Policy: AWS > EC2 > Instance > Approved > Custom

Determine whether the AWS EC2 instance is allowed to exist. This policy will be evaluated by the Approved control. If an AWS EC2 instance is not approved, it will be subject to the action specified in the AWS > EC2 > Instance > Approved policy. See Approved for more information.

Note: The policy value must be a string with a value of Approved, Not approved or Skip, or in the form of YAML objects. The object(s) must contain the key result with its value as Approved or Not approved. A custom title and message can also be added using the keys title and message respectively.

Resource Types

This policy targets the following resource types:

AWS > EC2 > Instance

Primary Policy

This policy is used with the following primary policy:

AWS > EC2 > Instance > Approved

Controls

AWS > EC2 > Instance > Approved

Policy Packs

This policy setting is used by the following policy packs:

Policy Specification

Default	`Skip`
Examples [YAML]	`Approved` `result: Approved` `title: InstanceState result: Approved` `title: InstanceState message: InstanceState is available result: Approved` `title: InstanceType message: InstanceType is not t3.nano result: Not approved` `- title: InstancePlatformDetails message: Instance Platform is Linux/UNIX result: Approved - title: InstanceEbsOptimized message: InstanceEbsOptimized is not true result: Not approved`

Default

Skip

Examples [YAML]

Approved

result: Approved

title: InstanceState
result: Approved

title: InstanceState
message: InstanceState is available
result: Approved

title: InstanceType
message: InstanceType is not t3.nano
result: Not approved

- title: InstancePlatformDetails
  message: Instance Platform is Linux/UNIX
  result: Approved
- title: InstanceEbsOptimized
  message: InstanceEbsOptimized is not true
  result: Not approved

In Your Workspace

Policy Settings by Type report

Developers

Category URI

tmod:@turbot/turbot#/control/categories/resourceApproved

Policy Type URI

tmod:@turbot/aws-ec2#/policy/types/instanceApprovedCustom

GraphQL

query policyType(id: "tmod:@turbot/aws-ec2#/policy/types/instanceApprovedCustom") { … }

query policySettings(filter: "policyTypeId:'tmod:@turbot/aws-ec2#/policy/types/instanceApprovedCustom'") { … }

query policyValues(filter: "policyTypeId:'tmod:@turbot/aws-ec2#/policy/types/instanceApprovedCustom'") { … }

CLI

Get Policy Type

turbot graphql policy-type --id "tmod:@turbot/aws-ec2#/policy/types/instanceApprovedCustom"

Get Policy Settings

turbot graphql policy-settings --filter "policyTypeId:tmod:@turbot/aws-ec2#/policy/types/instanceApprovedCustom"