Policy Packs
Deny AWS EC2 Instances with Unapproved AMIs or Publisher Accounts

Policy Setting: AWS > EC2 > Permissions > Lockdown > Instance > Image

Policies

This policy setting is dependent on the following policy types:

Source

resource "turbot_policy_setting" "aws_ec2_permissions_lockdown_instance_image" {
resource = turbot_policy_pack.main.id
type = "tmod:@turbot/aws-ec2#/policy/types/ec2PermissionsLockdownInstanceImage"
value = "Lockdown Disabled"
# value = "Lockdown Enabled: Allow Image > AMI IDs only"
# value = "Lockdown Enabled: Allow Image > Publishers only"
# value = "Lockdown Enabled: Allow Image > AMI IDs or Image > Publishers"
# value = "Lockdown Enabled: Allow Image > AMI IDs from Image > Publishers"
}