EC2 > Listener Rule > Approved
• AWS > EC2 > Listener Rule > Approved > Budget
• AWS > EC2 > Listener Rule > Approved > Custom
• AWS > EC2 > Listener Rule > Approved > Regions
• AWS > EC2 > Listener Rule > Approved > Usage
• AWS > EC2 > Listener Rule > CMDB
• AWS > EC2 > Listener Rule > Configured
• AWS > EC2 > Listener Rule > Configured > Claim Precedence
• AWS > EC2 > Listener Rule > Configured > Source
• AWS > EC2 > Listener Rule > Regions
• AWS > EC2 > Listener Rule > Usage
• AWS > EC2 > Listener Rule > Usage > Limit
• AWS > EC2 > Load Balancer Listener > Active
• AWS > EC2 > Load Balancer Listener > Active > Age
• AWS > EC2 > Load Balancer Listener > Active > Last Modified
• AWS > EC2 > Load Balancer Listener > Approved
• AWS > EC2 > Load Balancer Listener > Approved > Custom
• AWS > EC2 > Load Balancer Listener > Approved > Ports
• AWS > EC2 > Load Balancer Listener > Approved > Protocols
• AWS > EC2 > Load Balancer Listener > Approved > Regions
• AWS > EC2 > Load Balancer Listener > Approved > Usage
• AWS > EC2 > Load Balancer Listener > CMDB
• AWS > EC2 > Load Balancer Listener > Configured
• AWS > EC2 > Load Balancer Listener > Configured > Claim Precedence
• AWS > EC2 > Load Balancer Listener > Configured > Source
• AWS > EC2 > Load Balancer Listener > Regions
• AWS > EC2 > Load Balancer Listener > SSL Policy
• AWS > EC2 > Load Balancer Listener > SSL Policy > Allowed
• AWS > EC2 > Load Balancer Listener > SSL Policy > Default
• AWS > EC2 > Load Balancer Listener > Usage
• AWS > EC2 > Load Balancer Listener > Usage > Limit
• AWS > EC2 > Network Interface > Active
• AWS > EC2 > Network Interface > Active > Age
• AWS > EC2 > Network Interface > Active > Attached
• AWS > EC2 > Network Interface > Active > Last Modified
• AWS > EC2 > Network Interface > Approved
• AWS > EC2 > Network Interface > Approved > Custom
• AWS > EC2 > Network Interface > Approved > Regions
• AWS > EC2 > Network Interface > Approved > Usage
• AWS > EC2 > Network Interface > CMDB
• AWS > EC2 > Network Interface > Configured
• AWS > EC2 > Network Interface > Configured > Claim Precedence
• AWS > EC2 > Network Interface > Configured > Source
• AWS > EC2 > Network Interface > Regions
• AWS > EC2 > Network Interface > Tags
• AWS > EC2 > Network Interface > Tags > Template
• AWS > EC2 > Network Interface > Usage
• AWS > EC2 > Network Interface > Usage > Limit
• AWS > EC2 > Network Load Balancer > Access Logging
• AWS > EC2 > Network Load Balancer > Access Logging > Bucket
• AWS > EC2 > Network Load Balancer > Access Logging > Key Prefix
• AWS > EC2 > Network Load Balancer > Active
• AWS > EC2 > Network Load Balancer > Active > Age
• AWS > EC2 > Network Load Balancer > Active > Budget
• AWS > EC2 > Network Load Balancer > Active > Last Modified
• AWS > EC2 > Network Load Balancer > Approved
• AWS > EC2 > Network Load Balancer > Approved > Budget
• AWS > EC2 > Network Load Balancer > Approved > Custom
• AWS > EC2 > Network Load Balancer > Approved > Regions
• AWS > EC2 > Network Load Balancer > Approved > Usage
• AWS > EC2 > Network Load Balancer > CMDB
• AWS > EC2 > Network Load Balancer > Configured
• AWS > EC2 > Network Load Balancer > Configured > Claim Precedence
• AWS > EC2 > Network Load Balancer > Configured > Source
• AWS > EC2 > Network Load Balancer > Regions
• AWS > EC2 > Network Load Balancer > Tags
• AWS > EC2 > Network Load Balancer > Tags > Template
• AWS > EC2 > Network Load Balancer > Usage
• AWS > EC2 > Network Load Balancer > Usage > Limit
• AWS > EC2 > Permissions
• AWS > EC2 > Permissions > Levels
• AWS > EC2 > Permissions > Levels > Ami Publishing Administration
• AWS > EC2 > Permissions > Levels > Auto Scaling Administration
• AWS > EC2 > Permissions > Levels > Local Amis Administration
• AWS > EC2 > Permissions > Levels > Marketplace Subscription Administration
• AWS > EC2 > Permissions > Levels > Modifiers
• AWS > EC2 > Permissions > Lockdown
• AWS > EC2 > Permissions > Lockdown > API Boundary
• AWS > EC2 > Permissions > Lockdown > Instance
• AWS > EC2 > Permissions > Lockdown > Instance > Image
• AWS > EC2 > Permissions > Lockdown > Instance > Image > AMI IDs
• AWS > EC2 > Permissions > Lockdown > Instance > Image > Publishers
• AWS > EC2 > Permissions > Lockdown > Instance Types
• AWS > EC2 > Permissions > Lockdown > Volume Types
• AWS > EC2 > Regions
• AWS > EC2 > Snapshot > Active
• AWS > EC2 > Snapshot > Active > Age
• AWS > EC2 > Snapshot > Active > Budget
• AWS > EC2 > Snapshot > Active > Last Modified
• AWS > EC2 > Snapshot > Approved
• AWS > EC2 > Snapshot > Approved > Budget
• AWS > EC2 > Snapshot > Approved > Custom
• AWS > EC2 > Snapshot > Approved > Encryption at Rest
• AWS > EC2 > Snapshot > Approved > Encryption at Rest > Customer Managed Key
• AWS > EC2 > Snapshot > Approved > Regions
• AWS > EC2 > Snapshot > Approved > Usage
• AWS > EC2 > Snapshot > CMDB
• AWS > EC2 > Snapshot > Configured
• AWS > EC2 > Snapshot > Configured > Claim Precedence
• AWS > EC2 > Snapshot > Configured > Source
• AWS > EC2 > Snapshot > Regions
• AWS > EC2 > Snapshot > Tags
• AWS > EC2 > Snapshot > Tags > Template
• AWS > EC2 > Snapshot > Trusted Access
• AWS > EC2 > Snapshot > Trusted Access > Accounts
• AWS > EC2 > Snapshot > Usage
• AWS > EC2 > Snapshot > Usage > Limit
• AWS > EC2 > Tags Template [Default]
• AWS > EC2 > Target Group > Active
• AWS > EC2 > Target Group > Active > Age
• AWS > EC2 > Target Group > Active > Last Modified
• AWS > EC2 > Target Group > Approved
• AWS > EC2 > Target Group > Approved > Custom
• AWS > EC2 > Target Group > Approved > Regions
• AWS > EC2 > Target Group > Approved > Usage
• AWS > EC2 > Target Group > CMDB
• AWS > EC2 > Target Group > Configured
• AWS > EC2 > Target Group > Configured > Claim Precedence
• AWS > EC2 > Target Group > Configured > Source
• AWS > EC2 > Target Group > Regions
• AWS > EC2 > Target Group > Tags
• AWS > EC2 > Target Group > Tags > Template
• AWS > EC2 > Target Group > Usage
• AWS > EC2 > Target Group > Usage > Limit
• AWS > EC2 > Trusted Accounts [Default]
• AWS > EC2 > Volume > Active
• AWS > EC2 > Volume > Active > Age
• AWS > EC2 > Volume > Active > Attached
• AWS > EC2 > Volume > Active > Budget
• AWS > EC2 > Volume > Active > Last Modified
• AWS > EC2 > Volume > Approved
• AWS > EC2 > Volume > Approved > Budget
• AWS > EC2 > Volume > Approved > Custom
• AWS > EC2 > Volume > Approved > Encryption at Rest
• AWS > EC2 > Volume > Approved > Encryption at Rest > Customer Managed Key
• AWS > EC2 > Volume > Approved > Regions
• AWS > EC2 > Volume > Approved > Usage
• AWS > EC2 > Volume > Approved > Volume Types
• AWS > EC2 > Volume > CMDB
• AWS > EC2 > Volume > CMDB > Attributes
• AWS > EC2 > Volume > Configured
• AWS > EC2 > Volume > Configured > Claim Precedence
• AWS > EC2 > Volume > Configured > Source
• AWS > EC2 > Volume > Performance Configuration
• AWS > EC2 > Volume > Performance Configuration > IOPS Capacity
• AWS > EC2 > Volume > Performance Configuration > Throughput
• AWS > EC2 > Volume > Performance Configuration > Type
• AWS > EC2 > Volume > Regions
• AWS > EC2 > Volume > Tags
• AWS > EC2 > Volume > Tags > Template
• AWS > EC2 > Volume > Usage
• AWS > EC2 > Volume > Usage > Limit
• AWS > Turbot > Event Handlers > Events > Rules > Custom Event Patterns > @turbot/aws-ec2
• AWS > Turbot > Permissions > Compiled > API Boundary > @turbot/aws-ec2
• AWS > Turbot > Permissions > Compiled > Levels > @turbot/aws-ec2
• AWS > Turbot > Permissions > Compiled > Lockdown Statements > @turbot/aws-ec2
• AWS > Turbot > Permissions > Compiled > Service Permissions > @turbot/aws-ec2

Policy Packs

• AWS CIS v3.0.0 - Section 1 - Identity and Access Management
• AWS CIS v3.0.0 - Section 2 - Storage
• AWS CIS v3.0.0 - Section 5 - Networking
• Deny AWS EC2 Instances with Unapproved AMIs or Publisher Accounts
• Enforce AWS Application Load Balancers Are Internal
• Enforce AWS EBS Volumes Are Attached to EC2 Instances
• Enforce AWS EBS Volumes Are Not Older Than 90 Days
• Enforce AWS EBS Volumes Use Specific Volume Types
• Enforce AWS EC2 AMIs Are Shared With Trusted Accounts
• Enforce AWS EC2 Instances Are Not Older Than 90 Days
• Enforce AWS EC2 Instances Do Not Have Internet Access via Subnets
• Enforce AWS EC2 Instances Use AMIs With Approved Tags
• Enforce AWS EC2 Instances Use Approved AMIs and Publisher Accounts
• Enforce AWS EC2 Instances Use Approved Instance Types
• Enforce AWS EC2 Snapshots Are Not Older Than 60 Days
• Enforce AWS EC2 Snapshots Are Shared With Trusted Accounts
• Enforce Default Encryption Is Enabled for New AWS EBS Volumes
• Enforce Encryption at Rest Is Enabled for AWS EBS Volumes
• Enforce IMDSv2 for AWS EC2 Instances
• Enforce Tags on AMIs if They Are Older Than 14 Days
• Enforce Termination Protection Is Enabled for AWS EC2 Instances
• Enforce TLS 1.2 SSL Policy for AWS EC2 Classic Load Balancer Listeners